• 0 Posts
  • 39 Comments
Joined 2 years ago
cake
Cake day: June 12th, 2023

help-circle









  • Set up wireguard in a docker container and then forward the port to wireguard, the default container on docker hub is fairly straightforward and you can always ask me for help if you need :).

    However, If you are using ipv4, you need to make sure that you’re not behind a CG-NAT (If you think you might be, call your ISP and tell them you have security cameras that need to get out or something like that).

    You could also try tailscale which is built using wireguard with nat-busting features and a bit easier to configure (I dont personally use it as wireguard is sufficient for me).

    After that Caddy + DNSMasq will simply allow you to map different URLs to IP addresses

    • dnsmasq
      • will let you map, E.g. my_computer -> 192.168.1.64
    • Caddy (Or nginx, but caddy is simpler)
      • will let you map to ports so e.g.:
        • with DNS (DNSMasq as above)
          • http://dokuwiki.my_computer -> http://my_computer:8080
        • Without DNS
          • http://dokuwiki.192.168.1.64 -> http://192.168.1.64:8080/

    Caddy and DNSmasq are superfluous, if you’ve got a good memory or bookmarks, you don’t really need them.

    VPN back into home is a lot more important. You definitely do not want to be forwarding ports to services you are running, because if you don’t know what you’re doing this could pose a network security risk.

    Use the VPN as the entry point, as it’s secure. I also recommend running the VPN in a docker / podman container on an old laptop dedicated just to that, simply to keep it as isolated as you can.

    Down the line you could also look into VLan If your router supports that.

    I personally would not bother with SSL If you’re just going to be providing access to trusted users who already have access to your home network.

    If you are looking to host things, just pay for a digital droplet for $7 a month, It’s much simpler, You still get to configure everything but you don’t expose your network to a security risk.







  • Well that’s good to know because I had some terrible luck with it about a decade ago. Although I don’t think I would go back to windows, I just don’t need it for work anymore and it’s become far too complex.

    I’ve also had pretty bad luck with BTRFS though, although it seems to have improved a lot in the past 3 years that I’ve been using it.

    ZFS would be good but having to rebuild the kernel module is a pain in the ass because when it fails to build you’re unbootable (on root). I also don’t like how clones are dependant on parents, requires a lot of forethought when you’re trying to create a reproducible build on eg Gentoo.


  • I gotcha:

    • Btrfs
      • BTree File System
        • A Copy on White file system that supports snapshots, supported mostly by
    • ZFS
      • Zetabyte File System
        • Copy on Write File System. Less flexible than BTRFS but generally more robust and stable. Better compression in my experience than BTRFS. Out of Kernel Linux support and native FreeBSD.
    • HFS+
      • what Mac uses, I have no clue about this. some Copy on Write stuff.
    • NTFS
      • Windows File System
      • From what I know, no compression or COW
      • In my experience less stable than ext4/ZFS but maybe it’s better nowadays.