Hi everyone, welcome back
So today we're going to try something a little bit different
We're gonna start a new video series
about all the different ways to expose or access our homelab
from the internet
The reason is mainly because there's tons of options out there.
and i feel like it's not talked enough about on YouTube
Especially the security part
which is most important
almost everyone just assumes it's secure which isn't always the case
so make sure to hit the like button
subscribe
and let's get started
okay so how to do it
to expose our homelab there are five main ways
1. Secure Tunnels like Cloudflare
2. Reverse proxies like Nginx
3. Traditional VPNs like Wireguard or OpenVPN
4. Mesh VPNs like ZeroTrust and Tailscale
and lastly the old classic port forwarding or NAT
So let's break down each one of them quickly to understand the differences
first secure tunnels like Cloudflare
This is often defined as secure tunnels to access your app without exposing your IP address
making remote access easy
it's also fairly easy to setup
however, by default it's not secured enough
and solely reling on your app security
but this can be improved
we'll cover this later in another video
next reverse proxies
like nginx
it's a server that sits in the middle and forward requests to your homelab
helping you manage multiple services under one domain
while adding another layer of protection
you will have more control over your services
and how to manage them
however, it exposes your IP and you must open a port on your router to access it
next, traditional VPNs like Wireguard or OpenVPN
it created an encrypted tunnel between your device and
your home lab
making it feel like you are on the same local network
it's good for privacy and security
but only useful when you are the only user because
it's impossible to share access without sharing your private key
to other users
next, mesh VPNs
like ZeroTier or Tailscale
this is similar to normal VPns except it connects devices between each other
instead of connecting them to a central server
it has more control over normal VPNs in the way that you can choose which devices to share
but you must manually join the network
each time for each devices you want to give access to
finally NAT this is a classic way of opening specific ports on your router
to expose your homelab
it's simplicity also carries high security risk if you rely on it alone.
keep in mind NAT often gets used with other
methods like previously showed
but going purely [on it's own] port forwarding is a no-go for security setups
Now, you may be wondering,
What's the most secure setup?
to expose your home lab?
Actually,