Finally setup an unraid box - VPN vs port forwarding?
So I finally managed to get an unraid box up and running. Now in my excitement of getting a home server, I ended up quickly requesting my ISP for a static IP so i could forward ports and get access outside the home. Now I wondering if its possible to route the traffic through one of my VPSes and not need a static IP at all? I am fairly new to all so I am not even sure if this is possible or how to go about it. I'd appreciate some advice!
Team push-ups!
Comments
Use wireguard as reverse proxy https://www.reddit.com/r/selfhosted/comments/wov0dx/comment/ikew2ko
If you don't have a static IP, use something like noip.
Static IP is ideal, but sometimes cost.
You can also do this via cloudflare tunnel I believe. Or via VPS as you say.
I went with static IP plus wireguard
You only need public IP, but it doesn't have to be static.
Create a dynamic record in https://dns.he.net , and setup your router to update the record periodically.
Using VPN would cause triangle routing.
Even if you ask for double bandwidth, you'll run out eventually.
Accepting submissions for IPv6 less than /64 Hall of Incompetence.
What are the advantages of static IP over say cloudflare tunnel?
CGNAT kinda ruins that for me. So have to take the cloudflare tunnel or VPN route.
Team push-ups!
I actually have a similar setup in my office.
I am only provided with a private IP address. So what I did was get a Lightsail instance and install ZeroTier on both my server and Lightsail, so it will be like
Me ---> Lightsail ---ZeroTier---> Office Server
iirc Cloudflare tunnel only supports HTTP(S) connections, which can be a problem if you need, say SSH.
Static IP is closer to a VPS in that you know the IP and anything you expose on it is directly on the internet.
So you can say host nginx on it. Or point cloudflare at it. Or have it act as a wireguard server. Or minecraft or whatever.
All of those can be done via other routes too, but static IP has (assuming no NAT) a certain simplicity to it
Do take care with security though...stuff being directly on the internet means you need a decent firewall at the edge and be careful with the port forwards
You can install the cloudflared daemon on the Vps to SSH to your home server.
Sample .ssh/config:
But this only works if you have another VPS 😂