You are not logged in.
Pages: 1
Hi there!
Relatively new GNU/Linux user here (late 2017 I first used it when I installed manjaro on my laptop) and recently after getting sick of the instability, constant required updating, and systemd concerns of it all, I moved to Devuan and so far really enjoy it for daily use, but as you can probably tell this isn't about the laptop is it? I've currently installed Devuan ASCII on my pretty old Dell poweredge 2850 (reminder 2004 was 15 years ago, feel old yet lol).
So then, it's been a fun little idea of mine to operate a website/email/xmpp/pleroma/ftp services from my home for a while now as it has become increasing clear that monoliths from systemd to google to centralized social media result in posing a very serious threat to the principles of privacy and freedom through censorship/data-mining/bad ethics/etc... sure, paying a decent amount of money to a VPS provider would give me resources to host these but with the full onset of winter now descended upon us in the US of A and being that the old single core xenons, DDR2 ram, and Ulra320 SCSI disks make quite the effective spaceheater, I figured now would be the perfect time to have some fun, learn, and free myself from these virtual shackles and maintain control over my internet services by having all the data right next to me.
Onto the first problem, it's not the early 90s anymore and i cant just buy a 2400 baud modem and host away... the modern internet is quite hostile towards home-hosting with all the policies like Dynamic IPs, NAT, Double NAT, ISPs blocking port 80/443/other ports, DDOS attacks, ISPs not allowing types of UDP/TCP, etc etc. The biggest personal affront is that my local ISP got rid of the $5 a month static IP and moved it to strictly "business class" with highway robbery prices for just wanting to host a few small services (no other competition in the area too). There's got to be a better way... And sure enough after a while I learned about a very old peer2peer/mesh VPN program that's still under development called tinc which is very good at transversing NAT/firewalls to establish an encrypted direct UDP connection over a new virtual Ethernet Interface. This sounds like exactly what I need to link my homeserver with all my data to somewhere else with less silly connection restrictions along with side benefits like obfuscating my IP and letting me leave the firewalls up.
Now we get to more of the details... understand how to set up various servers/programs but when I start getting to things that I'm new at like Openrc and especially networking I'm kinda at a loss. This community seems nice/helpful and I enjoy it's products so I thought I'd ask for some help/resources here.... I guess an example of what I want to do is a good way to start. Lets say I have a pleroma instance on my homeserver and it uses nginx out of port 443, how exactly can i use this new tunnel0 interface i created with tinc to send this traffic to the VPS and change it there to the standard port on it's IP? where would I keep the tls certificate, would it be assigned to the vps or my home server? Honestly I kinda feel im overthinking it in some ways, any like beginner level resources about this specific use-case would help a lot.
Anyways this doesn't seem to be a highly discussed topic so eventually I'd like to write a guide of sorts for people also afflicted with terminal network-itis who have similar fun little goals to achieve.
thanks,
IK7
(hope this is the right board to put this on)
Pages: 1