home server alternatives

Daniel Vinci me at danielvinci.com
Wed Apr 15 02:56:11 UTC 2026 

You don't need to with this setup. There are two machines involved, a frontend, and a backend. The frontend is the only thing that needs a "clear" internet connection. This can be a cheap VPS. You then connect to that VPS from the "backend" box that just needs *some* internet connection - even just over WiFi or whatever. The frontend forwards packets to the backend. 

On Tue, Apr 14, 2026, at 8:51 PM, Steve Wolf wrote:
> Assume I'm not going to have any access to the internet hardware, which is why I need some other location to host whatever I migrate my server to.  I'm starting to investigate a virtual private server (VPS) at https://www.bluehost.com/ for example.
> 
> Regards,
> Steve
> 
> On Tue, Apr 14, 2026 at 9:36 PM Daniel Vinci <me at danielvinci.com> wrote:
>> __
>> I thought you meant as a Matrix homeserver, and I got excited. Anyway. 
>> 
>> I'm behind two CGNAT connections. I have a cheapo cloud VPS that has the sole purpose of running FreeBSD and pf rdr'ing most ports to an internal server connected over WireGuard. Make sure said VPS is close to you topographically or things will get slow because TCP congestion algorithms don't really know how to handle a hop having a stupid high RTR. Yes, I have tried all the tunables and algorithms. rdr doesn't do NAT or anything, so you need some funky configuration to make sure packets leave through the WireGuard tunnel as well. 
>> 
>> root at newcaddy:~ # cat /etc/wireguard/wg0.conf
>> [Interface]
>> PrivateKey = strictly verboten
>> 
>> [Peer]
>> PublicKey = wHhPCBIh4NysNsM+AP84/dq2Wa/53B3NU2KgPlk5OWM=
>> Endpoint = 74.91.124.64:5280
>> AllowedIPs = 0.0.0.0/0
>> PersistentKeepalive = 25
>> root at newcaddy:~ # cat /etc/start_if.wg0
>> #!/bin/sh
>> /usr/bin/wg setconf wg0 /etc/wireguard/wg0.conf
>> root at newcaddy:~ # cat /etc/rc.conf
>> hostname="newcaddy"
>> firstboot_freebsd_update_enable=YES
>> growfs_enable=YES
>> sshd_enable=YES
>> nuageinit_enable=YES
>> dumpdev="AUTO"
>> # RSA host keys are obsolete and also very slow to generate
>> sshd_rsa_enable="NO"
>> cloned_interfaces="wg0 wg1"
>> ifconfig_wg0="inet 10.0.0.3/24 mtu 1420 up"
>> gateway_enable="NO"
>> firewall_enable="YES"
>> firewall_type="/usr/local/etc/ipfw/rules.conf"
>> route_wg_fib1="-fib 1 default -iface wg0"
>> caddy_enable="NO"
>> ifconfig_vtnet0="inet 172.17.31.1 netmask 255.255.0.0"
>> defaultrouter="172.17.0.1"
>> tailscaled_enable="YES"
>> nginx_enable="YES"
>> ifconfig_wg1="inet 10.1.0.1/24 mtu 1420 up"
>> static_routes="wg_fib1"
>> root at newcaddy:~ # cat /usr/local/etc/ipfw/rules.conf  
>> add 100 setfib 1 ip from 10.0.0.3 to not 10.0.0.0/24 out
>> add 65534 allow ip from any to any
>> 
>> The "frontend" box just rdrs everything using pf, as mentioned.
>> 
>> On Tue, Apr 14, 2026, at 7:26 PM, Steve Wolf wrote:
>>> I have a server running RedHat with two domain names and a static IP.  It's hosting a couple of WordPress sites, light mail, and family photo albums.
>>> 
>>> Eventually we might move to an independent living community that provides its own internet, and static IP won't be possible.  I figure my options at that point are colocation, dedicated (leased) server, shared server, and cloud server.  Colocation is probably off the table for cost reasons.
>>> 
>>> What are the advantages/disadvantages of the other options?  Which has the most bang for the buck?  Are there other options  I haven't thought of?  Who are the best providers?
>>> 
>>> Optimally, I'd like a solution that gives me most of what I currently have: root access, multiple domain support, email support, MariaDB support...
>>> 
>>> Regards,
>>> Steve
>> 
>> Daniel Vinci
>> em: me at danielvinci.com
>> mx: @xylobol:amber.tel
>> 

Daniel Vinci
em: me at danielvinci.com
mx: @xylobol:amber.tel
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.nclug.org/pipermail/nclug/attachments/20260414/280cbdac/attachment-0001.htm>

More information about the NCLUG mailing list