My self-hosting experience is primarily with Plex and qBittorrent, but I’m trying to get a digital library set up that will be available remotely. I’ve been reading about some options, but I’m not sure about what is best to use or how to deploy it.

What is the best way to make Kavita available to remote users safely from a home server?

  • Atemu@lemmy.ml
    link
    fedilink
    English
    arrow-up
    2
    ·
    11 months ago

    Hm, in that case Tailscale isn’t quite what you want. It’s not about opening up to the internet but rather your own virtual private network (hey, a VPN) with manually approved devices.

    They do have a new Funnel feature which allows exposing specific parts to the Internet via their proxy though: https://tailscale.com/blog/introducing-tailscale-funnel

    • WeirdGoesPro@lemmy.dbzer0.comOP
      link
      fedilink
      English
      arrow-up
      1
      ·
      11 months ago

      Why wouldn’t the funnel solution be exactly what I’m looking for? Feels almost too good to be true.

      If I’m understanding this correctly, I just have to set up Tailscale funnel on my local server, and it will generate a publicly accessible IP through their proxy that can be accessed remotely in a similar fashion to how Plex premium routes signals through their proxy for easy remote access? If that’s correct, that’s basically my dream solution because it only exposes kavita and doesn’t require a secondary server to bounce the signal through.

      • Atemu@lemmy.ml
        link
        fedilink
        English
        arrow-up
        1
        ·
        edit-2
        11 months ago

        There’s three reasons:

        • As mentioned in the blog post, Funnel is still a rather new feature. It’s still in beta.
        • It goes far beyond Tailscale’s core purpose; it’s basically a separate service.
        • It’s free for now but probably won’t be for long. TS’ core functionality will likely be free or at worst very low cost for a long time but public hosting is a helluvalot more costly and also dangerous.

        That said, if I had to share something with the public internet temporarily, I’d try not doing that first but could see myself using TS Tunnels.

        • WeirdGoesPro@lemmy.dbzer0.comOP
          link
          fedilink
          English
          arrow-up
          1
          ·
          11 months ago

          I need to share permanently though. Would it be better to use tailscale to make a connection to a remote server and then use that server as a front end that bounces back to my home server?

          • Atemu@lemmy.ml
            link
            fedilink
            English
            arrow-up
            1
            ·
            edit-2
            11 months ago

            Not really. As soon as you have a path from global internet into your home network, all bets are off and you’re now in charge of securing all of that against the entire world.

            That said, if this is a regular old HTTP service, I believe Cloudflare Tunnels offer a way to put an authentication mechanism in front. This can work if, just like with Tailscale, you have a limited known set of users but the difference is that those users don’t to have to install and use a VPN client to access your service but rather authenticate using an “external” HTTP service through their browser. Again, I do not believe this works for services accessed through APIs and certainly not ones using custom protocols.

            I can’t stress enough that getting those remote users to use Tailscale is probably the best and easiest solution.