Comment on Using Fail2ban to protect exposed services
Fedegenerate@lemmynsfw.com 15 hours agoI use tailscale for my non-tech family.
I run a rPi with tailscale, pihole and nginx on it in their house. They connect to the their WiFi, get adblocking for free. They go to “homarr.sever” pihole captures this sends it to nginx and gets reverse proxies to a homarr LXC on my server. From their they can click links to the services which are at on “service/.######.xyz”. Again pihole captures the request, sends it to nginx which reverse proxies it over tailscale to the appropriate LXC.
CocaineShrimp@sh.itjust.works 15 hours ago
Bookmarked this to try this setup next weekend!
Fedegenerate@lemmynsfw.com 14 hours ago
Honestly, I wouldn’t.
I only run it this way because a VPS had 0 WAF, and I’m terrified of opening ports. VPS is the well trodden ground, there’s tonnes of guides. Mines a hack job borne of necessity, it works though, and I am proud of what I cobbled together.
It was my first time solving my own problems. I had my meager skill set, a basic idea of what I wanted, some vague notion of how I was going to achieve it, and a thick forehead to smash against the problem till it gave way for me.