this post was submitted on 11 Mar 2024
49 points (96.2% liked)

Selfhosted

40347 readers
394 users here now

A place to share alternatives to popular online services that can be self-hosted without giving up privacy or locking you into a service you don't control.

Rules:

  1. Be civil: we're here to support and learn from one another. Insults won't be tolerated. Flame wars are frowned upon.

  2. No spam posting.

  3. Posts have to be centered around self-hosting. There are other communities for discussing hardware or home computing. If it's not obvious why your post topic revolves around selfhosting, please include details to make it clear.

  4. Don't duplicate the full text of your blog or github here. Just post the link for folks to click.

  5. Submission headline should match the article title (don’t cherry-pick information from the title to fit your agenda).

  6. No trolling.

Resources:

Any issues on the community? Report it using the report flag.

Questions? DM the mods!

founded 1 year ago
MODERATORS
49
submitted 8 months ago* (last edited 8 months ago) by fahad@lemmy.world to c/selfhosted@lemmy.world
 

What do you guys use to expose private IP addresses to the web? I was using the npm proxy manager with Cloudflare CDN. However, it stopped working after I changed my router (I keep getting error 521). Looking for an alternative to Cloudflare cdn so I can access my media server/self-hosted services away from LAN.

(Tailscale doesn’t work for me at all)

This is what I want to achieve: https://youtu.be/c6Y6M8CdcQ0?feature=shared

I literally followed this tutorial to make it work the first time.

you are viewing a single comment's thread
view the rest of the comments
[–] chiisana@lemmy.chiisana.net 8 points 8 months ago (1 children)

521 usually means they cannot reach your server properly. Was the router change due to a new ISP, and does the new ISP block port 80/443? Did you re-make all the relevant port forwarding rules? Changing CDN won’t change anything if your ports are closed/not responding as expected.

[–] fahad@lemmy.world 2 points 8 months ago* (last edited 8 months ago) (2 children)

Changing to a new internet plan, so they had to replace the router. Also, I did reopen ports 80 and 443, and I tested them. They’re working. What I noticed was Cloudflare changing the

A IP address to proxied (before it was the private server IP address, I got error 522 back then. I followed the tutorial again but got 521 error).

[–] chiisana@lemmy.chiisana.net 4 points 8 months ago* (last edited 8 months ago)

521 = Origin server down; I.e. the port is not open and/or the IP address is incorrect all together.

522 = Origin server time out; I.e. the port might be open but no content is being sent back.

If you’re seeing 521, then Cloudflare cannot establish a connection to port 80/443 on your IP address in the A record. Bearing in mind that in order for someone from outside of your LAN (i.e CloudFlare) to have access to your services, they must be able to reach the service, so this value should be your external IP address, not an internal address. Once you have your external address keyed into the record, have someone else not in your home try to access that IP/port combination and see what happens. If they cannot access, then port forwarding is not setup or your ISP is blocking, or you’re behind some CGNAT. If they can access, then something else is at play (origin IP filtering comes to mind).

[–] dudeami0@lemmy.dudeami.win 2 points 8 months ago

This might help, sorry if it doesn't, but here is a link to CloudFlares 5xx error code page on error 521. If you've done everything in the resolution list your ISP might be actively blocking you from hosting websites, as it is generally against the ISPs ToS to do such on residential service lines. This is why I personally rent a VPS and have a wireguard VPN setup to host from the VPN, which is basically just a roll your own version of Tailscale using any VPS provider. This way you don't need to expose anything via your ISPs router/WAN and they can't see what you are sending or which ports you are sending on (other than the encrypted VPN traffic to your VPS of course).