I want to set up a lemmy instance as a subreddit alternative for a community I moderate. I would be running the instance on a local machine in my home so I really want to make sure that it can’t be traced to my physical location.
I already subscribe to ExpressVPN for general use, can I just install it on the local machine, press connect, and boom be anonymous? What impact would this have on users?
For all my self hosted stuff I use nginx proxy manager behind a cloudflare tunnel. The tunnel connects to a container on the machine which sends everything to the reverse proxy. no need for vpn or port forwarding
This is the only correct answer, the other responses about only showing local ip, and hosting something that goes through a VPN are either wrong or don’t result in a working configuration. A domain must resolve to an IP so connecting out via a VPN just won’t work. Proxying your connection through cloudflare using cloudflareD tunnels is the answer. Users will only see the ip of cloudflare.
Most people use cloudflares free proxy service and a fully qualified domain name that they own.
You could also set up a virtual private server on a host provider like linode or digital ocean and install a point to point vpn as your egress/ingress point.
You can get a couple of free VPSs with Oracle no credit card required as well. I’ve heard some people say theirs were shut down and I read somewhere that they may do if usage falls below a certain amount - I guess cause they’re considered dormant. I’ve never had a problem.
I don’t think that’ll work, they likely don’t allow inbound connections to their VPN endpoints.
There are a couple options:
- Use Cloudflare Tunnels (Free)
- Use a small VPS from a company like DigitalOcean to run a site-to-site WireGuard VPN + reverse proxy
- Use a small/medium VPS from a company like DigitalOcean to host your Lemmy instance
Note: I haven’t done a review of the traffic to confirm if option one or two will leak your IP (it shouldn’t, that’s generally a problem with WebRTC), but it is a potential concern. I do use option 1 currently. Note that tunnels are limited to 100mb file uploads, but iirc there is a bug in Lemmy that effectively limits uploads to 20mb.