this post was submitted on 06 Dec 2025
66 points (97.1% liked)

Selfhosted

53539 readers
550 users here now

A place to share alternatives to popular online services that can be self-hosted without giving up privacy or locking you into a service you don't control.

Rules:

  1. Be civil: we're here to support and learn from one another. Insults won't be tolerated. Flame wars are frowned upon.

  2. No spam posting.

  3. Posts have to be centered around self-hosting. There are other communities for discussing hardware or home computing. If it's not obvious why your post topic revolves around selfhosting, please include details to make it clear.

  4. Don't duplicate the full text of your blog or github here. Just post the link for folks to click.

  5. Submission headline should match the article title (don’t cherry-pick information from the title to fit your agenda).

  6. No trolling.

  7. No low-effort posts. This is subjective and will largely be determined by the community member reports.

Resources:

Any issues on the community? Report it using the report flag.

Questions? DM the mods!

founded 2 years ago
MODERATORS
ruud@lemmy.world
Loki@lemmy.world
CannaVet@lemmy.world
devve@lemmy.world
HybridSarcasm@lemmy.world
HybridSarcasm@lemmy.hybridsarcasm.xyz
66
Solutions for remote access? (lemmy.dbzer0.com)
submitted 3 days ago* (last edited 2 days ago) by Ganbat@lemmy.dbzer0.com to c/selfhosted@lemmy.world
28 comments fedilink hide all child comments
 

I've been setting up a music server on my home server recently, looking to move away from private hosting options like iBroadcast, but I've hit a bit of a snag when it comes to actually accessing my server when away from home.

The two most common recommendations I've seen are Cloudflare and OpenVPN. My router supports OVPN access, so I gave that a try, but couldn't ever actually make it work. I don't know for sure, but I think it's probably something with my ISP that I can't really easily work around. As far as Cloudflare goes, setting up a tunnel requires you to have a domain set up with them even if you're just using Warp, and since I don't have one, that's not an option.

What other good options are there for remote access? I'm running Open Media Vault as my server. Thanks.

Edit: Based on responses, it looks like Tailscale is the way to go since it's all private to me. Thanks everyone!

you are viewing a single comment's thread
view the rest of the comments
[–] e8d79@discuss.tchncs.de 20 points 2 days ago (1 children)

I use a wireguard tunnel that connects to a cheap VPS and then configured a caddy reverse proxy on that VPS that makes my services available on the internet.

[–] Krtek@feddit.org 1 points 1 day ago (2 children)

Question, do you also use the same domains for the local network as the remote connections? And if yes, are you just accepting the round trip to the VPS or do you have a shortcut to stay in the local network? Because, while I have an otherwise identical setup, I put caddy on the local server, so that I can eventually use local DNS to point to the local address

[–] e8d79@discuss.tchncs.de 3 points 1 day ago

No, I use a second reverse proxy for my local network. For example, I can resolve navidrome either via my VPS using navidrome.mydomain.net or directly in my local network with the address navidrome.local.mydomain.net. I also configured the local caddy reverse proxy with a DNS provider module to get LetsEncrypt certificates for my local addresses.

[–] 123@programming.dev 2 points 14 hours ago* (last edited 14 hours ago)

There's something called NAT reflection that does a local lookup if the request originated in the internal network and avoids going via the external route. Some software for routers like ONPSense and/or PFSense support it (but I wouldn't be surprised if DD-WRT, Tomato, etc supported it as well (its been a while since I used them)).

It might work better of your DNS provider supports API based challenges vs traditional ACME challenges that might require you to still expose your IP/challenge ports with public DNS to get your certificates.

All my internal DNS has the option of SSL certs while my IP is not on any public DNS and it routes to the internal IPs with the above. Not sure how that would work with wireguard or tailacale/headscale, but I'm assuming they probably could complement nicely.