this post was submitted on 03 Jul 2023
4 points (100.0% liked)
Selfhosted
573 readers
1 users here now
A place to share alternatives to popular online services that can be self-hosted without giving up privacy or locking you into a service you don't control.
Resources:
- awesome-selfhosted software
- awesome-sysadmin resources
- Self-Hosted Podcast from Jupiter Broadcasting
> Any issues on the community? Report it using the report flag.
> Questions? DM the mods!
founded 1 year ago
MODERATORS
you are viewing a single comment's thread
view the rest of the comments
view the rest of the comments
I'll answer by question
If you're talking about moving apps from one machine to another, yes the IP would change. You'd use the new machine's IP to access the moved app.
If you're hosting on your network (Local/Wireless Area Network, LAN/WAN) then anyone on that network could try to access the web app if they know or can find the IP and port. Some apps come with basic username and password authentication built in, if so that could be a barrier to your app if desired. I run some apps on my own LAN, things I won't need anywhere else. If you're concerned about others using your apps, you might be able to set up a Virtual LAN (VLAN) like a Guest Network that's separate from your main network. But any device you want to use your app would need to be on the same VLAN as the app.
A rented VPS doesn't solve the issue, it changes the scope. Instead of anyone on the LAN/WAN being able to access the app, anyone on the internet will be able to. Anyone that knows the IP and/or domain will be able to scan for ports and try to authenticate. There are entire services like Shodan dedicated to scanning ports over the entire internet and recording the results. My VPS routinely has bots from all over the world try to log on with defaut credentials. There are ways to mitigate it like installing Fail2Ban, but they will never stop trying.
That doesn't mean it's not worth it, a domain pointed to a VPS is an easy way to be able to access your apps from anywhere.
How to change the port number the app listens to is usually possible, but how to do it varies by application. Docker applications would have their ports mapped either in the Docker command or the docker compose file. Worth being aware that if you run enough apps, there will be overlaps that you need to remap, and some ports are reserved for the System which would require Root permissions to use. A Reverse Proxy like Nginex, Traefik, or Caddy (I use Caddy for my VPS and just type the IP:Port number on my LAN services) would be good for mapping subdomains or URL paths to port numbers.
Thank you very much for the detailed reply! So to clarify, the IP address changes but the app itself isn't affected? For example, I move to an apartment with an IP address that is different, but I can still access everything in let's say...a self hosted web app that takes notes? Would that be correct?
Everything else seems pretty understandable, much appreciated.
Oh that's what you meant by moving, OK! I'd you move to a new apartment and use a new router, the app on the same machine on the new LAN/WAN will definitely have a new IP. If you keep your router with you during the move and keep the app on the same machine, your app could need a new IP or could keep the old one, hard to say. If you rent a VPS, it'll be in affected as it'll have the static IP the data center assigned it no matter what.
If you need to find a LAN/WAN IP and port, I recommend getting comfortable with network and port scanners. On Android, I use Port Authority, it just takes one tap to start a scan and get the devices on the network, select the device and two taps to scan ports for that device. On Linux I'll use netcat aka nc but I'm still at the point with that where I have to look that up each time.
Unfortunately for other platforms, I don't have any recommendations to that end, but some googling might reveal a good tool for you.
Once you have a good tool, I find it easiest to scan the network, power up the machine with the app, and scan again to see what was added. But if you're comfortable with the vendor info that can be supplied with things like Port Authority you may not need to do that.