Cloudflare tunnel
TL;DR: use cloudflare tunnel to deploy your web server at home
What I tried before
I have long tried to securely deploy my own web server in my home network which is hard to do right.
Just some examples of what can go wrong:
- opening ingress ports in your router opens up all kinds of attack vectors to hackers
- requires dyndns setup so that your domain can be found when IP address changes over night
- requires let’s encrypt setup so that users of your web-site can use https
The following was required but is still needed with my new solution - but the attack vectors were drastically reduced
- requires hardening your webserver (nginx)
- requires hardening your firewall
- requires constant updates of operating system and web infrastructure
What I do now
- use cloudflare tunnel - here is a nice description of the setup: Exposing a web service with Cloudflare Tunnel
- cloudflare has a free plan that should be fine for most private web servers https://www.cloudflare.com/de-de/products/tunnel/
- have closed all ingress ports in my router
- sleep better :-)