The only externally accessible service is my wireguard vpn. For anything else, if you are not on my lan or VPN back into my lan, it’s not accessible.
Nothing I host is internet-accessible. Everything is accessible to me via Tailscale though.
Everything is behind a wireguard vpn for me. It’s mostly because I don’t understand how to set up Https and at this point I’m afraid to ask so everything is just http.
Its not hard really, and you shouldn’t be afraid to ask, if we don’t ask then we don’t learn :)
Look at Caddy webserver, it does automated SSL for you.
Careful with Caddy as its had a few security issues.
All software has issued, such is the nature of software. I always say if you selfhost, at least follow some security related websites to keep up to date about these things :)
Do you have any suggestions for reputable security related websites?
too many :) Here is a snippet of my RSS feed, save it as an xml file and most rss reeders should be able to import it :) https://pastebin.com/q0c6s5UF
few days late here, but that pastebin had some really good feeds 🙏 I noticed the OPML file was labeled FreshRSS and I also use FreshRSS. So I fixed up the feeds and configured FreshRSS to scrape the full articles (when possible) and bypass ads, tracking and paywalls.
I figured I’d pay it forward by sharing my revised OPML file.
I also included some of my other feeds that are related (if you or anyone else is interested).
Some of the feeds are created from scratch since a few if these sites don’t offer RSS, so if the sites change their layout the configs may need to be adjusted a bit, but in my experience this rarely happens.
I had to replace some of the urls with publicly hosted versions of the front-ends I host locally and scrape, but feel free to change it up however you like.
https://gist.akl.ink/Idly9231/22fd15085f1144a1b74e2f748513f911
Thank you :)
Everything is accessible through VPN (Wireguard) only
Same here. Taught my wife how to start WireGuard on her android phone and then access any of the services I run. This way I only have one port open and don’t have to worry too much.
