Hi, I moved this year to another city, because my internet provider didn’t give me a dedicated ipv4 address I can’t use a dyndns like duckdns. Another thing to mention is, that I have a dslite tunnel. So I can’t set up dyndns…
So my recent setup is a truenas server sitting under my desk. This is connected via cloudflared to the cloudflare tunnel. There I have my services like seafile or nextcloud configured. They are all pointing to a traefik instance that routes the traffic to the right container.
So to summarize what I have:
- Truenas server
- multiple services
- dslite tunnel
- own domain
- Cloudflare tunnel
- v-server
- Nginx
- docker
To visualize the route the traffic is going
Internet - cloudflare tunnel - cloudfared docker - traefik docker - service (nextcloud) docker
So I want to setup something on my v-server that routes the traffic to my homeserver (truenas)
Internet - DNS (cloudflare) - v-server - (magic docker service on truenas) - traefik docker - service (nextcloud) docker
Does someone have an idea how to solve this?
You must log in or # to comment.
My suggestion would be to setup a VPN service in your publicly available v-server. The most suggested solution is wireguard.
Then you can connect your truenas to that VPN and make it accessible, maybe via nginx.
The traffic flow would be:
nginx on v-server --(wireguard)--> traefik --> NextcloudThat’s a good point. But that’s also the point where my tinkering won’t help me… Do you have a writeup or a yt video where nginx points to the wireguard VPN? Another question. If I set up the wireguard tunnel, how can I just route the traffic from traefik?
I found this writeup and it looks correct, but I have not tested it.
The author posted a nice graphic that shows the idea:
Basically once you have WG set up, you will have an additional interface with it’s own IP in “ifconfig”. At that point all the ports are available and you can just point your reverse proxy to them (sorry I’m an NGINX user, I have no idea how Traefik works).
Additionally don’t forget to add keep-alive in your WG config so that the service doesn’t shut off once traffic stops going between both servers.
deleted by creator
The problem is with nextcloud on my end. Some files just can’t get synced and bigger files won’t even go through. Perhaps something is misconfigured, but I think I red something, that cloudflare tunnels only support x gb of traffic at once.
CF free tier specifies in their ToS it’s not for media so likely yeah, you’re getting some sort of rate limitation.
100mb is the max I think
That’s the HTTP POST upload limit for 1 request
Thanks good to know, after I hit this upload limit with one of my services I honestly considered nuking the whole nginx setup and using WG or TS, still on the fence about it all
Acronyms, initialisms, abbreviations, contractions, and other phrases which expand to something larger, that I’ve seen in this thread:
Fewer Letters More Letters CF CloudFlare CGNAT Carrier-Grade NAT DNS Domain Name Service/System HTTP Hypertext Transfer Protocol, the Web IP Internet Protocol NAT Network Address Translation SSH Secure Shell for remote terminal access VPN Virtual Private Network VPS Virtual Private Server (opposed to shared hosting) nginx Popular HTTP server
10 acronyms in this thread; the most compressed thread commented on today has 8 acronyms.
[Thread #238 for this sub, first seen 24th Oct 2023, 16:55] [FAQ] [Full list] [Contact] [Source code]
rathole aims to be somewhat of a replacement for CF tunnels. It was featured on noted some time ago: https://noted.lol/cgnat-and-rathole/
Haven’t tried it myself, but I’ve heard others talk about tailscale
This question is not related to the question you ask but where did you learn to configure traefik? When I try it out I didn’t understand how to route traffic through that.
So I use traefik on my truenas server from the truecharts catalogue. If you need help there I can send you the corresponding links from the
website later, I am not at the computer right now.
I will really appreciate if you send me the links! The image is broken and not loading :(
So here is the setup for truecharts with traefik and the things needed for proper truecharts setup: https://truecharts.org/manual/SCALE/guides/getting-started
Do you also use cloudflare tunnel?
A linode vps is what I use
Besides the great suggestions others have given, the OpenZiti project (openziti.io) looks interesting, though I haven’t found the need or time to try it out.
Have you tried zerotier? Another option is to get a vps with unlimited bandwith and setup ovpn server on it. Then you need a router that can connect as a client to vpn. This way you will have a public ip and you dont need to mess with tunnel services. A vps with public ip is about 10 bucks a month.
You could proxy your Webservice though a reverse SSH tunnel to a vps (that’s basically what cloudflare tunnels do)
I’m in the same boat and looking at options. I’ve benchmarked several options tht provide their own relays, and am in the process of setting up my own relays to test out on oracle free tier vps, which will probably be the best option as all the bandwidth that vps can handle will be dedicated to you and not shared. That said I’ve found tailscale to perform the best and twingate to perform the worst. I’m looking at netbird and netmaker but they’re extremely buggy and difficult to get going. Netbird is just busted in so many ways. Netmaker’s relays can’t get past my cgnat. Self hosting both of these should work but I’ve not tried it yet. The absolute easiest to set up has been tailscale though, can’t go wrong with that. For most use cases except for handling massive amounts of data, tailscale should be more than sufficient. That said, I’m looking to try selfhosting netbird, netmaker and headscale to see how those perform compared to tailscale’s own relays.
