Is there a good way to self host a federated service at home without port forwarding? Is it possible to use cloudflare tunnels or tailscale funnel and still connect to the federation?
https://lemmyonline.com/ is an instance hosted at my house, without port-forwarding, using cloudflare.
Just make sure you have a valid domain, and valid TLS. TLS is required for federation.
I’m using lemmy with my cloudflare tunneled instance right now, no issues at all :)
Your username is amazing btw
Like others have said, definitely you can CloudFlare tunnel. I set mine up a few days ago and it’s great and pretty easy too!
In the spirit of self-hosting I am self-hosting a tool that does what you are asking for. I run frp on a cloud provider. My homelab makes an outgoing connectionusing the frp client to the frp server(s), which use that connection to forward port 443 (and any other ports I specify in the client config) into my lab. You could even terminate SSL in the cloud running nginx/Traefik/etc there, though I have chosen not to.
Slightly unrelated: is having your own instance and then federarating, just like people do with Mastodon, also equally valuable with Lemmy?
It’s what I moved too. Allows me to be in control of my account and be less subject to aggresive moderation. I can still participate I. Aggressively moderated communities but may not be cut off as easily if they decide to defederate suddenly like what happened with lemmy.world and beehaw (which I’m not judging, just don’t want an account on one instance to be suddenly thrust into relegation).
I may open my instance up to other users more but don’t intend to host communities since I don’t have the time nor the inclination to moderate people behavior or spammers.
I’m not sure what exactly you mean by valuable
It’s certainly easier on storage. Doesn’t Mastodon cache like, every image to your instance?
I would use cloudflare first and foremost. Tailscale doesn’t use public IPs, instead they use cgnat space from rfc6598 inside 100.64.0.0/10 I believe. Though you may be able to open a port or something, it’s not really the intended use of the service and could introduce some unexpected results or exposure.
My workflow for setting up a Lemmy instance goes something like this:
- asdf