this post was submitted on 06 Dec 2025
76 points (97.5% liked)

Selfhosted

60094 readers
1058 users here now

A place to share alternatives to popular online services that can be self-hosted without giving up privacy or locking you into a service you don't control.

Rules:

  1. Be civil: we're here to support and learn from one another. Insults won't be tolerated. Flame wars are frowned upon.

  2. No spam.

  3. Posts here are to be centered around self-hosting. Please ensure it is clear in your post how it relates to self-hosting.

  4. Don't duplicate the full text of your blog or git here. Just post the link for folks to click.

  5. Submission headline should match the article title.

  6. No trolling.

  7. Promotion posts require your active participation in selfhosting or related communities, or the post will be removed. No more than 10% of your posts or comments may be self-promotional, or your post will be removed. F/LOSS Exception: If your post is about a project that is completely open source & can be self-hosted in full without payment, and your account is at least 7 days old, your post is exempt from this rule as long as you continue to engage in comments.

Resources:

Any issues on the community? Report it using the report flag.

Questions? DM the mods!

founded 3 years ago
MODERATORS
ruud@lemmy.world
Loki@lemmy.world
CannaVet@lemmy.world
devve@lemmy.world
ayyy@sh.itjust.works
curbstickle@anarchist.nexus
curbstickle_lw@lemmy.world
76
Solutions for remote access? (lemmy.dbzer0.com)
submitted 6 months ago* (last edited 6 months ago) by Ganbat@lemmy.dbzer0.com to c/selfhosted@lemmy.world
33 comments fedilink hide all child comments
 

I've been setting up a music server on my home server recently, looking to move away from private hosting options like iBroadcast, but I've hit a bit of a snag when it comes to actually accessing my server when away from home.

The two most common recommendations I've seen are Cloudflare and OpenVPN. My router supports OVPN access, so I gave that a try, but couldn't ever actually make it work. I don't know for sure, but I think it's probably something with my ISP that I can't really easily work around. As far as Cloudflare goes, setting up a tunnel requires you to have a domain set up with them even if you're just using Warp, and since I don't have one, that's not an option.

What other good options are there for remote access? I'm running Open Media Vault as my server. Thanks.

Edit: Based on responses, it looks like Tailscale is the way to go since it's all private to me. Thanks everyone!

you are viewing a single comment's thread
view the rest of the comments
[–] e8d79@discuss.tchncs.de 23 points 6 months ago (2 children)

I use a wireguard tunnel that connects to a cheap VPS and then configured a caddy reverse proxy on that VPS that makes my services available on the internet.

[–] fizzle@quokk.au 3 points 6 months ago

Yeah I've been using wireguard for a long time myself personally, and more recently for a small team to access an intranet.

I'm a big fan. After a half hour or so trying to understand configs it's pretty manageable.

[–] Krtek@feddit.org 1 points 6 months ago (2 children)

Question, do you also use the same domains for the local network as the remote connections? And if yes, are you just accepting the round trip to the VPS or do you have a shortcut to stay in the local network? Because, while I have an otherwise identical setup, I put caddy on the local server, so that I can eventually use local DNS to point to the local address

[–] e8d79@discuss.tchncs.de 3 points 6 months ago

No, I use a second reverse proxy for my local network. For example, I can resolve navidrome either via my VPS using navidrome.mydomain.net or directly in my local network with the address navidrome.local.mydomain.net. I also configured the local caddy reverse proxy with a DNS provider module to get LetsEncrypt certificates for my local addresses.

[–] 123@programming.dev 2 points 6 months ago* (last edited 6 months ago) (1 children)

There's something called NAT reflection that does a local lookup if the request originated in the internal network and avoids going via the external route. Some software for routers like ONPSense and/or PFSense support it (but I wouldn't be surprised if DD-WRT, Tomato, etc supported it as well (its been a while since I used them)).

It might work better of your DNS provider supports API based challenges vs traditional ACME challenges that might require you to still expose your IP/challenge ports with public DNS to get your certificates.

All my internal DNS has the option of SSL certs while my IP is not on any public DNS and it routes to the internal IPs with the above. Not sure how that would work with wireguard or tailacale/headscale, but I'm assuming they probably could complement nicely.

[–] Krtek@feddit.org 1 points 6 months ago

Yeah, I'll probably try something like that