Hello, I’m looking for a tool that would allow me to access my self-hosted services securely from anywhere without publishing them to the internet, ideally I would like to add other users with whom I would share these services.
I know Tailscale does this, and you can basically use your free trial forever, but I’m looking for something that I can self-host, searching the internet didn’t yeild any results that are useful basically all of the results are SaaS. I would appreciate it if someone would share a tool they know if any exists.
Wireguard or OpenVPN
Wireguard. I run it as a plug in on opnsense, but can be separate.
Headscale allows you to setup and manage the control server for tailscale. Just one option. Could also look at Zerotrust options like openziti.
Your firewall should have a VPN. You will want to ask in r/homelab as they would have much better options that are at a small scale.
My firewall is my VPN server.
Wireguard. That’s basically what Tailscale is, without the often confusing configuration. I have that with OpenVPN as a backup.
You can selfhost the Tailscale Control Server: https://headscale.net/
Also i would recommend asking this question in r/selfhosted or browse their wiki.
Netbird if you want oidc auth
Nebula by Slack ist often overlooked:
https://github.com/slackhq/nebula
Doesnt have all the bells&whistles but works great. Easliy selfhostable.
Cloudflare zero trust tunnel
I’ve been using NeoRouter for a couple years now.
The server portion is hosted on your own machine and it has a client that is either installable or portable depending on your needs. You can sign up for an account that will allow you to use a “network name” instead of an IP address but I don’t think you have to.
I have it on all my machines and my phone.
It’s far from perfect but if you have ubiquity you can easily VPN in.
Pretty much all VPNs are free open source: Wireguard, OpenVPN, StrongSwan.
TwinGate is the real answer here. Faster and more secure than VPN. Faster because it uses TLS 1.3 vs traditional VPN packet encapsulation that takes a hit on bandwidth. More secure because you can grant granular access to the assets in your home network. The trial says for “X” amount of time, but it’s actually perpetual. All you need is a small Linux container inside your network to connect remotely. I’ve used it for a couple years now. Twingate: It’s time to ditch your VPN
Yeah OpenVPN is great. You’ll need to research setting up your own server for it.
Wireguard is easier and better imo. I set it up on my OpenWRT router and I’m using it now from Europe to access my Canadian streaming services that NordVPN couldn’t.
Tailscale and dont look back