[-] cap10canuck@alien.top 1 points 1 year ago

Thanks - will look into this.

[-] cap10canuck@alien.top 1 points 1 year ago

That is almost exactly what I would like to do, but with Plex/Overseerr. I am curious, do you run any type of intrusion detection s/w, or have you set up fail2ban?

[-] cap10canuck@alien.top 1 points 1 year ago

Yes, the CNAME record via Cloudflare does not leave a lot to the imagination as to what app it is pointing to, but I have not opened port 80 or 443 on my firewall, so the firewall is bouncing any probes.

6

...and even wondering if I really need to. I am often guilty of making that "one tweak too many", breaking a nice, working system in the process!

I have everything set up according to the best walk-throughs I can find. Have dockerized containers for Nginx Proxy Manager, Authentik and a ton of the standard *arr apps and tools (using OMV as a NAS). Have my own domain name, hosted on Cloudflare, with CNAMES set up, proxied through Cloudflare, pointing back to my main record. I can do full domain name resolution inside my home network, with working HTTPS connections to all my app web GUIs. I also have the ability to private VPN into my home network, using Wireguard, OpenVPN or IPsec.

I would probably be happy to continue to use my VPN connection to the home network when I am remote, BUT... I really would like to give Overseerr access to a couple of remote family members that have access to my Plex library (populated by Sonarr/Radarr). My finger often hovers over the Port Forwarding option on the router, but I ultimately chicken out. Am I being paranoid?? Should I just educate my family members on how to connect to my network via VPN? Anyone else made this choice? Looking for success (and maybe horror) stories before I potentially proceed.

cap10canuck

joined 1 year ago