[Script Info]
Title: 
[Events]
Format: Layer, Start, End, Style, Name, MarginL, MarginR, MarginV, Effect, Text
Dialogue: 0,9:59:59.99,9:59:59.99,Default,,0000,0000,0000,,Hi everyone, welcome back
Dialogue: 0,9:59:59.99,9:59:59.99,Default,,0000,0000,0000,,So today we're going to try something a little bit different
Dialogue: 0,9:59:59.99,9:59:59.99,Default,,0000,0000,0000,,We're gonna start a new video series
Dialogue: 0,9:59:59.99,9:59:59.99,Default,,0000,0000,0000,,about all the different ways to expose or access our homelab
Dialogue: 0,9:59:59.99,9:59:59.99,Default,,0000,0000,0000,,from the internet
Dialogue: 0,9:59:59.99,9:59:59.99,Default,,0000,0000,0000,,The reason is mainly because there's tons of options out there.
Dialogue: 0,9:59:59.99,9:59:59.99,Default,,0000,0000,0000,,and i feel like it's not talked enough about on YouTube
Dialogue: 0,9:59:59.99,9:59:59.99,Default,,0000,0000,0000,,Especially the security part
Dialogue: 0,9:59:59.99,9:59:59.99,Default,,0000,0000,0000,,which is most important
Dialogue: 0,9:59:59.99,9:59:59.99,Default,,0000,0000,0000,,almost everyone just assumes it's secure which isn't always the case
Dialogue: 0,9:59:59.99,9:59:59.99,Default,,0000,0000,0000,,so make sure to hit the like button
Dialogue: 0,9:59:59.99,9:59:59.99,Default,,0000,0000,0000,,subscribe
Dialogue: 0,9:59:59.99,9:59:59.99,Default,,0000,0000,0000,,and let's get started
Dialogue: 0,9:59:59.99,9:59:59.99,Default,,0000,0000,0000,,okay so how to do it
Dialogue: 0,9:59:59.99,9:59:59.99,Default,,0000,0000,0000,,to expose our homelab there are five main ways
Dialogue: 0,9:59:59.99,9:59:59.99,Default,,0000,0000,0000,,1. Secure Tunnels like Cloudflare
Dialogue: 0,9:59:59.99,9:59:59.99,Default,,0000,0000,0000,,2. Reverse proxies like Nginx
Dialogue: 0,9:59:59.99,9:59:59.99,Default,,0000,0000,0000,,3. Traditional VPNs like Wireguard or OpenVPN
Dialogue: 0,9:59:59.99,9:59:59.99,Default,,0000,0000,0000,,4. Mesh VPNs like ZeroTrust and Tailscale
Dialogue: 0,9:59:59.99,9:59:59.99,Default,,0000,0000,0000,,and lastly the old classic port forwarding or NAT
Dialogue: 0,9:59:59.99,9:59:59.99,Default,,0000,0000,0000,,So let's break down each one of them quickly to understand the differences
Dialogue: 0,9:59:59.99,9:59:59.99,Default,,0000,0000,0000,,first secure tunnels like Cloudflare
Dialogue: 0,9:59:59.99,9:59:59.99,Default,,0000,0000,0000,,This is often defined as secure tunnels to access your app without exposing your IP address
Dialogue: 0,9:59:59.99,9:59:59.99,Default,,0000,0000,0000,,making remote access easy
Dialogue: 0,9:59:59.99,9:59:59.99,Default,,0000,0000,0000,,it's also fairly easy to setup
Dialogue: 0,9:59:59.99,9:59:59.99,Default,,0000,0000,0000,,however, by default it's not secured enough
Dialogue: 0,9:59:59.99,9:59:59.99,Default,,0000,0000,0000,,and solely reling on your app security
Dialogue: 0,9:59:59.99,9:59:59.99,Default,,0000,0000,0000,,but this can be improved
Dialogue: 0,9:59:59.99,9:59:59.99,Default,,0000,0000,0000,,we'll cover this later in another video
Dialogue: 0,9:59:59.99,9:59:59.99,Default,,0000,0000,0000,,next reverse proxies
Dialogue: 0,9:59:59.99,9:59:59.99,Default,,0000,0000,0000,,like nginx
Dialogue: 0,9:59:59.99,9:59:59.99,Default,,0000,0000,0000,,it's a server that sits in the middle and forward requests to your homelab
Dialogue: 0,9:59:59.99,9:59:59.99,Default,,0000,0000,0000,,helping you manage multiple services under one domain
Dialogue: 0,9:59:59.99,9:59:59.99,Default,,0000,0000,0000,,while adding another layer of protection
