hinkley

What is the state of the art in leveraging your home network to have a presence (website or otherwise) on the internet?

Fiber just became available in our neighborhood recently and I'm about to have fewer people sharing our network, so the idea of being able to host my own files is becoming attractive again.

We are about to be due for this pendulum (centralized vs distributed) to swing back again and I like to be prepared.

nickspacek
I don't want to open my home network to just anybody, so I have a "jumpbox" that is the lowest-end shared VM at Hetzner. It runs nginx, dnsmasq, and Wireguard; my home servers connect to it, I add other peers as I need to, and dnsmasq resolves the hostnames using Zeroguard IPs for the home network.

I have 3 sets of DNS entries for the home lab servers:

1. "internal"/home network addresses (e.g. your 192.168.x.x) 2. Wireguard addresses (e.g. 10.0.x.x) 3. public DNS entries that all resolve to the jumpbox

The purpose of #3 is to support simple Letsencrypt setup: nginx on jumpbox forwards Letsencrypt requests to the internal servers over the Wireguard connection.

Internally, I use a https://github.com/nginx-proxy/nginx-proxy setup, so that any time I want a new service running inside the home lab I just have to:

1. Pick a hostname and add it to public DNS 2. Configure its Docker container to add the environment variables that nginx-proxy looks for 3. Add the hostname to the jumpbox /etc/hosts 4. Add the hostname to internal LAN DNS

It's a little much but I like how it works. It's not so bad to get setup.