I'd personally recommend that you instead get a VPS and then route traffic over Wireguard.
You already appear to have a plan but it is something to keep in mind.
this post was submitted on 17 Apr 2025
82 points (98.8% liked)
Selfhosted
45974 readers
1113 users here now
A place to share alternatives to popular online services that can be self-hosted without giving up privacy or locking you into a service you don't control.
Rules:
-
Be civil: we're here to support and learn from one another. Insults won't be tolerated. Flame wars are frowned upon.
-
No spam posting.
-
Posts have to be centered around self-hosting. There are other communities for discussing hardware or home computing. If it's not obvious why your post topic revolves around selfhosting, please include details to make it clear.
-
Don't duplicate the full text of your blog or github here. Just post the link for folks to click.
-
Submission headline should match the article title (don’t cherry-pick information from the title to fit your agenda).
-
No trolling.
Resources:
- selfh.st Newsletter and index of selfhosted software and apps
- awesome-selfhosted software
- awesome-sysadmin resources
- Self-Hosted Podcast from Jupiter Broadcasting
Any issues on the community? Report it using the report flag.
Questions? DM the mods!
founded 2 years ago
MODERATORS
Wouldn't that increase latency. Additionally speed could be limited by isp's single connection speed to VPS.
meanwhile I'm on a dynamic ip that hasn't changed in 18 months
Most ISPs (especially smaller ones it seems) just run a basic DHCP server with leases expiring at a set interval. As long as your stuff is on and working when the lease renews, you'll pull the same IP forever.
As long as you don't want to run a mail server. DHCP ranges are cancer to ip reputation.
I'm pretty sure you don't want a mail server at home
I have 3 mail servers at home
My ISP blocks the ports needed for mail hosting :/
Pretty sure I'd have to go through them to get the rdns PTR records pointed at my domain too. PITA
Mine did too, all it took was a ticket to their helpdesk to get it unblocked
My local fiber provider doesn't advertise static IPs but they haven't changed my IP ever. I've been using them for going on 5 years
Same, buts been several years now. Att fiber. Don't use their modem either (except post power outage to establish coms back then I remove it.) I do use a ddyns service just in case. But it's been the same ip for years
To be honest, I used to have an ISP with dynamic addresses and it wasn't a huge deal. The address only changed every month or two. I used afraid.org's dynamic DNS service to get a dynamic address that followed the changes and created CNAME records for my real domain pointing at that. The actual connection was fucking awful but the dynamic IPs never caused any problems.
As for services: Nextcloud is well worth looking into for file sync and photo backup, especially if you've already got a file server running.
I use syncthing for some of my "can-never-lose-these" files. syncthing synchronizes files between different devices. This is not an online-file-hosting thing like Google Drive or OneDrive. These files are physically present on all synchronized devices.
My server is the "main" (you can make everyone equal) syncthing every other syncthing connects to. With an established connection, files will be synchronized on participating devices. AFAIK, syncthing is compatible with Windows, Android and Linux.
This way, my important files are on my server, my smartphone, my PC and my laptop and every single one of these devices must simultaniously explode for me to lose my data. Also, it's on docker hub
pi-hole is another great one. Local adblocker for the whole network, just set it as your DNS server or let the DHCP server propagate this DNS server to your clients. This too is on docker hub
Just make sure you make a backup from your syncthing clones, so an accidental delete/mess-up on one machine doesn't wipe out every copy!
Yeah, I do daily VM-backups which include all of the data on syncthing. No matter what you have, you always gotta have a good backup-strategy.
Enable file versioning in Syncthing. Then you will have a backup copy of every change for however long you set it to keep them.
I pray your ISP is more competent than mine!
Sometimes I'll lose the static IP I pay them for and they say it's not their fault. Why am I paying you for it, then!?
It’s static between changes
It's a temporary permanent address.
Static with random TTL.
That only happens from incompetence or bad IPAM software. It’s easy to assign a static in most management systems. As long as you set up the static in your router correctly, it should just stay.
If I set a static on my side, it'll work until they fuck up again.
The excuse I got last time was that, due to a power outage where I live, they lost the configs in the splitter box near me. That didn't fill me with confidence and you're probably very correct that whatever they're doing is very dumb and or incompetent.
That's a good thinker. I imagine their backup of the configs got fucked by whatever caused the issue. IIRC most competent ISPs will have the configs saved in multiple locations,the question is usually if they were updated ever. 😂
load more comments
(3 replies)
I think they just remove CGNAT with some assurance on IP being static over reboot, till it doesn't.
Still kinda sad that ip6 still hasn't taken off, that would give literally every toaster in the world its own static ip
I really don't like the idea of every device automatically having a publicly reachable IP.
There's certainly situations where that would be nice; but I'm quite fond of most equipment and services being behind a router and it's firewall, requiring explicit configuration to be exposed to the open net.
Nobody outside my home network ever needs access to my toaster... (btw, why tf is my toaster wifi enabled...?)
