Comment on VPNs, self hosting & security
habitualTartare@lemmy.world 11 months agoI setup openvpn on my network originally + duckdns on a dynamic IP in 2021/2022. It’s an “older” protocol but I felt it was easier to setup since it’s been around longer and the tools just make it easy.
Wireguard has speed advantages but being newer, takes more work to see those speed advantages. There’s a docker container called wg-easy that I’ve heard mixed things about (speed in a docker container vs easy to setup).
I used tail scale when I rebuilt my VPN server because I was originally using Oracle Linux (wanted to learn it more but went back to Ubuntu).
If you can get certificates working, wireguard shouldn’t be too difficult. I prefer VPN over exposing multiple ports/protocols for a family or small userbase. If you’re sharing libraries or other services with extended family, I’d probably expose those to the Internet and work on hardening/having that server in a demilitarized zone + certificate based authentication and MFA on any public admin accounts.