Allow access to your home server through the internet without needing a static IP or even being behind a NAT!
This is just an easier way of doing the steps in the previous guide: Setup webserver behind OpenVPN to bypass NAT.
Things you'll need:
- A home server that you want to access through the internet
- A free account on Oracle Cloud
- A free account on Tailscale
High-level overview:
- We will connect the home server and a cloud server (with a static IP) to each other via Tailscale (which can penetrate NATs; read their blog post on how they do this).
- Then we will configure the remote server to route traffic to our home server via Tailscale.
Steps:
- Install Tailscale on your home server.
- Create a VM in Oracle Cloud and install Tailscale on it.
- Also, in the network settings of the VM, allow incoming traffic on ports 80 and 443 (HTTP and HTTPS). Also configure your firewall to allow incoming traffic on those ports.
- On the VM, install Nginx Proxy Manager (or just Nginx, or any other reverse proxy tool you want to use).
- Configure your reverse proxy manager to send traffic to your home server using its Tailscale IP.
- Profit!
For detailed steps, refer to the wikis of:
- Tailscale quickstart ยท Tailscale Docs
- Nginx Proxy Manager
- Oracle Cloud VM Tutorial - Step 1, 2 and 3 are relevant. In step 4, look at point 8 only.
Other Thoughts
Alternatively, you can use iptables instead of a reverse proxy manager to send all traffic to your server, but I think a reverse proxy manager is easier to debug and manage for a long-term solution. For examples of iptables commands, refer to step 3 here
For arbitrary ports, you can and probably should use iptables, like in the case of running a game server. It may also be easier just to invite everyone to your Tailscale network in that case, but doing so comes with security risks, so just be aware.
Also note, I used Oracle instead of AWS because AWS has a limit of 100GB of data transfer on the free tier EC2, whereas Oracle has a 10TB limit per month.