this post was submitted on 12 Oct 2023
2 points (100.0% liked)

Self-Hosted Main

515 readers
1 users here now

A place to share alternatives to popular online services that can be self-hosted without giving up privacy or locking you into a service you don't control.

For Example

We welcome posts that include suggestions for good self-hosted alternatives to popular online services, how they are better, or how they give back control of your data. Also include hints and tips for less technical readers.

Useful Lists

founded 1 year ago
MODERATORS
 

I've setup a Homelab recently and I'm quiet new to it so pardon my ignorance.
I haven't exposed my Homelab to the internet (apparently) yet, therefore I'm using Tailscale for remote access, my question is what's the purpose of using Reverse Proxies (RP) like Nginx, Traefik etc. as in my understanding it exposes you (securely) to the internet, but still there are risks...

Everybody on YT and Reddit seems to use RP and I don't understand why, So is there a good reason to use it or should I just rely on Tailscale. Are there other benefits of using a RP I would like to get enlightened about Reverse Proxies...
Thanks in Advance.

top 1 comments
sorted by: hot top controversial new old
[–] Wtfrud@lemmy.world 1 points 1 year ago* (last edited 1 year ago)

A vpn of some sort will always be more secure and safer. Exposing it to the internet is a convenience that you have to weigh the benefits of against the reduced security. If you don’t need the convenience then don’t worry about the extra complexity it brings.

The main benefit I see for a RP is the convenience of friends or family to just have a public facing url without having to install anything to make use of something I’m hosting.

Some people just like having a valid ssl cert or a host name to visit instead of an IP. These can be accomplished in other ways but a RP can make it easier.

In my use case I use a RP with authelia to require a password to some services, then maxmind geo filtering to limit where people can access from, and for some services the RP is set to only allow traffic from inside my network.