Hey guys,
after reading up on selfhosting for weeks now I finally decided to take the plunge today and tried setting up my own nextcloud & jellyfin instances. For this purpose I am using a mini PC. (similiar to an Intel NUC)
Now I would like to make both services available to the internet so I could show images to friends while I’m at their place / watch movies with them.
The problem is I am currently not very educated on which security measures I would have to take to ensure that my server / mini PC doesn’t immediately become an easy target for a hacker, especially considering that I would host private photos on the nextcloud.
After googling around I feel like I find a lot of conflicting information as well as write-ups that I don’t fully grasp with my limited knowledge so if you guys have any general advice or even places to learn about all these concepts I would be absolutely delighted!
Thank you guys sooo much in advance for any and all help, the c/selfhosted community has been nothing but a great resource for me so far!!!
Cloudflare is nice if your ISP uses CGNAT or blocks incoming port traffic (e.g. Starlink or T-Mobile 5G Home Internet).
I see. That‘s a valid use case. Although, in the spirit of self-hosting, I personally would either get another ISP or run a reverse proxy on a cheap VPS and connect the homeserver to that via Wireguard.
Yep. I actually do both. Wireguard on Oracle Cloud for my Plex.
Cloudflare to serve up stuff like Overseerr & my WordPress blog.
You can use
tailscale
for that too, but not raw wireguard.I actually do use raw Wireguard on an Oracle VCN instance so I can share my Plex on T-Mobile Home Internet.
(Plex is against Cloudflare’s ToS, which is why I don’t use them for Plex)
Tailscale is good for people who are techy enough to use it. But it’s not much help for my grandma if she wants to watch a Plex movie on her Roku.