Dialogue: 0,9:59:59.99,9:59:59.99,Default,,0000,0000,0000,,you will have more control over your services
Dialogue: 0,9:59:59.99,9:59:59.99,Default,,0000,0000,0000,,and how to manage them
Dialogue: 0,9:59:59.99,9:59:59.99,Default,,0000,0000,0000,,however, it exposes your IP and you must open a port on your router to access it
Dialogue: 0,9:59:59.99,9:59:59.99,Default,,0000,0000,0000,,next, traditional VPNs like Wireguard or OpenVPN
Dialogue: 0,9:59:59.99,9:59:59.99,Default,,0000,0000,0000,,it created an encrypted tunnel between your device and
Dialogue: 0,9:59:59.99,9:59:59.99,Default,,0000,0000,0000,,your home lab
Dialogue: 0,9:59:59.99,9:59:59.99,Default,,0000,0000,0000,,making it feel like you are on the same local network
Dialogue: 0,9:59:59.99,9:59:59.99,Default,,0000,0000,0000,,it's good for privacy and security
Dialogue: 0,9:59:59.99,9:59:59.99,Default,,0000,0000,0000,,but only useful when you are the only user because
Dialogue: 0,9:59:59.99,9:59:59.99,Default,,0000,0000,0000,,it's impossible to share access without sharing your private key
Dialogue: 0,9:59:59.99,9:59:59.99,Default,,0000,0000,0000,,to other users
Dialogue: 0,9:59:59.99,9:59:59.99,Default,,0000,0000,0000,,next, mesh VPNs
Dialogue: 0,9:59:59.99,9:59:59.99,Default,,0000,0000,0000,,like ZeroTier or Tailscale
Dialogue: 0,9:59:59.99,9:59:59.99,Default,,0000,0000,0000,,this is similar to normal VPns except it connects devices between each other
Dialogue: 0,9:59:59.99,9:59:59.99,Default,,0000,0000,0000,,instead of connecting them to a central server
Dialogue: 0,9:59:59.99,9:59:59.99,Default,,0000,0000,0000,,it has more control over normal VPNs in the way that you can choose which devices to share
Dialogue: 0,9:59:59.99,9:59:59.99,Default,,0000,0000,0000,,but you must manually join the network
Dialogue: 0,9:59:59.99,9:59:59.99,Default,,0000,0000,0000,,each time for each devices you want to give access to
Dialogue: 0,9:59:59.99,9:59:59.99,Default,,0000,0000,0000,,finally NAT this is a classic way of opening specific ports on your router
Dialogue: 0,9:59:59.99,9:59:59.99,Default,,0000,0000,0000,,to expose your homelab
Dialogue: 0,9:59:59.99,9:59:59.99,Default,,0000,0000,0000,,it's simplicity also carries high security risk if you rely on it alone.
Dialogue: 0,9:59:59.99,9:59:59.99,Default,,0000,0000,0000,,keep in mind NAT often gets used with other
Dialogue: 0,9:59:59.99,9:59:59.99,Default,,0000,0000,0000,,methods like previously showed
Dialogue: 0,9:59:59.99,9:59:59.99,Default,,0000,0000,0000,,but going purely [on it's own] port forwarding is a no-go for security setups
Dialogue: 0,9:59:59.99,9:59:59.99,Default,,0000,0000,0000,,Now, you may be wondering,
Dialogue: 0,9:59:59.99,9:59:59.99,Default,,0000,0000,0000,,What's the most secure setup?
Dialogue: 0,9:59:59.99,9:59:59.99,Default,,0000,0000,0000,,to expose your home lab?
Dialogue: 0,9:59:59.99,9:59:59.99,Default,,0000,0000,0000,,Actually, [it] depends on your apps and what you want to do?
Dialogue: 0,9:59:59.99,9:59:59.99,Default,,0000,0000,0000,,In my opinion, it's not about which method you use
Dialogue: 0,9:59:59.99,9:59:59.99,Default,,0000,0000,0000,,but more about how you combine between them
Dialogue: 0,9:59:59.99,9:59:59.99,Default,,0000,0000,0000,,The best setup is to mix them and make
Dialogue: 0,9:59:59.99,9:59:59.99,Default,,0000,0000,0000,,them work all together
Dialogue: 0,9:59:59.99,9:59:59.99,Default,,0000,0000,0000,,to have the perfect setup.
