mrRNobodY1

joined 11 months ago
 

I have read many posts in this subreddit and so many recommend using a domain (buying it) and then registering DNS.

Maybe I misunderstood because I'm new, but in theory isn't it enough to use a DNS in lan like pihole, and then from the client browser using Wireguard simply write the domain defined on pihole? (Maybe even configuring nginx to have all the ports pointing to the correct services)

Am I wrong?

 

Hi, when I am at home I don't need Wireguard, while when I go out of the house I would like it to turn on.

In summary by passing the mac address of my iPhone to the script, it is checked if it is present in the ARP table and if it is connected to the LAN by scanning with nmap. If I don't find it connected, I starto Wireguard. If it is connected, however, I turn it off.

I was planning to schedule it with crontab every 15 minutes.

Do you see any potential security issues with that? Could it be done better?

network=192.168.1.0/24
if [ “$#” -ne 1 ]; then echo Usage example: $0 aa:bb:cc:dd:ee:ff; exit 2; fi;
nmap -sP -T4 $network >& /dev/null
ip=$(sudo arp -n | grep $1 | awk ‘ { print $1 }’)
ping $ip -n -q -c 2 -i 0.2 -w 1 >& /dev/null
if [ $? -eq 0 ]; then
   echo Device is online \($ip\)
   sudo wg-quick down wg0
   echo Wireguard killed
else
   echo Device is offline
   sudo wg-quick up wg0
   echo Wireguard started
   exit 1
fi;
 

Hi all, I have selfhosted various services on my server via docker such as the whole *rr suite, plex, jellyfin, pihole, nginx, qbittorrent.

Out of curiosity I ran an nmap on the server IP but I see a lot less ports than I actually use.

With nmap 192.168.1.180 i see:

  • 53/tcp open domain
  • 80/tcp open http
  • 81/tcp open hosts2-ns [this is nginx]
  • 443/tcp open https
  • 6881/tcp open bittorrent-tracker
  • 8080/tcp open http-proxy [this is pihole]
  • 9091/tcp open xmltec-xmlmail [this is qbittorrent]

Why don't I see all the ports for all the services?

 

Hi, my home connection is under CGNAT and to overcome the problem and access my selfhosted applications through my iPhone or other PCs I use Tailscale.

Tailscale is beautiful but it is not selfhosted so I thought I would switch to using IPv6 on my home network (my ISP has support) and configure WireGuard.

The problem is when I am away from home and use my iPhone cellular network, this does not support IPv6.

Are there any solutions?

 

Hi, my home connection is under CGNAT and to overcome the problem and access my selfhosted applications through my iPhone or other PCs I use Tailscale.

Tailscale is beautiful but it is not selfhosted so I thought I would switch to using IPv6 on my home network (my ISP has support) and configure WireGuard.

The problem is when I am away from home and use my iPhone cellular network, this does not support IPv6.

Are there any solutions?