Nope

Wikipedia is only 110GB… https://library.kiwix.org

Thanks for the help. This is enough to get me started

With Crafty you can bind a specific port.

I use tailscale for public access, and have set it up so tailscale users can access the domain.

I guess what I’m asking for is NPM but for tcp.

No I’m not.

I have tailscale setup for external access. (I have dns records already in my domain provider pointing to a tailscale ip, so a device on my tailnet can access my domain. ie an authorized tailscale device can access nginx.example.com)

I want to know what I have to do to get minecraft.example.com to resolve interenally.

Oh fascinating. I’ll have to look into that

Cool okay.

What about the CNAME one?

For 4 II, its CNAME Name: @ Target: ???

What is the target supposed to be?

Edit: putting “@” for name on the A record, once saved, it changes to my domain instead of @, in your screenshot

A good dashboard helps with not remembering port numbers also. And can look slick

Holy crap thank you so much. I was literally thinking of figuring out how to do exactly this EARLIER TODAY!

Thank you again for this write up. I have almost all of what you wrote already done (cloudflare, NPM and tailscale setup) but haven’t hooked Tailscale and NPM together yet.

I have gluetun+socks5 containea running, then in an app, I put in localip:port into a proxy field. Then that app will use that connection for internet. Browsers on desktop also support proxies. So if you want a specific browser to always use the VPN, this is a very simple way to do that.

https://source.android.com/docs/security/features/private-space

Its not bad using the official wireguard app. Its definitely noticable. On the android battery screen it’ll show around 5% after a full day of use and it on always

For an external VPN like mullvad, I run my own proxy. Again it’s only available from my VPN or inside my network.

It uses socks5 and gluetun docket containers and in apps that support proxies, I can add my proxy to it and it’ll route that traffic through the paid VPN.

Or, a work profile (see shelter) or androids new private spaces. If you have private spaces, it uses a seperate network. So if you have a VPN installed outside the private space, it won’t work on apps inside the space. So, what you could do is have a paid VPN inside private spaces, and use it and a web browser or whatever there, and use your server’s VPN outside the private space.

Lmk if you want any of my docker composes

I keep it running always. Partly to access stuff at home, and party to get the ad-blocking from pihole.

Do not expose stuff unless you fully understand the security risks

Correct. But also public access should be considered advanced

awesome! i got the same one. still waiting to buy drives, as 2x 16tb drives is a tad expensive. soon ill swap my old $40 to my fancy new one. im using plain ol debian with docker. barebones but simple and secure. youll have to update us on using OMV

I have setup the same thing as a temp measure, but i believe that something like Authelia or Keycloak should replace and be better than Cloudflare’s email OTP.

thank you so much. everything is back.

i have docker containers using that folder. could that be it?

should I use -fl