Dialogue: 0,9:59:59.99,9:59:59.99,Default,,0000,0000,0000,,Okay so first let's go to cloudflare.com
Dialogue: 0,9:59:59.99,9:59:59.99,Default,,0000,0000,0000,,Go to "Sign Up"
Dialogue: 0,9:59:59.99,9:59:59.99,Default,,0000,0000,0000,,and free at the website
Dialogue: 0,9:59:59.99,9:59:59.99,Default,,0000,0000,0000,,And let's create a new account now
Dialogue: 0,9:59:59.99,9:59:59.99,Default,,0000,0000,0000,,After that if you already have [a] domain [previously purchased]
Dialogue: 0,9:59:59.99,9:59:59.99,Default,,0000,0000,0000,,enter it here
Dialogue: 0,9:59:59.99,9:59:59.99,Default,,0000,0000,0000,,or for me I'm just going to create a new domain.
Dialogue: 0,9:59:59.99,9:59:59.99,Default,,0000,0000,0000,,For some reason I got an error
Dialogue: 0,9:59:59.99,9:59:59.99,Default,,0000,0000,0000,,when trying to pay
Dialogue: 0,9:59:59.99,9:59:59.99,Default,,0000,0000,0000,,So I'm just going to import an existing domain
Dialogue: 0,9:59:59.99,9:59:59.99,Default,,0000,0000,0000,,Just going to type it here
Dialogue: 0,9:59:59.99,9:59:59.99,Default,,0000,0000,0000,,Okay, so then go down
Dialogue: 0,9:59:59.99,9:59:59.99,Default,,0000,0000,0000,,and choose the free package
Dialogue: 0,9:59:59.99,9:59:59.99,Default,,0000,0000,0000,,Next click on continue to activation
Dialogue: 0,9:59:59.99,9:59:59.99,Default,,0000,0000,0000,,confirm
Dialogue: 0,9:59:59.99,9:59:59.99,Default,,0000,0000,0000,,Next we need to do some modifications
Dialogue: 0,9:59:59.99,9:59:59.99,Default,,0000,0000,0000,,We need to modify, the current name servers
Dialogue: 0,9:59:59.99,9:59:59.99,Default,,0000,0000,0000,,with Cloudflare nameservers
Dialogue: 0,9:59:59.99,9:59:59.99,Default,,0000,0000,0000,,To allow cloudflare to control the domain
Dialogue: 0,9:59:59.99,9:59:59.99,Default,,0000,0000,0000,,to do that
Dialogue: 0,9:59:59.99,9:59:59.99,Default,,0000,0000,0000,,We go to the domain provider
Dialogue: 0,9:59:59.99,9:59:59.99,Default,,0000,0000,0000,,in my case it's NameCheap
Dialogue: 0,9:59:59.99,9:59:59.99,Default,,0000,0000,0000,,So in my case
Dialogue: 0,9:59:59.99,9:59:59.99,Default,,0000,0000,0000,,I'm gonna do custom DNS
Dialogue: 0,9:59:59.99,9:59:59.99,Default,,0000,0000,0000,,and then I copy....
Dialogue: 0,9:59:59.99,9:59:59.99,Default,,0000,0000,0000,,the nameservers
Dialogue: 0,9:59:59.99,9:59:59.99,Default,,0000,0000,0000,,and then I save
Dialogue: 0,9:59:59.99,9:59:59.99,Default,,0000,0000,0000,,It tells you that it can take \Nup to 48 hours
Dialogue: 0,9:59:59.99,9:59:59.99,Default,,0000,0000,0000,,But it's not true it [can take] just a few seconds
Dialogue: 0,9:59:59.99,9:59:59.99,Default,,0000,0000,0000,,or a few minutes max
Dialogue: 0,9:59:59.99,9:59:59.99,Default,,0000,0000,0000,,But, just in case
Dialogue: 0,9:59:59.99,9:59:59.99,Default,,0000,0000,0000,,If it take a long time to update
Dialogue: 0,9:59:59.99,9:59:59.99,Default,,0000,0000,0000,,Uh, this is normal so
Dialogue: 0,9:59:59.99,9:59:59.99,Default,,0000,0000,0000,,just wait
Dialogue: 0,9:59:59.99,9:59:59.99,Default,,0000,0000,0000,,There is no other choice
Dialogue: 0,9:59:59.99,9:59:59.99,Default,,0000,0000,0000,,Okay, so after a while,
Dialogue: 0,9:59:59.99,9:59:59.99,Default,,0000,0000,0000,,We get this page this means everything is good
