• 0 Posts
  • 23 Comments
Joined 1 year ago
cake
Cake day: August 24th, 2023

help-circle




  • Additionally, is a self hosted server only accessible inside my home? What about accessing the services outside, like Bitwarden or Nextcloud apps that require syncing and availability of data wherever I am? If it is useless outside, there would be no point for me personally to self host in the first place since I am perfectly fine with using cloud services for now and the convenience that comes with it. Plus, no one else in my family cares about self hosting and I don’t wish to spend the effort to convince them to in vain, so setting up a server for convenience of everyone at home is also out of the question.

    It is only accessible from your local network (if it is there in the first place, you can always selfhost on rented virtual private server), until you make it accessible. There a different ways to achieve that:

    • Wireguard tunnel
    • cloudflare tunnel
    • (reverse) ssh tunnel
    • dynDNS
    • opening ports on your router

    Which is the way for you depends on the circumstances, how your ISP connects you to the internet mainly


  • I use reverse ssh tunnels, technically running on my home server. For each service i want to expose on the internet, i have a systemd-unit which handles a said reverse tunnel to the vps. Basically, the port running the service locally gets tunneled to a port on the vps, that happens via ssh, so reasonably secure (login as root disabled, login with password disabled, with a special user with little to no rights running the systemd service locally and remotely to log in via ssh). On the remote vps, there is a reverse proxy running, nginx, which works like the service would be running on the remote vps, really. There are some services actually running there, a mail server for example. The config files aren’t really different, everything nginx handles gets passed to a localhost port. A nginx instance is also running on the local home server to serve all the local services and the global ones locally, and the dns on my main router resolves the adresses of the global services to the local ones. SSL-Certificates are acquired by the remote vps and copied to the local home server, so that the end users don’t have any difference in their ux regardless if they are in the local network or somewhere outside.

    Edit: I mostly use this approach because my ISP uses dualStack lite and I could not access anything local from outside with any other technique. But I like it, it is really basic.









  • Create a dir in a place you like

    mkdir (If it is in a dir where you have no write access, you need to sudo or doas)

    Unmount the automounted /dev/sda1

    umount /dev/sda1

    Then mount sda1 to the newly created dir

    mount /dev/sda1

    Then you can use genfstab to create a fstab entry. (You maybe need to sudo pacman -S arch-install-scripts)

    genfstab /

    This will write a fstab file to stdout (the terminal). Look for the line with , copy it and sudo open the /etc/fstab file with your prefered editor. Add the line at tge bottom and add the flags rw,user,noauto to the entry.

    This way you have to manually mount sda1 every time you boot with mount /dev/sda1

    You can add that to your .bashrc or equivalent. (If you don’t plan to remove the disk, you can skip the noauto and the drive will be loaded automatically, but if it is unplugged your system won’t boot normally). Maybe there is a better way, but this way works for me good enough.