So, here’s what I set up:

Docker with some containers behind Gluetun

Gluetun gives access to the local network so I can access the containers on my home network through http.

The only port I exposed to the internet is the 32400 for Plex.

I reach my home network remotely only through Wireguard, my fritzbox router has a guided setupt that gives me a wg configuration so I just scanned the QR code with my phone. I learned this opens the default wg port.

Now, you can never be 100% safe, but is my simple setup safe/solid enough?

9 times out of 10 I thinker with it when I am at home

It’s still a work in progress and I am open to any kind of suggestions

  • snekerpimp@lemmy.world
    link
    fedilink
    English
    arrow-up
    21
    ·
    26 days ago

    If you use WireGuard for local access, I don’t think you need to open any port on your firewall, unless you are sharing your plex with other people that do not have access via WireGuard. But I know just enough to get me in trouble, so I’m sure I’ll be corrected on this.

      • mearce@programming.dev
        link
        fedilink
        English
        arrow-up
        3
        ·
        26 days ago

        This is correct. But the port wont reply to anything but a valid client, so it should not be too apparent to a would-be attacker that you have a port open at all.

    • Tywèle [she|her]@lemmy.dbzer0.com
      link
      fedilink
      English
      arrow-up
      7
      arrow-down
      1
      ·
      26 days ago

      No, you are correct. If you are the only person accessing the service you don’t need to open any ports since you access your network via Wireguard anyway.