So I have a TrueNAS server set up at home, and it would be cool to have access to it at all times. I currently have Syncthing set up to access and back up my most essential files on my phone and laptop, but it would be nice to be able to access all the … legally obtained files I have stored there wherever I go. I looked into Nextcloud, but that requires paying for a domain. So are there any other options for this?

  • StrawberryPigtails@lemmy.sdf.org
    link
    fedilink
    arrow-up
    15
    ·
    11 months ago

    You might try Tailscale or Wire Guard. Either can be used to create a mesh VPN that can include any device you want. Connect your devices to the VPN then you just access it like it is on your local network. Of the two I use Tailscale. Dead simple to setup on pretty much any device.

    I looked into Nextcloud, but that requires paying for a domain

    Depending on what installation method you choose to go with, you don’t need a domain. It’s just very much helpful to have one. Especially if you decide to have it public facing. Plus domains are cheap. A bigger issue for us self hosters is dealing with dynamic IPs. Most of the time you can buy a static IP from your ISP, but if that is not an option, most domain providers provide a way to deal with variable IP addresses.

    And yes, Tailscale does ignore dynamic IP addresses. I think Wire Guard does as well as Tailscale is built on Wire Guard.

      • Avid Amoeba@lemmy.ca
        link
        fedilink
        arrow-up
        4
        ·
        11 months ago

        Adding to this, Tailscale’s clients are open source and there’s a community-developed open source control server component called Headscale that can replace the Tailscale’s central server if and when needed. I tested it recently and it seemed to work fine.

    • ebits21@lemmy.ca
      link
      fedilink
      English
      arrow-up
      2
      ·
      11 months ago

      I’d also suggest Tailscale, it’s how I access my Synology away from home.

      I’ve setup wireguard before but… Tailscale is so damn easy. And no need to open ports!

  • 2xsaiko@discuss.tchncs.de
    link
    fedilink
    arrow-up
    14
    ·
    11 months ago

    but that requires paying for a domain

    You say that as if (normal) domains are expensive. You’re gonna be paying a lot more for electricity for your NAS than a domain. If you don’t need anything recognizable which you just want to use for yourself, you can even get a 1.111B class domain (000000.xyz - 999999999.xyz) which are just $1 per year. It’s a much better option than a dyndns service because you can actually do whatever you need to with the domain.

  • Falcon@lemmy.world
    link
    fedilink
    arrow-up
    5
    ·
    11 months ago

    Yes it’s easy, install WireGuard in a container, port forward to it and copy the profile to your other devices.

    When you connect to the WireGuard network on the second device, you’ll have access to your internal network and hence your nas.

    I also use a reverse proxy so I can remember computer names rather than ip.

  • 12510198
    link
    fedilink
    English
    arrow-up
    5
    ·
    11 months ago

    I use SSH with port fowarding to securely access my services running on my server to anywhere I have internet. Its easy to setup, just expose any device running a ssh server like openssh to the internet, probably on a port that isnt 22, and with key only authentication.

    Then on whatever device you want to get your services on you can do like

    ssh -p 8022 -L 8010:192.168.75.111:80 user@serverspublicip
    

    Where 8022 is the port of the ssh server exposed to the internet (default is 22), 8010 is the port its gonna bind to on the device you are using the client (it will bind to 127.0.0.1 by default), 192.168.75.111:80 is the address/hostname and the port of where your services are on your local network, and user@serverspublicip is your username and the ip address of where your ssh server is.

    You can also use ssh to make a SOCKS proxy in your network like this

    ssh -g -D 1080 user@serverspublicip
    

    This will make a socks proxy into your network on your device at 127.0.0.1:1080. All of this can also be done on just about any mobile phone running android by using termux.

  • rambos@lemm.ee
    link
    fedilink
    arrow-up
    2
    ·
    11 months ago

    I use Wireguard VPN with DuckDNS. No need to buy a domain, I just made a name for local use like nextcloud.rudee.com. Even though domains are not expensive (can be 10-20$ a year, but there are also free otions like rudeenextcloud.duckdns.org). You might need reversy proxy like Nginx Proxy Manager unless you want to type IP:PORT

  • Stantana@lemmy.sambands.net
    link
    fedilink
    arrow-up
    2
    ·
    11 months ago

    Domains can be free and several of them works flawlessly with DDNS for home hosting. You can set up a completely free Nextcloud. Self-signed certs and direct IP access works as well.

    Somebody else mentioned setting up a VPN to your home LAN, that works fine too.

  • lemmyvore@feddit.nl
    link
    fedilink
    English
    arrow-up
    1
    ·
    11 months ago

    If you have a public IP and can forward ports, exposing SSH (with key-based login) is quite safe. You can browse the server storage and copy files to/from your phone.

    If you can’t open ports you will need something that punches out of NAT and intermediates a connection to your phone. Simplest way is to use a service like Tailscale, you install and start it on both the server and your phone and they will see each other from wherever they are.

  • gerdesj@lemmy.ml
    link
    fedilink
    English
    arrow-up
    1
    ·
    11 months ago

    Nextcloud is simply software that runs on something. You might use DNS to find the something that your Nextcloud runs on … or not. A domain can cost as little as say £10/year (no details given - loose costing provided!) but you say you don’t want one.

    You could do some weird stuff involving something like this: Your clients update a database on the server with their current IP address(es) and the server reciprocates in kind regularly.

    For an internets conversation, both sides need to know IP address, protocol, and optionally port; for both ends. For example, a webby conversation might involve:

    My end: 192.168.100.20/24, tcp port 2399 -> NAT -> 33.22.4.66, tcp port 2245 Remote web server: 99.22.33.44/37, tcp port 443

    Now, provided both sides are warned off about changes to addresses and port numbers on a regular basis, then comms will still work.

    Say, your home external IP address changes, then your browser writes that new address to the remote server and comms continue. Provided one end knows all the details of the other end at any point in time and can communicate local changes then we are good.

    000000000000000000000000000000000000000000000000000000000000000000

    Maybe not. Lookup: Dynamic DNS.