Hi, I moved this year to another city, because my internet provider didn’t give me a dedicated ipv4 address I can’t use a dyndns like duckdns. Another thing to mention is, that I have a dslite tunnel. So I can’t set up dyndns…

So my recent setup is a truenas server sitting under my desk. This is connected via cloudflared to the cloudflare tunnel. There I have my services like seafile or nextcloud configured. They are all pointing to a traefik instance that routes the traffic to the right container.

So to summarize what I have:

  • Truenas server
    • multiple services
  • dslite tunnel
  • own domain
  • Cloudflare tunnel
  • v-server
    • Nginx
    • docker

To visualize the route the traffic is going

Internet - cloudflare tunnel - cloudfared docker - traefik docker - service (nextcloud) docker

So I want to setup something on my v-server that routes the traffic to my homeserver (truenas)

Internet - DNS (cloudflare) - v-server - (magic docker service on truenas) - traefik docker - service (nextcloud) docker

Does someone have an idea how to solve this?

  • cron@feddit.deEnglish
    4·
    8 months ago

    My suggestion would be to setup a VPN service in your publicly available v-server. The most suggested solution is wireguard.

    Then you can connect your truenas to that VPN and make it accessible, maybe via nginx.

    The traffic flow would be:

    nginx on v-server --(wireguard)--> traefik --> Nextcloud
    • Dave811@lemmy.todayOPEnglish
      0·
      8 months ago

      That’s a good point. But that’s also the point where my tinkering won’t help me… Do you have a writeup or a yt video where nginx points to the wireguard VPN? Another question. If I set up the wireguard tunnel, how can I just route the traffic from traefik?

      • cron@feddit.deEnglish
        3·
        8 months ago

        I found this writeup and it looks correct, but I have not tested it.

        The author posted a nice graphic that shows the idea:

        • lemmyvore@feddit.nlEnglish
          01·
          8 months ago

          I’m not sure I understand why they need two Caddy servers. The first one should be a simple port forward, no need for a proxy forward. Unless they want to do something with the connections at application level, but it sounds like they simply forward them as-is.

          • cron@feddit.deEnglish
            1·
            8 months ago

            You need two caddy servers if there are other websites on the vserver that will use port 80/443. If not, port forwarding (eg. with iptables) will work.