view the rest of the comments
Selfhosted
A place to share alternatives to popular online services that can be self-hosted without giving up privacy or locking you into a service you don't control.
Rules:
-
Be civil.
-
No spam.
-
Posts are to be related to self-hosting.
-
Don't duplicate the full text of your blog or readme if you're providing a link.
-
Submission headline should match the article title.
-
No trolling.
-
Promotion posts require active participation, with an account that is at least 30 days old. F/LOSS without a paywall has exceptions, with requirements. See the rules link for details.
-
AI-related discussions and AI-involved promotional posts have additional requirements for tagging, as noted in Rule 7 and the AI & Promotional Post Expanded Rules post.
Resources:
- selfh.st Newsletter and index of selfhosted software and apps
- awesome-selfhosted software
- awesome-sysadmin resources
- Self-Hosted Podcast from Jupiter Broadcasting
Any issues on the community? Report it using the report flag.
Questions? DM the mods!
Are you connecting from a public network or something? like a hotel wifi or other?
The easiest solution would be to setup the pi as your router and use a VPN like wireguard (wg-easy) or tailscale.
if it is a public network, you can double NAT. There's dedicated boxes like the GL.inet travel routers that support wireguard/openVPN and beta for tailscale. they have some features that work well with captive portals.
If it's a home network, you can probably use your PI as a entry/exit node or VPN client instead of using ssh.
It's for a home network, I managed to get it working using port forwarding through SSH thanks to suggestions. I'm not sure what the difference is with using the pi as an entry/exit node, that is what I was trying to do with the SSH forwarding. VPN is also possible but it it would also need to be set up to go through the pi
I'm not entirely sure about the technical differences but from my understanding VPN connections are preferred. From a security perspective, ssh has some more considerations since it's easier to detect it's open, and you should lock down root access and other privileged accounts. but SSH seems simpler to actually get working vs a VPN solution which would probably require a reverse proxy or something to get the TV working.
For example, compromising a ssh service gives you access to the shell immediately vs wireguard or similar that historically (from my knowledge) has had fewer critical vulnerabilities that could lead to remote code injection or access. This is also why many corporate and best practices recommend layering ssh through a private VPN like IPsec, OpenVPN, wireguard, etc.
in practice it's most likely fine as long as
That's some good suggestions and a few things I hadn't considered. A VPN is also possible, although setting up the port forwarding might be a bit more complicated