this post was submitted on 25 Feb 2025
96 points (93.6% liked)

Selfhosted

42972 readers
462 users here now

A place to share alternatives to popular online services that can be self-hosted without giving up privacy or locking you into a service you don't control.

Rules:

  1. Be civil: we're here to support and learn from one another. Insults won't be tolerated. Flame wars are frowned upon.

  2. No spam posting.

  3. Posts have to be centered around self-hosting. There are other communities for discussing hardware or home computing. If it's not obvious why your post topic revolves around selfhosting, please include details to make it clear.

  4. Don't duplicate the full text of your blog or github here. Just post the link for folks to click.

  5. Submission headline should match the article title (don’t cherry-pick information from the title to fit your agenda).

  6. No trolling.

Resources:

Any issues on the community? Report it using the report flag.

Questions? DM the mods!

founded 2 years ago
MODERATORS
ruud@lemmy.world
Loki@lemmy.world
CannaVet@lemmy.world
devve@lemmy.world
HybridSarcasm@lemmy.world
HybridSarcasm@lemmy.hybridsarcasm.xyz
96
which softwares can I self host without public IP? (lemmy.ca)
submitted 3 days ago by kionite231@lemmy.ca to c/selfhosted@lemmy.world
73 comments fedilink hide all child comments
 

Greetings,

my current ISP refuses to provide me a static IP and they also blocks incoming connection to my ipv6 so I can't host services on just ipv6 too. I will be changing my ISP when the plan expires.

without public IP I can host my own IRC bouncer but I would like to know what else can I self host? Thanks in advance!

top 50 comments
sorted by: hot top controversial new old
[–] Presi300@lemmy.world 10 points 1 day ago (1 children)

nearly everything, you don't need a static ip to selfhost, look up DDNS :>

[–] possiblylinux127@lemmy.zip 2 points 1 day ago (2 children)

You also could just do lan

[–] mr_jaaay@lemmy.ml 1 points 1 day ago

You could, but for many of us, the point of having access to our services is to have access from anywhere :-)

[–] sugar_in_your_tea@sh.itjust.works 1 points 1 day ago

Yup, everything in my setup is primarily used in my house. The only reason anything is publicly accessible is so I can show it off occasionally.

[–] Petter1@lemm.ee 11 points 2 days ago

You can self host anything like this, all you need is buying a domain and set something up like DynDNS which updates the entry of the domain with your new IPv4 as soon as it changes.

I would recommend to not open your services to public, but set up a wireguard (or other VPN) endpoint in your home, which you then use to access all your services.

I think, an alternative to that would be some servicees from tailscale or cloudflare, I suppose

[–] just_another_person@lemmy.world 61 points 3 days ago (1 children)

Anything. You don't need any services to be public unless you choose for them to be.

[–] kionite231@lemmy.ca 9 points 3 days ago (4 children)

actually I was thinking about hosting my own fediverse service to own my data but I can't do that without a static public IP and domain name.

[–] rtxn@lemmy.world 36 points 3 days ago* (last edited 3 days ago) (2 children)

As long as you're not behind CGNAT, you can use a dynamic DNS provider (like duckdns.org) and its web API to keep a record pointed at your IP. If you're behind CGNAT, Tailscale also has a service (Tailscale Funnel) that can expose an internal service to the internet.

You could also pay for a small VPS with a static IP, and set up a Wireguard tunnel to your home server and an HTTPS proxy to forward traffic through the tunnel.

Also, just in general, use Tailscale. It's serious black magic fuckery on the firewall.

[–] kionite231@lemmy.ca 6 points 3 days ago (1 children)

Yeah I am behind CGNAT so I guess I have to use either Tailscale or wireguard as other users also suggested.

Thank you for the reply!

