Self-Hosting all the things (Part 2 – nginx reverse proxy and VPN)

  • by

Last time we learned how to get started with self hosting. With all things being considered it was actually quite simple. In fact finding what to host yourself can be quite involving, I hope to make a master list of things that you can self host. In the meantime, here’s a great alternative! Alright alright. Now that you’ve got a couple of services running on your machine you’ll start to notice that it is quite annoying to access your services using something like localhost:4200 or 192.168.1.XXX:8989 if you’re accessing it through LAN. This will become a much bigger problem if you want to access your services remotely outside of your LAN. And exposing multiple ports for these services from your home network to the outside world is not a good idea. Although to be honest if all you’re doing is exposing a simple Plex server, its not a huge deal but make sure to change it from the default port.

One of the best ways to organize all of your services is by setting up a reverse proxy using something like nginx. It is also extremely simple to set up. That way you can access them as such plex.yourcooldomain.com or yourcooldomain.com/plex.

Getting a VPS

Choices choices… When it comes to renting a VPS there for our use case there are only really two things to keep in mind. Minimize cost, and maximize the amount of network bandwidth available to you. The second one won’t matter too much if you aren’t going to be getting much traffic, in that case you just need enough compute resources to run an nginx instance which… is not a lot. A single vcpu is fine but try to get at least two.

Remember, there are other cloud providers exist other than AWS/GCP/Azure. There’s DigitalOcean, Linode, Vultr, and Hetzner (the one I use) and many, many more. You will then probably need to initialize the VPS with an image, I would go with a Debian based Linux Distro, or better yet, Debian itself.

Setting up a VPN (HomeLab)

Since you are hosting your services from your home network, you likely don’t have a static IP. And you wouldn’t want to expose your own home network to the outside world anyway. Instead we will have the VPS which will host an nginx reverse proxy for our home services using some VPN. Some that come to mind are Wireguard, OpenVPN, and ZeroTierOne. For this tutorial we are just going to stick with ZeroTierOne since it is incredibly easy to get started with and setup.

Go here and get ZeroTier set up on your homelab and the vps. Make sure that the zerotier-cli is set up by running the following command…

sudo zerotier-cli -v

Once that is done, go to my.zerotier.com and create a network.

You will notice that your network will have an ID, and this is what we are going to use to connect to this network using the zerotier-cli. Copy or write that down somewhere. We don’t need to change any of the default settings other than to ensure the network is set to Private. Now we will add both the homelab and the VPS to the VPN. Just type join along with the network ID you made note of earlier.

sudo zerotier-cli join ################

Once you have joined the network through the zerotier-cli you still have to authorize them through the web console. After the users have joined the network, they will automatically get assigned an IP address that we will be using. You only have to keep a track of the homelab.

You can test if the connection is working properly by pinging the homelab from your VPS. If it doesn’t work make sure the requisite ports are open and you can read more about it here. If you can successfully ping between the two (make sure you are using the “managed ip”) then you have a VPN set up and not have to worry about exposing your entire home network to the internet!

Pages: 1 2