https://wiki.gardiol.org/ 2026-04-27T13:25:45+00:00 https://wiki.gardiol.org/ https://wiki.gardiol.org/lib/exe/fetch.php?media=wiki:dokuwiki.svg text/html 2025-03-13T14:22:27+00:00 Anonymous (anonymous@undisclosed.example.com) https://wiki.gardiol.org/doku.php?id=networking:domain-sertup&rev=1741875747&do=diff I) Domain setup Owning a public domain is a must-have for a proper self-hoster. Buying one is cheap and you can really come up with some nice and creative names. You could even go for a random generated string or number, if you prefer. You must have text/html 2025-03-13T15:00:41+00:00 Anonymous (anonymous@undisclosed.example.com) https://wiki.gardiol.org/doku.php?id=networking:external_access&rev=1741878041&do=diff J) Remote Access to your Home Server Accessing your home server from outside can be tricky. Please note that i am referring to accessing your home server from outside, not your home network. There is a big difference! You want to access the services text/html 2025-03-13T14:46:14+00:00 Anonymous (anonymous@undisclosed.example.com) https://wiki.gardiol.org/doku.php?id=networking:networking&rev=1741877174&do=diff E) Network Layout For a general IP networking understandings this could be a good starting point. You should be familiar with basic subnetting and routing to understand the following content. Let's start with the high level organization, you have two macro areas to consider: text/html 2025-03-13T14:46:32+00:00 Anonymous (anonymous@undisclosed.example.com) https://wiki.gardiol.org/doku.php?id=networking:openwrt&rev=1741877192&do=diff C) OpenWRT OpenWRT is an aftermarket firmware for consumer routers. It's open source and very powerful. The OpenWrt Project is a Linux operating system targeting embedded devices. Instead of trying to create a single, static firmware, OpenWrt provides a fully writable filesystem with package management. This frees you from the application selection and configuration provided by the vendor and allows you to customize the device through the use of packages to suit any application. For develope… text/html 2025-03-13T14:16:31+00:00 Anonymous (anonymous@undisclosed.example.com) https://wiki.gardiol.org/doku.php?id=networking:opnsense_dmz&rev=1741875391&do=diff H) The DMZ with opnSense A DMZ, short for DeMilitarizedZone, is a special network which is used to separate your home network from the network which host your externally accessible services. Since i am using direct SSH tunnels to connect the home server to the external server, the DMZ is not really needed in my case. text/html 2025-03-13T14:16:19+00:00 Anonymous (anonymous@undisclosed.example.com) https://wiki.gardiol.org/doku.php?id=networking:opnsense_multiwan&rev=1741875379&do=diff G) Multi-WAN with opnSense opnSense make it pretty easy to support and manage multiple Internet Service Providers (ISP), also called multi-wan. The basic idea is that you have two (or more...) upstream connections to the internet, via different providers. Each one is connected to your opnSense using a specific dedicated interface, ethernet or USB/Ethernet. text/html 2025-03-13T14:16:08+00:00 Anonymous (anonymous@undisclosed.example.com) https://wiki.gardiol.org/doku.php?id=networking:opnsense_using&rev=1741875368&do=diff F) Using opnSense opnSense is the “Free & Open source - Everything essential to protect your network and more”. In other words, opnSense is going to be: * Your router * Your firewall * Your DNS resolver and filter and much more! You will stick the opnSense between your internet links and your home network(s) and it will let you manage it all with very powerfull tools and web based text/html 2025-03-13T14:54:04+00:00 Anonymous (anonymous@undisclosed.example.com) https://wiki.gardiol.org/doku.php?id=networking:proxy_chain&rev=1741877644&do=diff M) Chaining proxies This approach consist in having a reverse proxy on your external server that collects and reidrect requests to your home server reverse proxy. This is very effective, because it brings to the setup the following advantages: * text/html 2025-03-13T14:23:42+00:00 Anonymous (anonymous@undisclosed.example.com) https://wiki.gardiol.org/doku.php?id=networking:ssh_tunnel&rev=1741875822&do=diff L) Remote Access via SSH tunneling You will create a specific user, called tunnel both on the local and the remote servers and allow the local user tunnel to login via private/public key exchange to the remote servers. This is always possible because the remote server is, by definition of internet, accessible from the home server. text/html 2025-03-13T14:12:14+00:00 Anonymous (anonymous@undisclosed.example.com) https://wiki.gardiol.org/doku.php?id=networking:start&rev=1741875134&do=diff 6] Networking Networking Networking is the concept of connection two or more computers together so that they can exchange data trough some kind of transport medium. The ISO/OSI model describe networking as a stack of protocols which spans from the physical level to the most abstract high-level logical layer. At the physical level for home usage we usually refer to wired ethernet or wireless WiFi protocols, while at network level we usually refer to IP (either v4 or v6). text/html 2025-03-13T14:47:33+00:00 Anonymous (anonymous@undisclosed.example.com) https://wiki.gardiol.org/doku.php?id=networking:wifiplanning&rev=1741877253&do=diff B) WiFi planning So you have wired your home with ethernet cables as described here, but of course you want to add a WiFi infrastructure for your mobile devices, smart devices and IoT stuff. Welcome to WiFi hell. Yes, there is a reason why there is a big market for extravagant WiFi solutions, advanced (and very expensive) WiFi Access Points / Routers / Repeaters, mesh stuff and buzzwords. text/html 2025-03-13T14:14:56+00:00 Anonymous (anonymous@undisclosed.example.com) https://wiki.gardiol.org/doku.php?id=networking:wifisetup&rev=1741875296&do=diff D) WiFi Setup I assume you have OpenWRT on all your WiFi Access Points (see here) for the following configurations and suggestions. If you are not going the OpenWRT route, keep reading and try to adapt as much as possible to your devices. SSID Creation text/html 2025-03-13T14:14:06+00:00 Anonymous (anonymous@undisclosed.example.com) https://wiki.gardiol.org/doku.php?id=networking:wirednetwork&rev=1741875246&do=diff A) Home Infrastructure Your home should be wired with an ethernet backbone. I know that today's fun lies with WiFi, but the reality is that WiFi can be spotty and bandwitdh is never that great. If you have a multi-level home, or just thick stone / bricks walls, or even worse, concrete walls (with metal rebars inside text/html 2025-03-13T15:01:11+00:00 Anonymous (anonymous@undisclosed.example.com) https://wiki.gardiol.org/doku.php?id=networking:wireguard_redirects&rev=1741878071&do=diff K) WireGuard Port Forwarding I am assuming that you have already setup WireGuard both on the internal and on the external server. See this page for more details on the topic. Using WireGuard for port-forwarding between an external, public accessible host, and an internal non-accessible host (like behind a CGNAT) is a less known topic and i will cover it here.