this post was submitted on 22 Sep 2023
13 points (100.0% liked)

linux4noobs

1337 readers
1 users here now

linux4noobs


Noob Friendly, Expert Enabling

Whether you're a seasoned pro or the noobiest of noobs, you've found the right place for Linux support and information. With a dedication to supporting free and open source software, this community aims to ensure Linux fits your needs and works for you. From troubleshooting to tutorials, practical tips, news and more, all aspects of Linux are warmly welcomed. Join a community of like-minded enthusiasts and professionals driving Linux's ongoing evolution.


Seeking Support?

Community Rules

founded 1 year ago
MODERATORS
 

Hi all,

As above I'm struggling to get my home server running Manjaro to be accessible outside my network. I've never messed with domains before but I do have a working knowledge of home networking.

I also have, what most would probably consider, basic working knowledge of Linux. I can work my way around the terminal and follow instructions on things given they aren't using assumptions that the reader is a knowledgeable power user of Linux.

From what I've read I need to add a reverse DNS via something like nginx and setup my Google domain to point to my external IP. Sounds simple enough but I cannot for the life of me configure nginx properly and I'm not even sure I have my Google domain setup correctly outside of payin for the domain name.

What I'd like to achieve is have my home server files be accessible from anywhere and also have jellyfin/sonarr/radarr accessible from anywhere if possible. I'm currently using Plex but that has a plethora of its own issues so would like to try something new.

Any help would be greatly appreciated, especially if provided in an "OP dumb dumb" format!

I'm currently at work at the time of writing so replies may be slow

top 11 comments
sorted by: hot top controversial new old
[–] [email protected] 3 points 1 year ago (1 children)

Without wanting to sound too gatekeepy, if your struggling with this, it might not be a good idea. Exposing services to the internet is very risky, and if you make a mistake you could end up letting bad actors into your network. Even the best of us fuck it up, so you should be extremely careful.

That said, check if your domain is pointing to your public IP, which is the first step. Getting that right requires DNS, and nothing to do with nginx.

[–] [email protected] 3 points 1 year ago

Don't worry, I understand you're not being gatekeeper. They are valid concerns and I understand the risks. Just wanting to build on the knowledge I already have and expand I guess.

After looking through some of the replies I'm not sure using a domain is the way to go for my use case anymore. Maybe I just got a bit too vigorous in wanting to learn Linux and having a home server!

[–] [email protected] 2 points 1 year ago (1 children)

You should be using something like Cloudflare Tunnels for this. It will protect your home network from public traffic.

Overview: https://www.cloudflare.com/products/tunnel/

Guide: https://developers.cloudflare.com/cloudflare-one/connections/connect-networks/install-and-setup/tunnel-guide/

[–] [email protected] 1 points 1 year ago

Thanks! Will check this out when I get home!

[–] [email protected] 1 points 1 year ago

Thanks to everyone that contributed!

I've managed to achieve what I set out to do using nordvpn meshnet!

[–] [email protected] 1 points 1 year ago (1 children)

The only way you should access your home network from the internet is using a VPN server. If you want to expose websites you shoikd be running reverse proxies. Don't expose rdp or ssh at all.

[–] [email protected] 1 points 1 year ago

Not looking to access the whole network, just particular services on the server. However, if I can get NordVPN's meshnet to work as I think it will work from a comment further up, that will be my answer I reckon

[–] [email protected] 1 points 1 year ago (1 children)

I would suggest you use Tailscale or another VPN.

As soon as your network is exposed to internet you'll have an army of bots trying to break in, if you are not sure about what you are doing I'll advise against that.

On the other hand with Tailscale you get an IP address for every device on your network so you can use DNS and reverse proxy with it except it will only be accessible by you and people you share it with.

[–] [email protected] 1 points 1 year ago (1 children)

I'm currently using NordVPN and see they have a meshnet that clgives each device direct Comms (if I'm understanding correctly). Do you know if that's the same as what you're suggesting? If so I'll look further into that

[–] [email protected] 2 points 1 year ago (1 children)

I did not know about NordVPN but it does look very similar.

Tailscale had the advantage of being mostly open-source.

[–] [email protected] 1 points 1 year ago

I'll look at both options and see what's best for my use case, thank you!