Skip Navigation
Jump
Do you use cloudfare tunnel or a vpn like tailscale or wireguard ? Why would you choose of these over the other?
  • I just use the UDM-SE App (Teleport). I can connect on demand and get to all of my services, get adblocking while I'm out and about. Teleport on ubiquiti is just wireguard renamed.

    I don't need to expose any services from my home network, because I'm the only one using them. If It wasn't just me, I'd just have them download the wifiman app, send them a teleport link and boom...they're in on the local network. Exposing "services" for a convenience factor is just too much of a security risk for myself.

    I host all of my websites on github (free) and leverage vercel for CI/CD pipelines (again, free). Domains are the only thing public and that I pay for. (local dns reasons for lets encrypt certs) and for my public websites not associated with my home infrastructure.

    1
  • Jump
    Hosting your media server on Proxmox
  • I can give you an idea of what I do:

    I use a clustered 2 node setup on proxmox (modified corosync as I don't care about true HA - that way I can reboot node 1, and node 2 stays up and works fine), centralized management, etc...and I don't have a quorum device, I'll eventually add a 3rd node and fix it proper.

    I backup the bind volume /data + /appdirs, plus all infra is in compose files/stacks, so I don't care if I lose all the data. It just costs time to resetup, working on ansible eventually to lessen that.

    So I just split the resources between the two nodes:

    1.) Proxmox Node 1

    • LXC PiHole
    • Big Ubuntu 22.04 LTS VM running docker + docker compose, main portainer + a lot of other various containers under this.

    2.) Proxmox 2

    • LXC PiHole 2 for HA.
    • Big Ubuntu 22.04 LTS VM running docker + docker compose, portainer agent + Plex Media ARR Apps. My "download client" runs behind gluetun and only functions if the VPN connection is active, otherwise the connection is killed. (think wireguard vpn container)

    I literally got all of this setup in ~4 days and previously didn't know anything about proxmox, or much about docker at all. Granted I am on vacation at the moment, so there is that...unlimited time.

    I can share my giant plex-arr docker compose file I've came up with for this, made it myself and it all works assuming you rename a few of the variables.

    0
  • Jump
    What top-level domain do you use in your local network?
  • I use a custom domain for everything....email, internal dns, external (cf tunnels), and my public websites. I use to use AWS Route 53 for everything because of work, but moved to CF because it's free and much easier to setup and manage.

    For local devices I use *.local.domaingoeshere.com (wildcart cert), issued by cloudlfare. In retrospec I should have used *.int.domain.com as it would be less typing...but everything is categorized and bookmarked anyway.

    1