Selfhosted
A place to share alternatives to popular online services that can be self-hosted without giving up privacy or locking you into a service you don't control.
Rules:
-
Be civil: we're here to support and learn from one another. Insults won't be tolerated. Flame wars are frowned upon.
-
No spam posting.
-
Posts have to be centered around self-hosting. There are other communities for discussing hardware or home computing. If it's not obvious why your post topic revolves around selfhosting, please include details to make it clear.
-
Don't duplicate the full text of your blog or github here. Just post the link for folks to click.
-
Submission headline should match the article title (don’t cherry-pick information from the title to fit your agenda).
-
No trolling.
Resources:
- selfh.st Newsletter and index of selfhosted software and apps
- awesome-selfhosted software
- awesome-sysadmin resources
- Self-Hosted Podcast from Jupiter Broadcasting
Any issues on the community? Report it using the report flag.
Questions? DM the mods!
view the rest of the comments
I've seen lots of talk about headscale, an open source tailscale which allows you to create your own tailnet and I'm sure I've seen people talking about using tailscale as a reverse proxy tool, but it's not something I've explored in detail.
Pangolin is somewhat higher on my list of things to explore than headscale though.
If you're looking for a reverse proxy caddy and Traefik are also widely used.
With all of these solutions though you're going to need to have some online provider somewhere handling DNS for you so that you can have your domains be pointed to your IP address.
I think Pangolin works a bit differently... Correct me if I'm wrong...
Where headscale is a coordination server for a wireguard mesh, pangolin is a reverse proxy server that connects to the backend services via wireguard tunnels
That's likely true.
The first I heard of Pangolin was in a conversation that followed on from one about head/tailscale and I accept that I may have jumped to a conclusion. I am certain I've seen people talking about using it as a reverse proxy tool. Just found a blog post on the tailscale site talking about how to do it and they're using tailscale and caddy, rather than everything being handled by tailscale alone, so I'll accept that I'm wrong on this one. https://tailscale.com/blog/last-reverse-proxy-you-need
I have yet to get headscale to work with my system. No turnkey setup, instructions that lack clarity, and in the end... idk how it's supposed to do the thing.
Then you can just go with Tailscale, it’s 100% turnkey and just works. Even better when combined with NextDNS
I did manage to get it to work, but I recall it took me a while. I have several devices connected to it now though. I'm keenly looking forward to the autogroup:self ACL support so I can set up sensible ACLs and share my net with some mates - I only have my own devices on it right now.
Anything I can share that might help your understanding?
Every system I can run headscale on I need to do it via an nginx reverse proxy
Yes you need a way to expose it over https. A reverse proxy is easiest. I use Caddy.
I love headscale. I use it for subnet routing. I have a server in the cloud with NGINX for reverse proxy and the a subnet router at home that just routes internal stuff so I just use the local IP for the backend service and it just works.