this post was submitted on 25 Mar 2024
150 points (96.9% liked)

Selfhosted

40183 readers
547 users here now

A place to share alternatives to popular online services that can be self-hosted without giving up privacy or locking you into a service you don't control.

Rules:

  1. Be civil: we're here to support and learn from one another. Insults won't be tolerated. Flame wars are frowned upon.

  2. No spam posting.

  3. Posts have to be centered around self-hosting. There are other communities for discussing hardware or home computing. If it's not obvious why your post topic revolves around selfhosting, please include details to make it clear.

  4. Don't duplicate the full text of your blog or github here. Just post the link for folks to click.

  5. Submission headline should match the article title (don’t cherry-pick information from the title to fit your agenda).

  6. No trolling.

Resources:

Any issues on the community? Report it using the report flag.

Questions? DM the mods!

founded 1 year ago
MODERATORS
 

Hi, you guys might know me from these three posts. After reading all of the comments, I've decided to purchase a Mini PC to host public instances of privacy-respecting services.

I'm here to bring some good news: I got it working perfectly! You can visit reallyaweso.me today and get a list of services that I'm hosting!

All services are deployed via Docker and proxied through Cloudflare. You might ask: "Why Cloudflare?". It's because I can't port forward things on my home network. It really sucks that I'm depending on Cloudflare to do the port forwarding for me, but it is what it is.

If you want me to host a specific service that you want, feel free to comment on this post!

I would really appreciate it if you guys could checkout some services that I'm hosting, as I don't know if everything went smoothly or not. Thank you guys so much for helping me on this journey!!

you are viewing a single comment's thread
view the rest of the comments
[–] [email protected] 18 points 7 months ago (14 children)

I wrote a small blog about bypassing CGNAT using TLS-passthrough. Cloudflare uses TLS-termination, which means they can see all the data being passed through, which defeats the purpose of privacy.

https://blog.aiquiral.me/bypass-cgnat

[–] [email protected] 1 points 7 months ago (2 children)

You can do https Cloudflare <-> node

[–] [email protected] 1 points 7 months ago (1 children)

I am not sure what you mean.

The issue is, when using Cloudflare, they will terminate your TLS, then encrypt the data again with their own certificate, which is send to the visitor. When visitor interacts, their data is decrypted on Cloudflare's servers, which they encrypt again eith our original certificate and send it back to us.

Sure, hackers or sniffers might not be able to look at the sensitive data, but Cloudflare can. But do they, or do they not, is upto you, if you trust them or not.

[–] [email protected] 2 points 7 months ago

Oh I understand.

I was referring to the "strict" tls option which enforces that Cloudflare connect to your node via tls instead of http.

load more comments (11 replies)