I host a Yunohost server at home and don’t have a FQDN but use a Yunohost subdomain.
So far I’ve shared Yunohost resources mostly with family and now would like to share with other people without disclosing my public IP.
Can I use a free VPN service to hide my home hosted server IP?
It’s using their service “in reverse” not hiding source address of someone’s browser but instead exposing an IP the DNS would announce and people would connect to. Would that work? Are they any free providers for this kind of service?
I’ve see ProtonVPN offer free VPN but don’t know if they provide public IP that will fit the need.
If that’s possible what configuration is required? I guess Yunohost must be told to not announce it’s public IP but tunnel’s end one. And it must run a service to connect to the VPN server.
If that’s not going to work what other solution can you recommend?
As an alternative I’ve been thinking of using a virtual private server running only the VPN service (OpenVPN?), exposing and announcing its public IP and that my Yunohost server will connect to through the tunnel.
BTW I’m pretty happy with running my server at home and don’t consider running it in the cloud.
I’ve read VPN Providers in Documentation but it doesn’t show any free service. If free service doesn’t exist I would prefer to pay for a VPS that I could use for other stuff too like hosting another Yunohost server for public resources.
And lastly are there apps that I should avoid because they will disclose my true IP address anyway? I think of apps like IRC that are known to show at least client’s real IP.
I’m a very a happy user of Yunohost for many years but just create an account. You - Yunohost’s Team and community - are doing a great work.
N’hésitez pas à répondre en Français si c’est plus facile pour vous.
Thanks for your answer.
The first link seems to set up a VPN server for clients to connect to, but the second one seems exactly my alternative solution except using Wireguard instead of OpenVPN.
I will look a this solution in details and probably adapt it to OpenVPN that uses the well-known OpenSSL. Cryptography is hard and even if WireGuard is very popular it probably hasn’t as many code reviews as OpenSSL does.
The second link also provide a link to cheap VPS at Ionos. This would be an opportunity to get my own domain also ; probably in two steps!
A little late here but getting one of the VPN’s off VPN providers | Yunohost Documentation worked for me. It’s about the same price as a VPS but you use the openvpnclient app in yunohost and everything just works.
Cool! I remember checking some of them out many years ago, and then it was not possible to use if you where living outside Belgium or France.
Any info on what speed you can expect?
It’s never too late (1) and your answer is welcome.
As I understand I only have to check that VPN Client is supported and it should work with almost any of VPN providers on the list (as of today 3 don’t support OpenVPN). Most seem to even support an easy configuration with help of a “.cube” file.
(1) With the new policy of closing thread after 2 weeks your answer would not have been possible. Thanks a lot.
Hi @tomas, I’ve not yet decided whether to go for this option. I’ve another service to host that’s not packaged by Yunohost so I may have to install a plain server anyway. Creating a Yunohost package by myself seems too big a leap.
But @tane’s answer is still valuable
I haven’t speed tested but from memory they said 10mb either way. I have never noticed any problems with speed outside the LAN and inside any traffic routes internally.
Setting up a VPS for the VPN sounds like a solid plan. You’ll have more control and can tweak things to fit your setup just right. Plus, you can use it for other cool stuff too, like hosting another Yunohost server for public use.As for apps, steer clear of anything that’s notorious for leaking IPs, like old-school IRC clients. Stick to trusted ones with solid privacy features.Oh, and speaking of solutions, I recently stumbled upon this Proxy service provider that might be worth checking out. Could be another ace up your sleeve for keeping things secure and private.
Hi Mike
Thanks for mentioning IRC, well known for leaking even client’s IP addresses.
To fulfill my need I’ve set up a VPS (plain Debian, not YunoHost) with the service I needed. I will probably reuse it later to set up a VPN, but I’m quiet busy at the moment.