[–] ChilledPeppers@lemmy.world 2 points 1 day ago

Just to chip in, cloudflare tunnels are a thing and also transverse CGNAT. Or you could use LocalXPosed, and other sevices like that.

load more comments (1 replies)
[–] superglue@lemmy.dbzer0.com 2 points 2 days ago

You actually want a cloudfare tunnel if youre going to do that. It protects your real IP. Hosting a fediverse instance will draw attention to your real IP eventually otherwise.

load more comments (2 replies)
[–] MangoPenguin@lemmy.blahaj.zone 28 points 3 days ago

Basically everything. Self hosting doesn't rely on public access.

[–] Voroxpete@sh.itjust.works 12 points 2 days ago

I just use a DDNS updater. That's honestly good enough for most purposes.

Alternatively, you could use a service like Zerotier, Tailscale or Netbird to create a virtual private LAN connection to a free Oracle VPS, then route the traffic from the VPN to your home network.

[–] ikidd@lemmy.world 15 points 3 days ago* (last edited 3 days ago)

Put everything behind Tailscale or another VPN and use it that way from outside devices. There should be very little need to have a public IP, and if there's something that has to be exposed, use ngrok, cloudflared or Tailscale Funnel.

[–] StaticFlow@feddit.uk 21 points 3 days ago

Self host all your stuff and use tailscale if you just want to provide private services to yourself

[–] Shimitar@downonthestreet.eu 14 points 3 days ago (3 children)

Rent a VPN, setup a wire guard tunnel and fuck your ISP!

Anyway having a real public IP on a residential block is basically impossible anywhere but in the USA, I guess.

[–] sugar_in_your_tea@sh.itjust.works 2 points 1 day ago

CGNAT blows, but easy to workaround w/ a $5/mo VPS.

[–] Darkassassin07@lemmy.ca 3 points 3 days ago

Public IPV4 here. It's not static, but very rarely rotates. DDNS ftw.

Telus Residential in Canada.

[–] aeternum@lemmy.blahaj.zone 1 points 2 days ago (1 children)

Straya. I have a static ip. Costs like 5$ a month

[–] Shimitar@downonthestreet.eu 1 points 2 days ago (1 children)

North America?

[–] aeternum@lemmy.blahaj.zone 3 points 2 days ago (1 children)

straya = australia

[–] Tangent5280@lemmy.world 3 points 2 days ago (1 children)

Thanks, I was thinking of the fitness app

[–] aeternum@lemmy.blahaj.zone 3 points 1 day ago (1 children)

That’s strava

[–] Tangent5280@lemmy.world 2 points 1 day ago

Ah, yes. That's the one.

[–] billwashere@lemmy.world 12 points 3 days ago

Tailscale or Cloudflare will solve your problems.

[–] _cryptagion@lemmy.dbzer0.com 11 points 3 days ago (1 children)

Literally anything you want. You don’t need a static IP, any dynamic IP with a software updater will work. For example, I have some public sites proxied through Cloudflare, and I use the DDNS updater for Docker that keeps my DNS correct.

[–] Shimitar@downonthestreet.eu 3 points 3 days ago (3 children)

The ISP is blocking his ports too, it seems.

load more comments (3 replies)
[–] fiddlesticks@lemmy.dbzer0.com 12 points 3 days ago (1 children)

As someone in a similar situation I'd recommend using a free tier oracle vps with a wireguard tunnel to connect to you services. Effectively just using the vps as a proxy for your own network. Here's a guide that should work for your purposes https://github.com/mochman/Bypass_CGNAT

[–] aeternum@lemmy.blahaj.zone 1 points 2 days ago

Oracle deletes servers with no warning and for no reason. I wouldn’t use them

[–] SexualPolytope@lemmy.sdf.org 11 points 3 days ago* (last edited 3 days ago) (1 children)

The best way would be to use a VPS to proxy your traffic to you. You can achieve this for pretty cheap, just set up an wireguard tunnel to a cheap VPS. That's exactly how I access all my services from outside my home. As long as the VPS has a publicly accessible IP (most of them do), you being behind CGNAT should not be an issue.

[–] kernelle@0d.gs 3 points 3 days ago

This is the way OP

[–] qaz@lemmy.world 10 points 3 days ago* (last edited 3 days ago) (1 children)

You can use Tailscale, you can access your personal services with it but also expose public services with their Funnels system.

