I have played around with yunohost and other similar tools. I know how to open ports on router, configure port forwarding. I am also interested on hosting my own stuff for experiments, but I also have a VPN enabled for privacy reasons on my router at all times. If you haven’t guessed already, I am very reserved on revealing my home IP for selfhosting, as contradictory as it sounds.

I am aware that it’s better to rent a VPS, not to mention the dynamic IP issues, but here it goes: assuming my VPN provider permits port forwarding, is it possible to selfhost anything from behind a VPN, including the virtual machine running all the necessary softwares?

edit: title

edit2: I just realized my VPN provider is discontinuing port forwarding next month. Why?!

  • Mountaineer@lemmy.world
    link
    fedilink
    English
    arrow-up
    4
    arrow-down
    1
    ·
    edit-2
    2 years ago

    Absolutely possible.
    The key to simple self hosting is to have a dns record that points to your externally accessible IP, whether that be your real one or an external one hosted at a VPN provider.
    If that IP changes, you’ll need to update it dynamically.

    It’s becoming increasibly common to be a requirement to do so as CGNat becomes more widespread.

    One of the newer ways to do that is with a Cloudflare Tunnel, which whilst technically is only for web traffic, they ignore low throughput usage for other things like SSH.

    • stonesimulator@lemmy.worldOP
      link
      fedilink
      English
      arrow-up
      1
      ·
      2 years ago

      My knowledge is a little dated and I remember messing around dyndns or noip to update my IP many years ago. I guess a simple script running on the router or the host should suffice?

      • Mountaineer@lemmy.world
        link
        fedilink
        English
        arrow-up
        2
        ·
        2 years ago

        I personally use a bash script triggered by cron on my server to first determine my external IP address: curl http://v4.ident.me/ then if it differed from the last check, would update one of my dns entries via the godaddy API.

        This can be a simple or as complicated as you like.

  • giddy@beehaw.org
    link
    fedilink
    English
    arrow-up
    2
    ·
    edit-2
    2 years ago

    What hardware do you run on? Or do you use a data center/cloud?

    I have 2 home servers - an Intel NUC running Ubuntu and a Raspberry Pi running Raspberry Pi OS. The NUC is my main server and the rpi is a dedicated wireguard/pivpn.

    Do you use containers or plain packages?

    On the main server I use docker containers almost exclusively. I find them easier to stand up and tear down, particularly using scripts, without worrying about the broader OS.

    I have the following services on the NUC -

    • Nginx Proxy Manager (for https proxy)
    • Nextcloud
    • Airsonic
    • Calibre-web
    • Invidious
    • h5ai
    • transmission

    I did play around with my own Lemmy instance but that was not successful and I found beehaw :-)

    Orchestration tools like K8s or Docker Swarm?

    No

    How do you handle logs?

    Badly. I lost a server due to root filling up a couple years back. Now I monitor disk space (see below) and prune logs as required.

    How about updates?

    OS updates I push daily. I don’t regularly update my docker containers. I did use Watchtower for a while but found it broke stuff a little too often.

    Do you have any monitoring tools you love?

    Just some custom batch scripts (disk space, backups etc) which send me regular emails. I also have conky running on a small screen 24x7

  • giddy@beehaw.org
    link
    fedilink
    English
    arrow-up
    2
    ·
    2 years ago

    Re your vpn question - I have a number of services on my home server, some of which are exposed via reverse proxy (eg. Nextcloud) and others which are only accessible internally or via my wireguard vpn. Setting up a dedicated vpn server on raspberry pi is very simple to do.

  • meteokr@community.adiquaints.moe
    link
    fedilink
    English
    arrow-up
    1
    ·
    2 years ago

    At the end of the day, packets need to get from whatever your DNS points, to the server that’s running. Depending on your tolerance for jank, and as long as a route actually exists for this, you can run the server anywhere you want. Renting a VPS does offer a lot more freedom in how your are routing, and where.