So, here’s what I set up:

Docker with some containers behind Gluetun

Gluetun gives access to the local network so I can access the containers on my home network through http.

The only port I exposed to the internet is the 32400 for Plex.

I reach my home network remotely only through Wireguard, my fritzbox router has a guided setupt that gives me a wg configuration so I just scanned the QR code with my phone. I learned this opens the default wg port.

Now, you can never be 100% safe, but is my simple setup safe/solid enough?

9 times out of 10 I thinker with it when I am at home

It’s still a work in progress and I am open to any kind of suggestions

  • Unmapped@lemmy.ml
    link
    fedilink
    English
    arrow-up
    0
    ·
    1 month ago

    Not really directly answering your question here so feel free to ignore me. But if I’m understanding right your setup sounds like a more complicated way of doing what I am.

    I put tailscale on all my devices. And in every docker compose for the ports I do. TailscaleIP:hostport:containerport

    So nothing can be access on local network at all. Only through tailscale. Which I can access from any of my devices locally or remotely without opening a port. All E2E encrypted I’m pretty sure. The only con is having to trust tailscale.

    I do keep Plex port open for friends though.