TLDR: VPN-newbie wants to learn how to set up and use VPN.

What I have:

Currently, many of my selfhosted services are publicly available via my domain name. I am aware that it is safer to keep things closed, and use VPN to access – but I don’t know how that works.

  • domain name mapped via Cloudflare > static WAN IP > ISP modem > Ubiquity USG3 gateway > Linux server and Raspberry Pi.
  • 80,443 fowarded to Nginx Proxy Manager; everything else closed.
  • Linux server running Docker and several containers: NPM, Portainer, Paperless, Gitea, Mattermost, Immich, etc.
  • Raspberry Pi running Pi-hole as DNS server for LAN clients.
  • Synology NAS as network storage.

What I want:

  • access services from WAN via Android phone.
  • access services from WAN via laptop.
  • maybe still keep some things public?
  • noob-friendly solution: needs to be easy to “grok” and easy to maintain when services change.
    • stown@sedd.it
      link
      fedilink
      English
      arrow-up
      1
      ·
      1 year ago

      If you’re going to do that you may as well cut out the extra server/service and run regular wireguard.

      • Avid Amoeba@lemmy.ca
        link
        fedilink
        English
        arrow-up
        1
        ·
        1 year ago

        Not quite, it’s still much more useful because you can connect multiple devices, have users, and relay when some devices can’t see each other, among other features.

        • stown@sedd.it
          link
          fedilink
          English
          arrow-up
          1
          ·
          1 year ago

          You can do all of those things with wireguard as well… I’m not seeing any benefit to running Tailscale/headscale.