whatever it is you’re trying to do, be careful that your pi-hole DNS on port 53 is not exposed to the internet. otherwise your server will be abused for DDOS amplification attacks.
this post was submitted on 23 Mar 2025
26 points (90.6% liked)
Selfhosted
45231 readers
1220 users here now
A place to share alternatives to popular online services that can be self-hosted without giving up privacy or locking you into a service you don't control.
Rules:
-
Be civil: we're here to support and learn from one another. Insults won't be tolerated. Flame wars are frowned upon.
-
No spam posting.
-
Posts have to be centered around self-hosting. There are other communities for discussing hardware or home computing. If it's not obvious why your post topic revolves around selfhosting, please include details to make it clear.
-
Don't duplicate the full text of your blog or github here. Just post the link for folks to click.
-
Submission headline should match the article title (don’t cherry-pick information from the title to fit your agenda).
-
No trolling.
Resources:
- selfh.st Newsletter and index of selfhosted software and apps
- awesome-selfhosted software
- awesome-sysadmin resources
- Self-Hosted Podcast from Jupiter Broadcasting
Any issues on the community? Report it using the report flag.
Questions? DM the mods!
founded 2 years ago
MODERATORS
What actual problem are you attempting to solve?
If you want pihole blocking away from your LAN, set the DNS for the device to adguard and be done with it.
If you're trying to do something else, give us some context.
In general, this is of course 100% based on speculation, but I assume that you can connect to a VPN but you cannot access any resource inside the local network. Just because this is the most basic mistake that beginners usually make. And it's related to the fact that your pi is not your default gateway. To solve this, you need to enable SNAT on the local Pi interface. There are many guides on the Internet on how to do this.
P.S. Unfortunately, I have a poor telepathy skill, so it would be good to get a little more background. At least an accurate description of the problem. =)
I'm hesitant to promote vc-funded software, but Tailscale would probably the simplest setup for VPN.
This is the first I've heard of Tailscale=/=infallible. As a long-time user, should I switch to a different setup?
Stick with it for now, just be aware they need to make money at some point.
Fair enough
Try to keep track of how much work you invest because it may be time-expensive to switch later on if you built a lot of stuff on their infra. Which is not the end of the world.
I have remote users, and I'm hosting several services through it. It wouldn't be pretty, but we'd survive
Hard to say, unless you give us more on why and where you failed!
You don't absolutely need a domain for that stuff to work, what problem are you trying to solve?