(I asked this on r*ddit a long while ago, but I don’t think I explained myself properly)

Basically, I would like to host a few services on my own metal (and not anywhere else in the world!) to play around with and learn, like my personal site, lemmy instance, vpn, fdroid, image host, etc etc.

I would also like to hide my public IP address because I don’t want people who connect to me to know my location (even if it’s rather coarse).

I know that this isn’t possible without at least another server in a different physical location, but I really have no idea how to approach this. What software do I run? What is this action called? What do any of these AWS/Azure service names mean? How much would I realistically need to pay? Etc etc.

Anyone have any pointers?

  • Joe@lemmy.knocknet.net
    link
    fedilink
    English
    arrow-up
    4
    ·
    edit-2
    1 year ago

    It’s not a perfect solution but, and requires some sort of VPS, but you could run a reverse proxy on a VPS, site-to-site vpn from the VPS to your Homelab, and point your reverse proxy to the services over said VPN.

    I do something like this. However, it doesn’t completely hide your IP.

    So the software you’re looking for is a Reverse Proxy (nginx, traefik, caddy… etc. there are tons), a VPN (Wireguard, OpenVPN, StrongSwan (IPsec)), and more than likely some sort of VPS. My Linode VPS costs me $5 a month. They constantly have sponsor deals that will get new users free time though.

    Hope that gets you started.

    • homelabber
      link
      fedilink
      English
      arrow-up
      2
      ·
      1 year ago

      I thought that solution completely ideas the homelab IP. Why/How is it visible?

      • Joe@lemmy.knocknet.net
        link
        fedilink
        English
        arrow-up
        3
        ·
        1 year ago

        Well the VPN connection depending on what technology you use will still need to connect to the Public home IP, which is probably dynamic, which means that you’d probably need to use Dyanmic DNS to keep it connecting properly.

        As far as someone just connecting to the reverse proxy the Home IP shouldn’t be visible at all. I just mean it wouldn’t hide well were someone really trying to find it.

        I’m not sure I’m explaining this well. I haven’t had coffee yet.

        • homelabber
          link
          fedilink
          English
          arrow-up
          2
          ·
          1 year ago

          I see, thanks for the explanation.

          If I understand correctly, with a service like Tailscale that doesn’t require Dynamic DNS even if your IP changes, there wouldn’t be a risk of revealing the IP, right?

          • Joe@lemmy.knocknet.net
            link
            fedilink
            English
            arrow-up
            2
            ·
            1 year ago

            Well in that case, tailscale is running as a daemon, so it effectively is doing it’s own little Dynamic DNS.

            I suppose the point I’m trying to make is SOMEONE has to know your public Home IP. In the case of using tailscale, it would be the tailscale servers. But you would be correct that I don’t believe it would be published to any public DNS servers.

            In my case, I’m using cloudflare for DDNS.

            The solution I describe comes with a bit of risk acceptance (just like anything else really).