What’s up, what’s down and what are you not sure about?
Let us know what you set up lately, what kind of problems you currently think about or are running into, what new device you added to your homelab or what interesting service or article you found.
If at all possible see if you can do wireguard yourself. Tailscale is basically inserting a third party company for no reason as its just wireguard with their servers involved. For example if you can run opnsense its easy to get running via the GUI. Very rewarding!
Any resources you’d recommend?
Absolutely. I used Tailscale for a bit because I didn’t want to get a VPS (I’m behind CGNAT), but I needed to expose a handful of services and use my own domain name, and I couldn’t figure that out w/ Tailscale. So I bought a cheap VPS and configured WireGuard on it to get into my LAN and I’m much happier.
I’m considering going this route - just to hide my (static) home IP.
What’s the rough sizing I’d need for a VPS? I’m guessing the smallest possible, but with the best / unlimited data usage?
That really depends on your use case. I use very little transfer because most of my usage is within my LAN. I set up a DNS server (built in to my router) to resolve my domains to my local servers, and all the TLS happens on my local server, so it never goes out to the VPS. So I only need enough transfer for when I’m outside my house.
Here’s my setup:
My devices use my network’s DNS, but if that fails, they fall back to some external DNS and route traffic through the VPS.
VPSs without data caps tend to have worse speeds because they attract people who will use more transfer. I think it’s better to find one with a transfer cap that’s sufficient for your needs, so things stay fast. I use Hetzner, which has generous caps in the EU (20TB across the board) and good enough for me caps in the US (1TB base scales with instance size and can buy extra). Most of my use outside my house is showing something off every now and them, or accessing some small files or uploading something (transfer limits are only for outgoing data).
Ok, didn’t think about “unlimited” actually being slower - thanks for the insight.
I’m running a pfSense f/w at the edge, so split horizon DNS and haproxy are already sorted… I’ll check out wireguard - should be straight forward
Thanks
My ISP blocks all outgoing ports. Maybe I’m not trying hard enough but anything I try port forwarding ends up getting blocked.
Minecraft and port 80 are the 2 I’ve tried and they’ve been unresponsive
Pretty sure those two ports are blocked by a lot of IPs because they’re so popular