this post was submitted on 27 Mar 2024
34 points (88.6% liked)

Selfhosted

39980 readers
770 users here now

A place to share alternatives to popular online services that can be self-hosted without giving up privacy or locking you into a service you don't control.

Rules:

  1. Be civil: we're here to support and learn from one another. Insults won't be tolerated. Flame wars are frowned upon.

  2. No spam posting.

  3. Posts have to be centered around self-hosting. There are other communities for discussing hardware or home computing. If it's not obvious why your post topic revolves around selfhosting, please include details to make it clear.

  4. Don't duplicate the full text of your blog or github here. Just post the link for folks to click.

  5. Submission headline should match the article title (don’t cherry-pick information from the title to fit your agenda).

  6. No trolling.

Resources:

Any issues on the community? Report it using the report flag.

Questions? DM the mods!

founded 1 year ago
MODERATORS
 

I want to move away from Cloudflare tunnels, so I rented a cheap VPS from Hetzner and tried to follow this guide. Unfortunately, the WireGuard setup didn't work. I'm trying to forward all traffic from the VPS to my homeserver and vice versa. Are there any other ways to solve this issue?

VPS Info:

OS: Debian 12

Architecture: ARM64 / aarch64

RAM: 4 GB

Traffic: 20 TB

you are viewing a single comment's thread
view the rest of the comments
[–] Serra@feddit.de 2 points 7 months ago* (last edited 7 months ago)

I had a similar problem like you. My provider only gives me a public IPv6 but no public IPv4. Im using a VPS with an IPv4 with jool to set up SIIT-DC https://nicmx.github.io/Jool/en/siit-dc.html

This converts all IPv4 traffic arriving at the VPS to IPv6 traffic which gets then directly routed to my homeserver.

Not sure if this setup would work for you. This is not a viable solution if you are completly behind a CGNAT without even a public IPv6.

Pro:

  • Works without any sensitive Data on the VPS (SSl certificates/passwords...)
  • Works for all IP based traffic (TCP,UDP,ICMP)
  • The original source IPv4 can be restored by the homeserver Contra:
  • AFAIK you cannot choose to only forward some TCP ports. Everything gets redirected.
  • You cannot access the VPS via IPv4 anymore since it gets redirected to your homeserver. (I only access my VPS via IPv6)
  • No (additional) encryption. (This is no problem for me since all my traffic is already e2e encrypted)