Hey all,
I’m setting up a homeserver and trying to figure out the best way to access it remotely. I’ve been looking at different solutions, but I’m a little stuck.
I’ve been looking at VPNs, but it feels weird, to route everything through my home IP when I’m also trying to use a commercial VPN for privacy / to combat services fingerprinting me based on my IP.
I’m currently considering a reverse proxy setup with an authentication provider like authentik or authelia, but as far as I understand, that wouldn’t work well with accessing services through an app on my mobile device (like for jellyfin music for example.) I did think about just opening up the ports and using a DDNS with a reverse proxy, but is’nt that like a big security risk?
Keep in mind I am no network admin, but I don’t have anything against learning if someone can point me in the right direction.
Also I heard some people say that on proxmox you should use unprivileged containers instead of vms for your services, does that hold up?
Any recommendations for tools or approaches?
Cloudflare Tunnels work great and are really easy to setup. Plus you are not exposing you machine completely to the outside, as the cloudflared service/container „calls out“, and Cloudflare is your reverse proxy. Downside is, you’re binding yourself to one of the US hyperscalers.
Pangolin uses the same principle, but is a bit more challenging to setup. Plus you need some kind of cloud server to make it work.
As you already have a VPN active at all times (at least it sounds like that), a VPN home seems out of the picture.
Unless you have a dedicated firewall at home, maybe reconsider the reverse proxy route. Personally would not feel comfortable with exposing a machine at home to the internet in full without a handle on what it can do or how it may be reached.