Keep in mind that while the clients are open source, their servers are running proprietary software.

[–] lorentz@feddit.it 7 points 3 days ago

I started using headscale (the opensource reimplementation of tailscale server) on a private vps. It is incredibly better compared to plain wireguard. I regret waiting so much before switching.

Something that really made my life easier: wireguard is poor at roaming: switching to and from my wifi created issues because the server wasn't reachable anymore from its public ip and wireguard didn't bother to query the DNS again to check the new IP. Also, configuration is dead simple because it takes care of iptables for you (especially good when you enables forwarding to a node).

Since the server just sends small messages for the control plane and all the traffic is p2p between the devices, the smallest vps with the smaller connectivity is more than enough to handle it.

[–] hendrik@palaver.p3x.de 11 points 3 days ago* (last edited 3 days ago)

I mean you can host anything. It's just not reachable from the outside. And Fediverse or anything that gets data pushed in, won't work. The common method to handle all of this is to use some tunnelling solution.

[–] irotsoma@lemmy.blahaj.zone 4 points 2 days ago* (last edited 2 days ago)

Use VPN or DDNS connected to your domain registrar. Of course DDNS might not update immediately, especially if your domain host is not the same as your DNS provider, so you might have outages for short periods when your IP changes. So, depends on if you're OK with that or what kind of connection you have and whether it changes your IP a lot.

Also, might be able to get an IPv6 address for free depending on your ISP or at least you can set up your router to request that your address block is retained for you. I know Comcast does this. Unfortunately, my ISP does not.

[–] sirico@feddit.uk 10 points 3 days ago (1 children)

If this is just for personal use, I'd see if you can put their router in modem mode and go get a better router, then I'd just use tail-scale or WireGuard.

[–] kionite231@lemmy.ca 4 points 3 days ago (1 children)

tailscale is looking good I might try that

load more comments (1 replies)
[–] Xanza@lemm.ee 9 points 3 days ago (4 children)

my current ISP refuses to provide me a static IP

So then use dynamic dns? HurricaneElectric offers DynDNS now and it's great. You can update it right over curl if you want. I have it mapped to a cli function;

~\downloads
❯ ddns
HTTP/1.1 200 OK
Cache-Control: no-cache, must-revalidate
Content-Length: 18
Content-Type: text/html
Date: Tue, 25 Feb 2025 09:24:18 GMT
Email: DNS Administrator <dnsadmin@he.net>
Expires: Wed, 25 Feb 2026 09:24:18 GMT
Server: dns.he.net v0.0.1

nochg {ip}
load more comments (4 replies)
[–] bdonvr@thelemmy.club 6 points 3 days ago

I just have a script that checks my IP every few minutes and changes the DNS record as necessary

[–] Greg@lemmy.ca 6 points 3 days ago (2 children)

Use Cloudflare's free tier tunnel

load more comments (2 replies)
[–] sugar_in_your_tea@sh.itjust.works 2 points 2 days ago* (last edited 2 days ago)

I use a cheap VPS and connect all my relevant devices to it via a VPN (aldo self hosted w/ wireguard). It's $5/month and does the job.

[–] webghost0101@sopuli.xyz 4 points 3 days ago* (last edited 3 days ago) (3 children)

I believe duckdns has a tool that checks your public ip on a schedule to update your subdomain. (Which they provide for free last I checked)

load more comments (3 replies)
[–] Evotech@lemmy.world 2 points 2 days ago

Anything

I use cloudflare / cloudflared agent to provide features hosted locally

[–] nitrolife@rekabu.ru 3 points 3 days ago* (last edited 3 days ago) (1 children)

Look:

  1. you can buy any VPS server or use free VM in Amazon cloud
  2. then connect your home PC to this VPS with VPN tunnel After that you have public IP address (on VPS) linked with you home server.
  3. configure VPS for pass through incoming ports to you home server After that you can host anything for anyone in v4 or v6 internet.
load more comments (1 replies)
load more comments
view more: next ›