When I see this sort of thing, and other people are trying to do it, a reverse proxy or vpn is always mentioned. Heres my question:

How Dangerous is it to just open the port for it on my router and access it like that?

Lets say i want to access jellyfin from Kodi on my xbox or something outside my network, the vpn solution wouldnt work for this i would think.

My issue with reverse proxies, and why im asking, is it seems less secure? I mean Im well aware that an IP is easy to get, i guess. But how likely is someone to look for something on my network specifically? With reverse proxies it seems like i would be broadcasting my server to the internet in a way its easier to happen across, than someone being interested in a random residential IP.

I run a minecraft server for friends on my main computer anyway, and i know tons of people do that, theoretically thats the same level of danger as opening my network for jellyfin specifically.

VPN isnt an option because of this xbox stuff i mentioned and people in my family who have 0 chance of understanding it regardless.

So what is the better option, going through this reverse proxy ( which im actually also unsure would work with kodi) or rawdog the server on my network. I guess leaving the server exposed? or every device even.

  • atfergs@lemmy.world
    link
    fedilink
    English
    arrow-up
    2
    ·
    1 year ago

    Any suggestions on where to read more about properly securing my home network? Most of what I find Googling is just basics.

      • ipkpjersi
        link
        fedilink
        English
        arrow-up
        1
        ·
        edit-2
        1 year ago

        Hey,

        I have a very particular setup, I’m not sure if Nginx Proxy Manager might work for my setup so I figure I’d ask you in case you might have an idea if it’d work:

        Basically, I am thinking of using Nginx Proxy Manager to help manage a reverse proxy for some self-hosted web apps like a lemmy instance, a mastodon instance, etc with a public VPS OpenVPN setup forwarding requests to my local server.

        Right now, I have a setup with a rented public VPS running OpenVPN server and a local seedbox server running in my basement which connects to the OpenVPN server as an OpenVPN client. On my public VPS, I have an iptables prerouting DNAT rule to forward inbound traffic on a specific port to my OpenVPN client (my local seedbox server) which allows my seedbox (with qbittorrent-nox listening on tun0 interface) to be fully connectable via my public VPS IP. My setup works perfectly for me currently without exposing my home IP.

        However, since I want to run web apps, I’d like to have Nginx in a Docker container, and then some other web apps like lemmy and mastodon each in its own Docker container, then have Nginx basically act as a reverse proxy, so when accessing the domain in my web browser the traffic would go to my public VPS on port 80/443, then iptables prerouting DNAT rules would then forward the traffic to my local server with whatever port Nginx is running in a Docker container, then Nginx would forward the traffic to the appropriate Docker container for whatever web app the request would be for.

        Does it sound like this might be possible with Nginx Proxy Manager?

        Thanks for reading this, sorry it’s a bit of a long post.