I basically do exactly this, but I am running the reverse proxy on my home computer: the VPS is literally just acting as a proxy, for which I use wireguard to tunnel the connection. So far it’s worked great, though initial setup was a pain.
Comment on ISPs seem designed to funnel people to capitalist cloud services
dgdft@lemmy.world 4 weeks ago
If you’re looking for sympathy, you got it. Fuck the state.
If you’re looking for solutions, use a cheap $5/mo VPS that exists purely as your gateway host. Run everything you want on your home machines, then tunnel the traffic to your gateway and reverse-proxy it there. Your data stays in your hands, you can spin up and expose new services publicly in a matter of minutes, AND your home IP isn’t vulnerable to doxxing or DoS.
yonder@sh.itjust.works 4 weeks ago
dgdft@lemmy.world 4 weeks ago
This is a great suggestion!
Lest anyone miss the buried lede, this approach means that traffic is pre-encrypted as it passes through the gateway VPS - so even if your VPS gets hacked, it’s way harder to steal credentials and break into your services running on the home network.
Appoxo@lemmy.dbzer0.com 4 weeks ago
So you essentially have a DMZ between your VPS and home network that is divided by your reverse proxy?
rezz@lemmy.world 4 weeks ago
Is there a more detailed guide to this practice and the pros/cons?
dgdft@lemmy.world 4 weeks ago
This is @Shimitar@downonthestreet.eu‘s work, not mine - but it’s pretty similar to how I’d set things up:
Shimitar@downonthestreet.eu 4 weeks ago
Really appreciated the reference!
Good to know my wiki is of any use to somebody.
:)
twice_hatch@midwest.social 4 weeks ago
Tunneling! github.com/anderspitman/awesome-tunneling
a@91268476.xyz 4 weeks ago
@dgdft @ellie @selfhosted this is the way
ellie@slrpnk.net 1 week ago
While I agree on a practical level, and pragmatism sure is important, long term it still makes you pay into cloud services and gives cloud companies an easy way to directly man-in-the-middle your traffic. So I’m hoping one day the situation will improve.
a@91268476.xyz 1 week ago
@ellie @selfhosted what is the actual alternative? also, not all vps are offfered by megacorps.
ellie@slrpnk.net 1 week ago
The alternative is to get your ISP to offer you a static IPv6 and a reverse DNS PTR entry for your IPv6, like I asked for in the initial post. Some ISPs do if you offer them more money, some only do if you offer them more money and a legit business registration, apparently a few rare ones do it for free, and some never do it.
user224@lemmy.sdf.org 4 weeks ago
Now, why so expensive?
racknerdtracker.com/?sort=price
Disclaimer: I never used Racknerd (nor any other VPS).
revv@lemmy.blahaj.zone 4 weeks ago
I’ve used them for years with literally zero issues. Performance a for a cheap VPS. And since all the real work happens on my machines, if they enshittify, I can easily move elsewhere.
Zetta@mander.xyz 4 weeks ago
“JUST $10.28/YEAR - WOW!!” Laughed out loud at that, and I’ll have to give this a look. Currently I just use nginx and duckdns to expose my home IP for my self hosted stuff.
xyro@lemmy.ca 4 weeks ago
Thank you sir!
jjlinux@lemmy.ml 4 weeks ago
Didn’t dig in too far into the options, but those prices are crazy low. Thanks for pointing us there.