Holesail.io is next level
I've always wanted to self-host, but for most pieces of software this is no simple task. A while ago I attempted to set up sovereign-stack.org by nostr:npub1j4z7qht2yntl6tw7f48cj92dtm7nfsa8jnjklshj5yvug42nvykqxlwuxp (which I still think is the ideal solution), but the necessary network configurations are over my head.
I just set up a test mint running on hardware I own! You can use it at https://testnut.brownduff.rocks (no promises on how long it will be up).
For this setup, I am still relying on AWS to connect me to the broader internet, but that's it. I am running nginx on a free AWS instance with 1 GB memory and 1 CPU, then connecting to my home server via holesail. I outline the basics here: https://gist.github.com/gudnuf/d3f797a7f69a819c12ae7765e288cf8b
My next steps are to make the AWS deployment more automated and be able to handle any number of domains/holesail connections.
I've been trying to figure out how to self-host for a long time and be able to expose things like a mint or a blog without using tor or VPNs. Holesail knocks everything else out of the park in terms of complexity and ability to just make it work.
Nice write up! Haven't used Tailscale yet, but I've been thinking about trying it out. A few questions:
1. With Tailscale, can you share more about how it relies on a third party? For authentication?
2. How does the problem your addressing with Holesail.io compare to those addressed by cloudflared and ngrok? By using AWS as a proxy for public internet traffic, is that a similarly centralizing factor?
1. pretty sure you can configure how often you have to re authenticate. If you are not authenticated then, for example, when you try to use tailscale to ssh into a remote machine you are given a link in your terminal that you must visit (login.tailscale.com), then you perform whatever authentication like user/pass, google, or github (whatever you chose to set up), and now your terminal session is authenticated and you can proceed with accessing the remote machine. As far as I can tell using the tailscale VPN on top of your regular VPN does not work, so you must turn you VPN off before authenticating with tailscale
2. For the purpose of public internet traffic I think they do pretty much the same thing, just I control the proxy server and holesail is free. I can easily move the proxy server wherever, just using a VPS so I don't have to mess with my home firewall config.
However, I can just share with you a holesail connection string, and if you are running holesail you can peer directly with me and access whatever port I am sharing
Thanks for the feedback. I'll take a closer look at Holesail.io and try it out.
FWIW -- I also noticed on the Tailscale website that there is an integration with Mullvad:
Maybe that has an impact on the nuisance of turning the VPN on/off all the time, if long as one is comfortable with having Tailscale "always-on"?
What nostr:npub1ce7d8cdg8k49dnl3da34mvhah8kevxfsq2vdguq6trngapqfsdzsnv3d7m said ,plus cloudfalred and nginx have strict limitations on protocol, bandwidth and timeout.
Tailscale, on the other hand, is for personal use only; you can not share a vpn config with every person you want to share your self-hosted app with. But with holesail, it is only a matter of connection string, and no VPN is required.
