zlacker

[return to "A story on home server security"]
1. elashr+m5[view] [source] 2025-01-05 13:45:07
>>todsac+(OP)
There usual route that people would take is either use VPN/tailscale/Clouflare Tunnels ..etc and only expose things locally and you will need to be on VPN network to access services. The other route is not to expose any ports and rely on reverse proxy. Actually you can combine the two approaches and it is relativity easy for non SWE homelab hobbyists.
◧◩
2. zenopr+gg[view] [source] 2025-01-05 15:27:25
>>elashr+m5
I use HAProxy on PFSense to expose a home media server (among other services) for friends to access. It runs on a privileged LXC (because NFS) but as an unprivileged user.

Is this reckless? Reading through all this makes me wonder if SSHFS (instead of NFS) with limited scope might be necessary.

[go to top]