Dialogue: 0,9:59:59.99,9:59:59.99,Default,,0000,0000,0000,,Now we go to access page
Dialogue: 0,9:59:59.99,9:59:59.99,Default,,0000,0000,0000,,and then NetZero™ Trust
Dialogue: 0,9:59:59.99,9:59:59.99,Default,,0000,0000,0000,,We choose our account
Dialogue: 0,9:59:59.99,9:59:59.99,Default,,0000,0000,0000,,Next you go to access
Dialogue: 0,9:59:59.99,9:59:59.99,Default,,0000,0000,0000,,Next we choose teamname
Dialogue: 0,9:59:59.99,9:59:59.99,Default,,0000,0000,0000,,Just anything
Dialogue: 0,9:59:59.99,9:59:59.99,Default,,0000,0000,0000,,Then we choose the free package of course
Dialogue: 0,9:59:59.99,9:59:59.99,Default,,0000,0000,0000,,There is zero payment
Dialogue: 0,9:59:59.99,9:59:59.99,Default,,0000,0000,0000,,Next we go to Networks
Dialogue: 0,9:59:59.99,9:59:59.99,Default,,0000,0000,0000,,Tunnels
Dialogue: 0,9:59:59.99,9:59:59.99,Default,,0000,0000,0000,,And we add a tunnel
Dialogue: 0,9:59:59.99,9:59:59.99,Default,,0000,0000,0000,,We choose this one Cloudflared
Dialogue: 0,9:59:59.99,9:59:59.99,Default,,0000,0000,0000,,We name our Tunnel
Dialogue: 0,9:59:59.99,9:59:59.99,Default,,0000,0000,0000,,Homelab uh test
Dialogue: 0,9:59:59.99,9:59:59.99,Default,,0000,0000,0000,,Next it will ask you to choose your home environment
Dialogue: 0,9:59:59.99,9:59:59.99,Default,,0000,0000,0000,,In this case you just uh
Dialogue: 0,9:59:59.99,9:59:59.99,Default,,0000,0000,0000,,You just choose docker
Dialogue: 0,9:59:59.99,9:59:59.99,Default,,0000,0000,0000,,and then we just copy the comment
Dialogue: 0,9:59:59.99,9:59:59.99,Default,,0000,0000,0000,,because we just need the token
Dialogue: 0,9:59:59.99,9:59:59.99,Default,,0000,0000,0000,,we don't need to run anything docker
Dialogue: 0,9:59:59.99,9:59:59.99,Default,,0000,0000,0000,,Then we go back to TrueNAS
Dialogue: 0,9:59:59.99,9:59:59.99,Default,,0000,0000,0000,,and we install
Dialogue: 0,9:59:59.99,9:59:59.99,Default,,0000,0000,0000,,the cloudflared app
Dialogue: 0,9:59:59.99,9:59:59.99,Default,,0000,0000,0000,,This one
Dialogue: 0,9:59:59.99,9:59:59.99,Default,,0000,0000,0000,,and here we got
Dialogue: 0,9:59:59.99,9:59:59.99,Default,,0000,0000,0000,,best what we had
Dialogue: 0,9:59:59.99,9:59:59.99,Default,,0000,0000,0000,,and we just keep
Dialogue: 0,9:59:59.99,9:59:59.99,Default,,0000,0000,0000,,remove everything we just keep the token
Dialogue: 0,9:59:59.99,9:59:59.99,Default,,0000,0000,0000,,So anything before this goes
Dialogue: 0,9:59:59.99,9:59:59.99,Default,,0000,0000,0000,,That's it
Dialogue: 0,9:59:59.99,9:59:59.99,Default,,0000,0000,0000,,We don't need to setup anything else
Dialogue: 0,9:59:59.99,9:59:59.99,Default,,0000,0000,0000,,even storage, it's not necessary
Dialogue: 0,9:59:59.99,9:59:59.99,Default,,0000,0000,0000,,and we install
Dialogue: 0,9:59:59.99,9:59:59.99,Default,,0000,0000,0000,,okday now it's up and running
Dialogue: 0,9:59:59.99,9:59:59.99,Default,,0000,0000,0000,,let's go back to cloudflared profile
Dialogue: 0,9:59:59.99,9:59:59.99,Default,,0000,0000,0000,,now we need to wait until we get uh
Dialogue: 0,9:59:59.99,9:59:59.99,Default,,0000,0000,0000,,Something here in connectors
Dialogue: 0,9:59:59.99,9:59:59.99,Default,,0000,0000,0000,,It will automatically serve
