help on setting up home lab (networking) (lemmy.ml)

submitted 1 day ago* (last edited 6 hours ago) by t0mri@lemmy.ml to c/linux@lemmy.ml

9 comments fedilink hide all child comments

+-----------------+
| . local server  |
+-.---------------+
< . >
< . >
< . >
< . >
< . >
+-.-----------------------+
| . serveo/localhost.run  |
+-.-----------------------+
< . >
< . >               +----------------------+
< . >               |   .   raw data       |
< . >               | < . > encrypted data |
< . >               +----------------------+
+-.----------+
| . clients  |
+------------+

hellow,

i wanna host things (nextcloud, bin, syncthing) myself but im under cg nat so i cant do it the regular way. i have to tunnel my way out. the only concern is that, the raw data is readable by the ssh server (ie. serveo/localhost.run), but i dont anyone elses eyes on my data

sorry for my broken english.

edit:

syncthing (solved): https://docs.syncthing.net/users/untrusted.html
bin (solved): https://github.com/HemmeligOrg/Hemmelig.app?tab=readme-ov-file#features
nextcloud: ???

please clarify me.

if i setup a vpn which provides encryption on my local server, can i go like this

+------------------+
|   . local server |
+-< . >------------+
 << . >>
 << . >>
 << . >>
 << . >>
 << . >>
+-< . >----------------------+
| < . > serveo/localhost.run |
+-< . >----------------------+
 << . >>
 << . >>               +-------------------------------------+
 << . >>               |    .   raw data                     |
 << . >>               |  < . > vpn encrypted data           |
 << . >>               | << . >> vpn encrypted data over tls |
 << . >>               +-------------------------------------+
+-< . >-------+
|   . clients |
+-------------+

sorry i dont know how to express this in words

this is what i was trying to say. so the idea, is that okay?

you are viewing a single comment's thread
view the rest of the comments

[-] t0mri@lemmy.ml 1 points 15 hours ago

thanks for both answers. the second option, one i cant afford.

i did some research, the first the answer is partilly correct ig. for example syncthing offers password protection (https://docs.syncthing.net/users/untrusted.html) and for the bin, it provides client side encryption (https://github.com/HemmeligOrg/Hemmelig.app?tab=readme-ov-file#features) which will protect me even over plain http connection ig. please correct me if im wrong

these are product specific feature, so generally, as you said, no is the answer ig. i wish nextcloud offers something like. thanks again

[-] bloodfart@lemmy.ml 1 points 4 hours ago

I just saw your second diagram. If all you’re worried about is serveo being able to see, you could do all your http server stuff with https and require ECH on the client side and you’d be okay?

I’m not 100% that would work perfectly, especially if DNS is involved, but I don’t think serveo messes with DNS.

this post was submitted on 21 Sep 2024

31 points (97.0% liked)

Linux

47380 readers

886 users here now

From Wikipedia, the free encyclopedia

Linux is a family of open source Unix-like operating systems based on the Linux kernel, an operating system kernel first released on September 17, 1991 by Linus Torvalds. Linux is typically packaged in a Linux distribution (or distro for short).

Distributions include the Linux kernel and supporting system software and libraries, many of which are provided by the GNU Project. Many Linux distributions use the word "Linux" in their name, but the Free Software Foundation uses the name GNU/Linux to emphasize the importance of GNU software, causing some controversy.

Rules

Posts must be relevant to operating systems running the Linux kernel. GNU/Linux or otherwise.
No misinformation
No NSFW content
No hate speech, bigotry, etc

Related Communities

Community icon by Alpár-Etele Méder, licensed under CC BY 3.0

founded 5 years ago

MODERATORS

AgreeableLandscape@lemmy.ml

nooter692@lemmy.ml

MarcellusDrum@lemmy.ml

cypherpunks@lemmy.ml

cyclohexane@lemmy.ml

d3Xt3r@lemmy.nz