Hello selfhosters. I have a Linux VM spun up on my server that I access via Remmina. Would it be ok for me to expose Remmina for external access? It would be behind a reverse proxy as well as Authelia 2FA of course. Is that secure “enough”, just for a VM?
Thanks for sharing. I recall hearing about this before. After reading this thread I’ve been trying to vend some of my selfhosted apps over yggdrasil. The documentation is difficult to find. A good tutorial would be really useful. Here are my two biggest stumbling blocks headaches:
ipv6 headache: I had to update my server host binding from 0.0.0.0 to :: (from ipv4 to ipv6). Apparently ipv4 still works but now ipv6 also works. This was the biggest blocker for me gaining access to my apps over yggdrasil using ipv6.
yggdrasil.conf headache: ipv6 syntax issues (apparently I need to learn me some ipv6 stuff) You need to put ipv6 ip addresses in brackets. This is an excerpt from my Listen attribute in my yggdrasil.conf file.
<pre style="background-color:#ffffff;">
<span style="color:#323232;"> # Listen addresses for incoming connections. You will need to add
</span><span style="color:#323232;"> # listeners in order to accept incoming peerings from non-local nodes.
</span><span style="color:#323232;"> # Multicast peer discovery will work regardless of any listeners set
</span><span style="color:#323232;"> # here. Each listener should be specified in URI format as above, e.g.
</span><span style="color:#323232;"> # tls://0.0.0.0:0 or tls://[::]:0 to listen on all interfaces.
</span><span style="color:#323232;">Listen: [
</span><span style="color:#323232;"> tls://[::]:8000
</span><span style="color:#323232;"> tls://[::]:8080
</span><span style="color:#323232;">]
</span>
I also downloaded an yggdrasil vpn app for Android and was able to access both apps with Android after adding a peer connection in the settings. Later, I added my Android public key to the AllowedPublicKeys to lock down my apps to be only accessible to my client.
Access Remmina Remotely
Hello selfhosters. I have a Linux VM spun up on my server that I access via Remmina. Would it be ok for me to expose Remmina for external access? It would be behind a reverse proxy as well as Authelia 2FA of course. Is that secure “enough”, just for a VM?
Yggdrasil as a VPN alternative (yggdrasil-network.github.io)
I’ve been accessing my servers over Yggdrasil for the last few years and I never see it mentioned in self hosting communities, so here you go !...