ZeDoTelhadoMar 2

What us the best way to add remote access to my servers?

https://lemmy.world/post/43757826

What us the best way to add remote access to my servers? - Lemmy.World

Hi, I an currently trying to add remote access to 2 of my servers but didn’t manage to get a working setup as is. Right now I want to access 2 servers: * one is for media stuff (navidrome, jellyfin, managing the arr stack) * one is for my data syncing with rsync and after set a backup from borg to another server not on my domain I was trying at some point to add stuff such as tailscale, but somehow I always had issues with having both servers reachable within the IP range I use on my local network, so everything would work as is with the current config at home being away. I have also heard of cloudflare tunnels as well, but that I didn’t try yet. At some point I tried to do just a regular wireguard from my opnsense, but I would prefer not to have open ports to worry about (and also had issues with internal IP not being assigned from wireguard as well). Does anyone here has experience with this? If so, what was your solution and/or caviats to it?

Show threadcaptcha_incorrect

Do you want to expose port 80/443 and set up a reverse proxy or do you want to use a VPN tunnel? You could just use SSH to port 80 and 443 like so: ssh -L 80:<local-server-ip>:80 -L 443:<local-server-ip>:443 <username>@<domain>

I expose port 80/443 and use Caddy as a reverse proxy together with Authelia to protect anything that I deem needs an extra layer of security. I followed this guide: caddy.community/t/…/20465

Once setup, it is easy to remove or add a backend to Caddy and Authelia. This way does mean that you sometimes need to log in twice, but that is a small price to pay if your backend app does not support SSO (like n8n community edition).

Securing web apps with Caddy and Authelia in Docker Compose: an opinionated, practical, and minimal production-ready login portal guide

Preamble This post is intended to provide a practical guide to achieving a production-ready forward-authentication solution that can provide a polished unified login experience with MFA to arbitrary Caddy servers, in turn protecting multiple separately-hosted web apps and services. Forward authentication Ever since the release of Caddy version 2.5.1 (see: Release v2.5.1 · caddyserver/caddy · GitHub ), there’s a new wrapper directive for the Caddyfile: forward_auth, which configures a subrequest...

Caddy Community
Mar 2 at 10:03amWeb