I’ve just started hosting stuff and i’ve been using frp’s stcp to make stuff accessible when i’m at school. I was wondering if I should bother setting up/switching over to wireguard which is apparently the way to go?

3 points
*
Deleted by creator
permalink
report
reply
1 point
*

Have you checked tailscale? a one click wireguard, free for quite a lot of devices. there is a project to selfhost the control server https://headscale.net/

permalink
report
reply
0 points

never heard about stcp nor i see something called like that in their github repository

Does it have authentication?

For safety i’d add an additional layer of authentication. Easy way: cloudflare access + cloudflare tunnel; hard mode: authelia + a reverse proxy

permalink
report
reply
1 point
*

id say it’s basically tcp with a password

try ctrl f on the readme?

permalink
report
parent
reply
-1 points

You didn’t expose it to the internet right? Right?

Use Netbird and a network share. I don’t know what stcp is but I would go with SMB or syncthing

permalink
report
reply
2 points

From the link in the post it’s a reverse proxy backed by terminos which is a secure OS for kubernetes and is really good, so I imagine this proxy is also really good. So OPs setup is already likely fine as is.

permalink
report
parent
reply
0 points

Still why risk it? It seems like there are better ways to do this

permalink
report
parent
reply
1 point

How are you using Netbird in your setup if I may ask?

permalink
report
parent
reply
2 points

How? I install the client and use ACLs

permalink
report
parent
reply
1 point

What are ACLs? And do you use the self hosted or the hosted option?

permalink
report
parent
reply
1 point
*

uh, i did?

can u explain why its a bad idea?

permalink
report
parent
reply
1 point
*

The proxy you are using seems like a good one and if you are using auth on it you aren’t exposing the services under it directly, so the vulnerability would be proxy or your password to reach any potential vulnerabilities on the service. Sure there could be some crazy bad vulnerability on the proxy, but as long as your using a good trusted one and not doing some config to bypass their security, and updating it, you should be fine. Some people here think you could use vpns and such for everything and sometimes you just gotta share your services and going through a proxy service is a good solution.

permalink
report
parent
reply
0 points

Anything on the internet gets hammered. As soon as there is any sort of vulnerability you are compromised.

You don’t need to take that risk

permalink
report
parent
reply

Selfhosted

!selfhosted@lemmy.world

Create post

A place to share alternatives to popular online services that can be self-hosted without giving up privacy or locking you into a service you don’t control.

Rules:

  1. Be civil: we’re here to support and learn from one another. Insults won’t be tolerated. Flame wars are frowned upon.

  2. No spam posting.

  3. Posts have to be centered around self-hosting. There are other communities for discussing hardware or home computing. If it’s not obvious why your post topic revolves around selfhosting, please include details to make it clear.

  4. Don’t duplicate the full text of your blog or github here. Just post the link for folks to click.

  5. Submission headline should match the article title (don’t cherry-pick information from the title to fit your agenda).

  6. No trolling.

Resources:

Any issues on the community? Report it using the report flag.

Questions? DM the mods!

Community stats

  • 4.7K

    Monthly active users

  • 3.6K

    Posts

  • 78K

    Comments