-
Not Synced
Hi everyone, welcome back
-
Not Synced
So today we're going to try something a little bit different
-
Not Synced
We're gonna start a new video series
-
Not Synced
about all the different ways to expose or access our homelab
-
Not Synced
from the internet
-
Not Synced
The reason is mainly because there's tons of options out there.
-
Not Synced
and i feel like it's not talked enough about on YouTube
-
Not Synced
Especially the security part
-
Not Synced
which is most important
-
Not Synced
almost everyone just assumes it's secure which isn't always the case
-
Not Synced
so make sure to hit the like button
-
Not Synced
subscribe
-
Not Synced
and let's get started
-
Not Synced
okay so how to do it
-
Not Synced
to expose our homelab there are five main ways
-
Not Synced
1. Secure Tunnels like Cloudflare
-
Not Synced
2. Reverse proxies like Nginx
-
Not Synced
3. Traditional VPNs like Wireguard or OpenVPN
-
Not Synced
4. Mesh VPNs like ZeroTrust and Tailscale
-
Not Synced
and lastly the old classic port forwarding or NAT
-
Not Synced
So let's break down each one of them quickly to understand the differences
-
Not Synced
first secure tunnels like Cloudflare
-
Not Synced
This is often defined as secure tunnels to access your app without exposing your IP address
-
Not Synced
making remote access easy
-
Not Synced
it's also fairly easy to setup
-
Not Synced
however, by default it's not secured enough
-
Not Synced
and solely reling on your app security
-
Not Synced
but this can be improved
-
Not Synced
we'll cover this later in another video
-
Not Synced
next reverse proxies
-
Not Synced
like nginx
-
Not Synced
it's a server that sits in the middle and forward requests to your homelab
-
Not Synced
helping you manage multiple services under one domain
-
Not Synced
while adding another layer of protection
-
Not Synced
you will have more control over your services
-
Not Synced
and how to manage them
-
Not Synced
however, it exposes your IP and you must open a port on your router to access it
-
Not Synced
next, traditional VPNs like Wireguard or OpenVPN
-
Not Synced
it created an encrypted tunnel between your device and
-
Not Synced
your home lab
-
Not Synced
making it feel like you are on the same local network
-
Not Synced
it's good for privacy and security
-
Not Synced
but only useful when you are the only user because
-
Not Synced
it's impossible to share access without sharing your private key
-
Not Synced
to other users
-
Not Synced
next, mesh VPNs
-
Not Synced
like ZeroTier or Tailscale
-
Not Synced
this is similar to normal VPns except it connects devices between each other
-
Not Synced
instead of connecting them to a central server
-
Not Synced
it has more control over normal VPNs in the way that you can choose which devices to share
-
Not Synced
but you must manually join the network
-
Not Synced
each time for each devices you want to give access to
-
Not Synced
finally NAT this is a classic way of opening specific ports on your router
-
Not Synced
to expose your homelab
-
Not Synced
it's simplicity also carries high security risk if you rely on it alone.
-
Not Synced
keep in mind NAT often gets used with other
-
Not Synced
methods like previously showed
-
Not Synced
but going purely [on it's own] port forwarding is a no-go for security setups
-
Not Synced
Now, you may be wondering,
-
Not Synced
What's the most secure setup?
-
Not Synced
to expose your home lab?
-
Not Synced
Actually,
Captions Requested
