view the rest of the comments
Selfhosted
A place to share alternatives to popular online services that can be self-hosted without giving up privacy or locking you into a service you don't control.
Rules:
-
Be civil: we're here to support and learn from one another. Insults won't be tolerated. Flame wars are frowned upon.
-
No spam posting.
-
Posts have to be centered around self-hosting. There are other communities for discussing hardware or home computing. If it's not obvious why your post topic revolves around selfhosting, please include details to make it clear.
-
Don't duplicate the full text of your blog or github here. Just post the link for folks to click.
-
Submission headline should match the article title (don’t cherry-pick information from the title to fit your agenda).
-
No trolling.
Resources:
- selfh.st Newsletter and index of selfhosted software and apps
- awesome-selfhosted software
- awesome-sysadmin resources
- Self-Hosted Podcast from Jupiter Broadcasting
Any issues on the community? Report it using the report flag.
Questions? DM the mods!
Make sure the
Allowed-IPs
is as small a subnet as possible. Your device will only route traffic over your VPN that has a destination IP in that subnet.That way you're only tunneling the traffic that needs to go over it. Everything else will go out the normal route.
Having your device package up and encrypt every packet takes some overhead and will inherently lower your bandwidth throughput, so it's worth minimizing the number of packets that have to go through that process.
On the client? It's a great suggestion honestly. I did not noticed that the Wireguard app let me setting which specific app should have the connection routed throw the VPN. This could be a solution to limit the performance loss only for self-hosted content
Here's an example of what I use across multiple networks, with roaming and static devices. They all use a common
/24
subnet (that doesn't overlap with any of the common LAN subnets), and each gets it's one/32
address in that subnet. That way each one accepts traffic from any other WG clients in the same subnet as local traffic to the host device. Essentially each PC, server, or phone thinks it's on the same local network as every other WG client.WireGuard is **WAY ** faster than any other VPN I've tested, and much more flexible. But at the cost of a little extra setup.