Selfhosted
A place to share alternatives to popular online services that can be self-hosted without giving up privacy or locking you into a service you don't control.
Rules:
-
Be civil: we're here to support and learn from one another. Insults won't be tolerated. Flame wars are frowned upon.
-
No spam posting.
-
Posts have to be centered around self-hosting. There are other communities for discussing hardware or home computing. If it's not obvious why your post topic revolves around selfhosting, please include details to make it clear.
-
Don't duplicate the full text of your blog or github here. Just post the link for folks to click.
-
Submission headline should match the article title (don’t cherry-pick information from the title to fit your agenda).
-
No trolling.
Resources:
- selfh.st Newsletter and index of selfhosted software and apps
- awesome-selfhosted software
- awesome-sysadmin resources
- Self-Hosted Podcast from Jupiter Broadcasting
Any issues on the community? Report it using the report flag.
Questions? DM the mods!
view the rest of the comments
It depends on what all you want to proxy in, if it's just that one thing then it's pretty simple to point a port inbound to a secure interface and call it a day.
For a more complete thing, an inbound proxy will take the requested domain coming into your front door and translate it to an IP/port combo on the inside. That way you can have several services behind the single IP. If you have a full gateway server setup in frontt of things something like HAProxy or squid can work and do SSL offloading for you. For a single server setup you might look at 'nginx proxy manager' (NPM) which gives an easy way to set up an inbound proxy plus it'll manage getting certificates from let's encrypt automatically.
I could help more fully but need a good bit more details to give some specific ideas.
If I wanted to access my Jellyfin at home from a smart TV elsewhere, is that possible (securely)? Or would I need something that can run a vpn?
With the caveat that I'm presuming Jellyfin has a HTTPS interface, or you have a proxy in front of it to make one for it (I use Emby myself but I believe Jellyfin was a fork of it at some point) then yes, if the TV has an app for it you should be fine. HTTPS is as good on your server as anywhere else so long as it doesn't have some implementation flaw. In fact it's probably better to not have a VPN when streaming video just to avoid the extra overhead bandwidth a VPN tends to add on.
My only thought against having it on the public web would be the potential for brute force attempts on the login page. If it has a 2 factor option then great, or even if there's some kind of lockout/throttling after too many wrong guesses. Even barring that though, a decent long pass should be good enough to dissuade anyone from wasting too much time trying to remotely get into a video box, not exactly a crown jewel target after all.