"Buy Me A Coffee"

  • 3 Posts
  • 78 Comments
Joined 2 years ago
cake
Cake day: June 13th, 2023

help-circle
  • Yes it would. In my case though I know all of the users that should have remote access snd I’m more concerned about unauthorized access than ease of use.

    If I wanted to host a website for the general public to use though, I’d buy a VPS and host it there. Then use SSH with private key authentication for remote management. This way, again, if someone hacks that server they can’t get access to my home lan.


  • Their setup sounds similar to mine. But no, only a single service is exposed to the internet: wireguard.

    The idea is that you can have any number of servers running on your lan, etc… but in order to access them remotely you first need to VPN into your home network. This way the only thing you need to worry about security wise is wireguard. If there’s a security hole / vulnerability in one of the services you’re running on your network or in nginx, etc… attackers would still need to get past wireguard first before they could access your network.

    But here is exactly what I’ve done:

    1. Bought a domain so that I don’t have to remember my IP address.
    2. Setup DDNS so that the A record for my domain always points to my home ip.
    3. Run a wireguard server on my lan.
    4. Port forwarded the wireguard port to the wireguard server.
    5. Created client configs for all remote devices that should have access to my lan.

    Now I can just turn on my phone’s VPN whenever I need to access any one of the services that would normally only be accessible from home.

    P.s. there’s additional steps I did to ensure that the masquerade of the VPN was disabled, that all VPN clients use my pihole, and that I can still get decent internet speeds while on the VPN. But that’s slightly beyond the original ask here.



  • Correct. As I can only provide links to posts that are on your selected home instance. Eventually I’ll change this but you’ll get a 404 page for links that aren’t on your home instance, but see my P.S. below.

    P.s. there have been changes to the Lemmy API that have prevented me from getting updates for about a month now. So most of the results you’re seeing are from old posts only. Until I can rebuild the crawler or find a new API there won’t be any new content.




  • That looks like 8.8.8.8 actually responded. The ::1 is ipv6’s localhost which seems odd. As for the wong ipv4 I’m not sure.

    I normally see something like requested 8.8.8.8 but 1.2.3.4 responded if the router was forcing traffic to their DNS servers.

    You can also specify the DNS server to use when using nslookup like: nslookup www.google.com 1.1.1.1. And you can see if you get and different answers from there. But what you posted doesn’t seem out of the ordinary other than the ::1.

    Edit just for shits and giggles also try nslookup xx.xx.xx.xx where xx.xx… is the wrong up from the other side of the world and see what domain it returns.


  • Another thing that can be happening is that the router or firewall is redirecting all port 53 traffic to their internal DNS servers. (I do the same thing at home to prevent certain devices from ignoring my router’s DNS settings cough Android cough)

    One way you can check for this is to run “nslookup some.domain” from a terminal and see where the response comes from.



  • There is a public API now. While I won’t support sorting, you can process and do what you will with the results as-is. Currently I only support Posts and Communities for now.

    When you search for posts you’re just matching against the title or body. For communities it’s searching the posts within that community.

    There’s also more filters now with: instance/community/author/since/until and a safe-search option.

    So I’m not sure how close this comes to your idea but I thought I’d share.





  • I’ve already started to abstract away Lemmy from the search engine itself. So the first steps are in place. Once I get the kinks of the 0.4.x release knocked out then I plan on reading up on Kbin’s API and I’ll start working on the crawler. I can’t promise anything but that should give you a rough timeline.

    If you have any programming skills I could always use a hand.




  • It’s on my to-do list. Sadly though, in order for something to show in the drop-down for home instances that means I must have previously crawled that site. Because my #1 requirement is that if you click a link it must open in your home instance. Good news is, is that Kbin and Lemmy work nearly identical to each other, so Kbin will be the first non-lemmy type of instances that you can search.



  • Ya I index both post titles and the post body. I also weigh the body content slightly higher as well. So posts that just link an article will usually show lower than posts that actually have content.

    At some point though this will change. As eventually I’ll start adding comment data to the index as well. But I’m waiting on a bug in Lemmy itself to be fixed before I begin working on that.