It probably makes more sense to invest time to learn things like Ansible (and Sephamore if you want a webui) to script such basic things.
Other than that, maybe Cronicle or Crontab-ui could be useful.
thekrautboy
joined 2 years ago
would this be set and forget enough to not cause problems for him?
Let me check my crystal ball... hmm yes, maybe.
Maybe you should consider putting a simple to use "OS" like /r/CosmosServer or CasaOS on that little server, so even he could do basic things with it like update a container. But also make sure you have a reliable remote option over SSH for example.
Nothing is 100% foolproof.
Enjoy your selfhosting journey :)
Its no surprise that connecting from the outside with Wireguard doesnt work if you have not opened the port for it.
That is required for Wireguard to work. Your phone needs to connect to your home IP:port for that.
Is it safe to open a port for Wireguard? Simply put, yes. Its a widely used software so atleast you can trust that the software itself is secure and shouldnt cause you any problems. However every software needs to be configured correctly to stay secure. So you need to learn how to set up your Wireguard correctly and secure. /r/Wireguard can probably help you with that. Once that is done you can open that single port in your router for forwarding it to your Wireguard container and connect with your phone from the outside to it. You also need to tell Wireguard to actually use the Pihole for its DNS, but that is also something /r/Wireguard can tell you.
I've read about Cloudflare tunneling
Cloudflare tunneling is sort of going the other way, instead of opening a port for incoming connections for Wireguard, you have a software running inside your home network which connects to Cloudflare on the outside (=the tunnel). And then from your phone you would not connect to your home network directly, but you connect to Cloudflare, and they redirect it to your home network through that tunnel. The advantage is that you dont need to open a port for this. The big disadvantage is that you need to trust Cloudflare, and its not a exactly selfhosted solution. With something like Wireguard you are in control, you host your Wireguard node, you connect directly to that, thats all. In the end its your choice how much security you are willing to sacrifice for some ease of setup and use. If you have specific Cloudflare questions, /r/Cloudflare exists.
So with all of this said, how can I continue in the safest way possible?
Get Wireguard properly set up, open the Wireguard port, connect from the outside. Then make Wireguard use your Pihole. Once that is all working, pick a new goal.
I've also read that I could use ngix maybe? I'm not sure.. Also I've read people here using self-signed certificates to validate themselves. Maybe from let's encrypt. How would this work?
Thats a bit different to what youre trying to do with your Wireguard and Pihole. With your WG+P setup you would be able to connect from the outside into your home network and use Pihole for adblocking for example, so you have secure internet with adblocking while youre away using Wifi at Starbucks. But you can also access any services you are hosting in your home network through the Wireguard connection, if you want.
A reverse proxy like nginx, Traefik, Caddy and many more are typically only taking care of web services. Pihole (DNS) is not one. So you cannot use your Pihole through nginx for example. But if you have a web service in your home network, for example Portainer to manage your Docker containers, you can open the reverse proxy port to the internet, and the proxy is then listening there for incoming connections. If you connect from the outside to your public IP(*) of your home network then the proxy could detect what service you are trying to reach on the inside and redirect it to your internal Portainer for example. *Note that a reverse proxy expects a hostname (on the public internet, a domain or subdomain) when accessing it. Just a IP doesnt work. So for using that you need to have a domain. But it doesnt need to be a paid domain, you can easily use a free subdomain from a service like Duckdns.org or dedyn.io for example.
Tons of threads and tutorials exist already about these things. But now you should know a few phrases you can search for and learn more.
I would suggest you take one step at a time, dont try to set up everything at once. If your current goal is to use your Pihole while youre away, focus on that. Get your Wireguard working. And it doesnt conflict at all once you later add nginx for example to that. In this case they serve different purposes.
A compose like that would never work, but i understand your idea. You should post it as a feature suggestion to the Homarr Github, tho i could imagine this might already have been requested.
Youre looking for a torrent client with a web interface then. As others have already recommended, qbittorrent, deluge, transmission etc are popular options. You could also simply have used the search function or look at the subreddit sidebar to find the awesome-selfhosted list of a lot of selfhosted software projects.
Use a Windows VM, not a LXC.
And if that app doesnt have a web interface by itself, then you cant simply access it through a web interface.
Try /r/PlexMetaManager if you want to ~~waste~~ spend hours on posters and metadata.
What is a torrent server? Do you mean running your own torrent tracker?
Excel spreadsheet?
Oh is Windows open-source now? Because Wireguard is and thats what i was talking about.