Hi, you guys might know me from these three posts. After reading all of the comments, I’ve decided to purchase a Mini PC to host public instances of privacy-respecting services.
I’m here to bring some good news: I got it working perfectly! You can visit reallyaweso.me today and get a list of services that I’m hosting!
All services are deployed via Docker and proxied through Cloudflare. You might ask: “Why Cloudflare?”. It’s because I can’t port forward things on my home network. It really sucks that I’m depending on Cloudflare to do the port forwarding for me, but it is what it is.
If you want me to host a specific service that you want, feel free to comment on this post!
I would really appreciate it if you guys could checkout some services that I’m hosting, as I don’t know if everything went smoothly or not. Thank you guys so much for helping me on this journey!!
I wrote a small blog about bypassing CGNAT using TLS-passthrough. Cloudflare uses TLS-termination, which means they can see all the data being passed through, which defeats the purpose of privacy.
https://blog.aiquiral.me/bypass-cgnat
The problem with such a situation is that you have no idea of the origin IP address, as all the requests look like they are coming from your VPS. Did you find a way to restore origin IP in your logs?
Yes, it is fairly easy. You just have to forward the http headers. I am using HAProxy, and you can look at my configuration file in the blog. If you’re using something like Nginx Proxy, look up how to forward http heards. Some applications, like Nextcloud, require extra steps, but they also provide their own documentation.
Ok for http trafic, but what about SMTP?
All ports are forwarded. If your SMTP is running on, say, port 993, on your local machine,
your-VPS-ip:993
will be your SMTP.Sorry for the late answer, but will your SMTP logs show the original IP or the VPS’?
Not sure. Will have to try it out.