Dialogue: 0,9:59:59.99,9:59:59.99,Default,,0000,0000,0000,,Alright here we go
Dialogue: 0,9:59:59.99,9:59:59.99,Default,,0000,0000,0000,,It's connected
Dialogue: 0,9:59:59.99,9:59:59.99,Default,,0000,0000,0000,,So now we can continue
Dialogue: 0,9:59:59.99,9:59:59.99,Default,,0000,0000,0000,,next
Dialogue: 0,9:59:59.99,9:59:59.99,Default,,0000,0000,0000,,Now we're ready to add our first service
Dialogue: 0,9:59:59.99,9:59:59.99,Default,,0000,0000,0000,,Let's start by adding TrueNAS itself
Dialogue: 0,9:59:59.99,9:59:59.99,Default,,0000,0000,0000,,So let's just copy the IP
Dialogue: 0,9:59:59.99,9:59:59.99,Default,,0000,0000,0000,,Then we choose the subdomain
Dialogue: 0,9:59:59.99,9:59:59.99,Default,,0000,0000,0000,,TrueNAS
Dialogue: 0,9:59:59.99,9:59:59.99,Default,,0000,0000,0000,,and choose the domain
Dialogue: 0,9:59:59.99,9:59:59.99,Default,,0000,0000,0000,,then we choose HTTP
Dialogue: 0,9:59:59.99,9:59:59.99,Default,,0000,0000,0000,,and then the IP
Dialogue: 0,9:59:59.99,9:59:59.99,Default,,0000,0000,0000,,There is nothing specific to add there
Dialogue: 0,9:59:59.99,9:59:59.99,Default,,0000,0000,0000,,That's save
Dialogue: 0,9:59:59.99,9:59:59.99,Default,,0000,0000,0000,,To test this I'm going to disconnect from the VPN
Dialogue: 0,9:59:59.99,9:59:59.99,Default,,0000,0000,0000,,Because i'm not at home I'm connected to my home VPN
Dialogue: 0,9:59:59.99,9:59:59.99,Default,,0000,0000,0000,,So i'm just going to deactivate it
Dialogue: 0,9:59:59.99,9:59:59.99,Default,,0000,0000,0000,,and try this
Dialogue: 0,9:59:59.99,9:59:59.99,Default,,0000,0000,0000,,To show that likely if I try to go to the same IP
Dialogue: 0,9:59:59.99,9:59:59.99,Default,,0000,0000,0000,,it
Dialogue: 0,9:59:59.99,9:59:59.99,Default,,0000,0000,0000,,s not going to work
Dialogue: 0,9:59:59.99,9:59:59.99,Default,,0000,0000,0000,,because I disconnected from the VPN
Dialogue: 0,9:59:59.99,9:59:59.99,Default,,0000,0000,0000,,and if I try
Dialogue: 0,9:59:59.99,9:59:59.99,Default,,0000,0000,0000,,a domain
Dialogue: 0,9:59:59.99,9:59:59.99,Default,,0000,0000,0000,,from the new domain
Dialogue: 0,9:59:59.99,9:59:59.99,Default,,0000,0000,0000,,it works
Dialogue: 0,9:59:59.99,9:59:59.99,Default,,0000,0000,0000,,so now
Dialogue: 0,9:59:59.99,9:59:59.99,Default,,0000,0000,0000,,TrueNAS is accessible
Dialogue: 0,9:59:59.99,9:59:59.99,Default,,0000,0000,0000,,from the outside
Dialogue: 0,9:59:59.99,9:59:59.99,Default,,0000,0000,0000,,But this is not recommended of course
Dialogue: 0,9:59:59.99,9:59:59.99,Default,,0000,0000,0000,,If you want to expose something
Dialogue: 0,9:59:59.99,9:59:59.99,Default,,0000,0000,0000,,just expose the apps individually
Dialogue: 0,9:59:59.99,9:59:59.99,Default,,0000,0000,0000,,don't expose the whole thing
Dialogue: 0,9:59:59.99,9:59:59.99,Default,,0000,0000,0000,,so
Dialogue: 0,9:59:59.99,9:59:59.99,Default,,0000,0000,0000,,So now I'm just going to delete it
Dialogue: 0,9:59:59.99,9:59:59.99,Default,,0000,0000,0000,,and then I'm gonna add something else
Dialogue: 0,9:59:59.99,9:59:59.99,Default,,0000,0000,0000,,Okay now I want to add another service
Dialogue: 0,9:59:59.99,9:59:59.99,Default,,0000,0000,0000,,Maybe, ProxMox