TLDR: VPN-newbie wants to learn how to set up and use VPN.

What I have:

Currently, many of my selfhosted services are publicly available via my domain name. I am aware that it is safer to keep things closed, and use VPN to access – but I don’t know how that works.

  • domain name mapped via Cloudflare > static WAN IP > ISP modem > Ubiquity USG3 gateway > Linux server and Raspberry Pi.
  • 80,443 fowarded to Nginx Proxy Manager; everything else closed.
  • Linux server running Docker and several containers: NPM, Portainer, Paperless, Gitea, Mattermost, Immich, etc.
  • Raspberry Pi running Pi-hole as DNS server for LAN clients.
  • Synology NAS as network storage.

What I want:

  • access services from WAN via Android phone.
  • access services from WAN via laptop.
  • maybe still keep some things public?
  • noob-friendly solution: needs to be easy to “grok” and easy to maintain when services change.
  • stown@sedd.it
    link
    fedilink
    English
    arrow-up
    1
    ·
    11 months ago

    Dynamic IP is one that changes. I think you meant static IP.

    • bneu@feddit.de
      link
      fedilink
      English
      arrow-up
      1
      ·
      11 months ago

      No, I specifically meant dynamic, because most ISPs only give static IPv4 for business plans, and a dynamic IP is fine if you use a dynamic DNS service (the Fritzbox has one).

      • stown@sedd.it
        link
        fedilink
        English
        arrow-up
        1
        ·
        11 months ago

        If you don’t have a static IP then you will automatically have a dynamic one. You don’t need to ask for a dynamic IP as that is the default. And I’m no idiot, I’ve used dynamic DNS services for for over 20 years.

        • bneu@feddit.de
          link
          fedilink
          English
          arrow-up
          1
          ·
          11 months ago

          There is also Carrier Grade NAT, which basically means that you share an IP with other customers, so if you try to access your network from the outside, you will only end up at your ISP’s router, where the network is divided up for a group of customers.