Put wireguard on that thing and don't expose anything on your public IP. Better yet don't have a public IP. Just port forward the wireguard IP from your router. That's it. No firewall no nothing. Not even accidental exposure.

▲

drnick1 2 hours ago | parent [-]

> Put wireguard on that thing and don't expose anything on your public IP. Better yet don't have a public IP.

This is nonsense. You can't self-host services meant to interact with the public (such as email, websites, Matrix servers, etc.) without a public IP, preferably one that is fixed.

▲

tstrimple 40 minutes ago | parent [-]

Sure you can. It’s what cloudflared and services like it are designed for.

	▲	drnick1 20 minutes ago \| parent [-]
		Is it still self-hosting though?