Selfhosted
A place to share alternatives to popular online services that can be self-hosted without giving up privacy or locking you into a service you don't control.
Rules:
-
Be civil: we're here to support and learn from one another. Insults won't be tolerated. Flame wars are frowned upon.
-
No spam posting.
-
Posts have to be centered around self-hosting. There are other communities for discussing hardware or home computing. If it's not obvious why your post topic revolves around selfhosting, please include details to make it clear.
-
Don't duplicate the full text of your blog or github here. Just post the link for folks to click.
-
Submission headline should match the article title (don’t cherry-pick information from the title to fit your agenda).
-
No trolling.
-
No low-effort posts. This is subjective and will largely be determined by the community member reports.
Resources:
- selfh.st Newsletter and index of selfhosted software and apps
- awesome-selfhosted software
- awesome-sysadmin resources
- Self-Hosted Podcast from Jupiter Broadcasting
Any issues on the community? Report it using the report flag.
Questions? DM the mods!
view the rest of the comments
Yes, it is possible, but you need a domain (example.com) that I guess you want to be resolved from internet and a public face ip.
After that, yep, if the reverse proxy can resolve tailscale names (basically it has tailscale installed in the same machine) and the service is reachable via tailscale, then it is perfect.
In fact in my setup I have a public domain name that is translated into a private domain name in the reverse proxy (exactly what you want with the addition of tailscale)
I have a registered domain name already, but I am behind CGNAT and I don't really have a public IP.
I want to allow access to my services remotely only through Tailscale.
My setup just has the local IP (of the reverse proxy) in the domain's DNS records, and I have Tailscale on my home server setup to advertise subnet routes, so I can use the same local IP when at home or remote via Tailscale. No need to use your public IP or open ports or anything.
Fdroid says Tailscale sends logs when it is not authorized. Is that bad? I am looking into Tailscale and might consider Wireguard if it is more privacy-friendly.
Yes, I know that, but I just don't want to remember the port numbers or create some bookmarks.
I think I can create a CNAME record for *.media to point to the Tailscale address of the reverse proxy and then use the reverse proxy with Cloudflare API key to serve SSL certificates from my domain.
I am currently struggling a bit with the setup though.
This approach, but if you setup your server to advertise subnets you can use your local IP range instead of tailscale's. Port numbers for individual services would be handled by your reverse proxy, you can setup a subdomain route for each service.
Instead of having to keep track of bookmarks you can use something like homepage on the root of your domain, as a dashboard to navigate to all other services.
OK I understood that the request came from internet and tailscale was to link the reverse proxy and the server.
In this case try ipv6, pretty sure you have ipv6 and you will have a public address.
But for this case you will need a dns in your network so example.com can be resolved and then your proxy will make the right request.
Yes doable.