A Firewall and NAT are to different things. All devices would still be behind a Firewall so they would effectively be invisible from the outside except for when they make an out going connection.
If you really want NAT for IPv6 you could use NAT66. It isn't technically the IPv6 way of doing things but it works. The main benefit with NAT is that you don't need to worry about prefixes.
Nat is not a firewall....
Seriously. Unless you open up your Lan to the internet it functions the same way as ipv4 in respect to receiving unsolicited queries from the internet. All those are dropped.
You would have to specifically open a port in your firewall before anyone could access a device over IPv6 on your network from the internet. Just like you would have to forward a port on IPv4.
I really don’t like the idea of every device automatically having a publicly reachable IP.
It's kind of like AI or 'the cloud'. Everything now has access to at least your wifi. Hell, even my rumba has wireless access. I didn't activate that feature. I live in a very small house. If I want to restart it, I can walk over to it and push the restart button. Refrigerators with flat screen embedded in the door? Who is that for? I just want my fridge to keep everything cold. I absolutely love technology. I think it's wonderful. However, imho, not everything needs internet access, or AI, or 'the cloud'. I did build a little 'magic mirror' a while back that alerts me about weather, schedules, keeps track of a couple of my 25 different security cams, but that's about it. I haven't purchased a vehicle in quite a long while now, but I would guess the gadgetry saturation is pretty high.
I'm convinced it hasn't taken off because they're too complicated for the human brain to easily reference. Four triplets is simple enough.
All the shortening rules trip me up. I'd much rather work with addresses with standardized number of hextets and ideally the same number of digits than not have to type a few zeros.
all of these are the same address: 2041:0000:0001:0000:0000:0000:875B:131B 2041:0000:0001::875B:131B 2041:0:0001::875B:131B 2041:0000:1:0000:0000:0000:875B:131B 2041::0001:0000:0000:0000:875B:131B 2041::1:0000:0000:0000:875B:131B 2041::0001:0:0:0:875B:131B 2041:0:1::875B:131B 2041:0:1:0:0:0:875B:131B 2041:0000:1:0000:0000:0000:875B:131B 2041:0000:01:000:00:0:875B:131B 2041:00:1::0:875B:131B
Ugh. Yes.
The fact that they have shortening rules already shows it's too complicated.
They would've been better off with a shorter length, and ditching hex for a base 32 string.
Imo they should have kept the ipv4 format but instead of maxing out at 255.255.255.255 make it 65535.65535.65535.65535 this aproach makes the address pool more than 4000000000 times larger and is backward compatible with ipv4 so it could be a drop in replacement for most things. And if we ever do end up running out of over quintilion (18446744073709551616) ips we can just keep going up, to 4294967295.4294967295.4294967295.4294967295.
load more comments
(1 replies)
True that. They're also less recognizable as an ip address. They don't stand out
It really isn't all that complicated. Honestly in some ways it is easier since you don't need to worry about subnetting. Also SLAAC is pretty cool.
The key to IPv6 is to not apply your IPv4 brain to it. It works very differently and in some ways it is better.
Since I am behind CG NAT I try to use IPv6 for most things at home. It works pretty well most of the time. Also a lot of Software (or should I say games) that claim to not support ipv6 do, as long as you can give them a domain that only has AAAA entries...
SLAAC is pretty cool if it works and if you can weed out all the devices with privacy extensions enabled by default, so you can properly apply rules...
That's what DNS is for.
Well, yes, for users. But I'm in tech. And it's the tech people that need to implement it. And when I'm trying to hunt down why something about DNS or a firewall rule isn't working, I really don't want to be juggling gigantic alphanumeric strings.
load more comments
(1 replies)
I want to be able to buy an IPv6 block and then be able to use it anywhere easily.
IPv6 is really widespread.
It is also the classic case of death by a thousand cuts.
I don’t think my IP has ever actually changed, and I never asked for a static one. But that doesn’t really matter, because these days it’s a small matter to dynamically update the IP.
GoToSocial works without problems on Podman, they probably just meant that they can't give technical support for it.
👍 for hosting a xmpp server. Next step is to get a real domain name!
That's cool OP. I have a business internet package with a static IP. I do a lot of large file transfers between clients and it does come in handy. I've yet to serve any public facing services tho. I've tried on numerous occasions to get invidious running consistently. It just seemed like I was having to tinker with it weekly just to keep the wheel spinning. I'm not sure what the issues were except maybe YT blocking IPs.
Have fun OP, and be safe and secure with your new found powers.
I have tons of great suggestions depending on your hardware and what kinds of things you’d like to be hosting.
However, for starters, if you’re not doing so already, make sure you are binding your qBittorrent container to a privacy VPN network interface. Test it to ensure it’s working. There are sites out there that you can use to check how your torrent IP presents. No matter what you’re torrenting, keep your IP hidden. The last thing you want is your ISP to terminate your fancy new service.
view more: next ›