TLDR: VPN-newbie wants to learn how to set up and use VPN.
What I have:
Currently, many of my selfhosted services are publicly available via my domain name. I am aware that it is safer to keep things closed, and use VPN to access – but I don’t know how that works.
domain name mapped via Cloudflare > static WAN IP > ISP modem > Ubiquity USG3 gateway > Linux server and Raspberry Pi.
80,443 fowarded to Nginx Proxy Manager; everything else closed.
Linux server running Docker and several containers: NPM, Portainer, Paperless, Gitea, Mattermost, Immich, etc.
Raspberry Pi running Pi-hole as DNS server for LAN clients.
Synology NAS as network storage.
What I want:
access services from WAN via Android phone.
access services from WAN via laptop.
maybe still keep some things public?
noob-friendly solution: needs to be easy to “grok” and easy to maintain when services change.
PiVPN is elegant. Easy install, and I am impressed with the ascii QR code it generates.
But I could not make it work. I am guessing that my Android setup is faulty, orrrr maybe something with the Pi? This is incredibly difficult to troubleshoot.
I used Zerotier before and I still use it now. It is also the solution I am now going to continue with.
I wanted to try Wireguard to get away from a centrally managed solution, but if I can’t get it working after several hours, and Zerotier took five minutes - the winner is clear.
You are not logged in. However you can subscribe from another Fediverse account, for example Lemmy or Mastodon. To do this, paste the following into the search field of your instance: !selfhosted@lemmy.world
A place to share alternatives to popular online services that can be self-hosted without giving up privacy or locking you into a service you don’t control.
Rules:
Be civil: we’re here to support and learn from one another. Insults won’t be tolerated. Flame wars are frowned upon.
No spam posting.
Posts have to be centered around self-hosting. There are other communities for discussing hardware or home computing. If it’s not obvious why your post topic revolves around selfhosting, please include details to make it clear.
Don’t duplicate the full text of your blog or github here. Just post the link for folks to click.
Submission headline should match the article title (don’t cherry-pick information from the title to fit your agenda).
I chose wireguard implemented by pivpn (i like pi’s)
Wireguard app on phone and a quick duckduck will find you a script or app for your laptop. Connected to your home in seconds.
PiVPN is elegant. Easy install, and I am impressed with the ascii QR code it generates.
But I could not make it work. I am guessing that my Android setup is faulty, orrrr maybe something with the Pi? This is incredibly difficult to troubleshoot.
What didn’t work?
As a side note i had to portforward in my router to make this work.
Obviously :) and make sure to forward to the correct LAN IP address, and make sure that machine has a static IP (or DHCP reservation).
deleted by creator
Personally I would have gone for OpenVPN access server on Debian. Fairly simple and well documented for those starting out.
I have used and worked with OpenVPN connect on android, PC and Mac.
PiVPN offers both services, Wireguard and OpenVPN.
What app do you use on Android? And on Windows?
OpenVPN connect on both. I load the .ovpn-file that is exported from the server and that’s it.
deleted by creator
I used Zerotier before and I still use it now. It is also the solution I am now going to continue with.
I wanted to try Wireguard to get away from a centrally managed solution, but if I can’t get it working after several hours, and Zerotier took five minutes - the winner is clear.