Feasibility of running cloudron inside a vpn with package redirection
Still working on the raspberry pi thing, but something came up that made me think of this:
I followed this article and was able to run a simple webserver on my laptop (on my home network) and connect to it using an outside server that was only forwarding traffic between its actual network and my vpn (in which the laptop also resides) using iptables.
So, in theory, I'm thinking it should be possible to have a box inside my home network in which I would install cloudron, and have some server on the internet that would redirect all traffic to this box via VPN, right?
So here's what I'm thinking and some questions that arose:
- I'd need to configure cloudron using the "static ip" configuration, pointing to the ip of the outside server; sounds like it would be okay, since certificates and DNS would all point and resolve to the server, but it would redirect all traffic to my home machine and it seems like it would work;
- I'd need to know which ports to redirect. I looked at the docs and it seems other than 80 and 443 there's 25 for email and maybe a few others?
- What about outbound connections, is there something I'm overlooking that might not work in this setup?
- Would email be a pain in the ass for some reason? I'm not solid in how it works.
- I know there are apps that need to expose other ports on the cloudron box, and these ports would need to be redirected as well, but I'd be willing to do this manually if need be
So what do you guys think? Would this be feasible?
This should be doable. Depending on your ISP and home connection, you may also just have that Cloudron inside your home served up directly. In this case you have to configure the router firewall to portforward the used ports to your server. If your IP address changes, Cloudron also has a feature to deal with this https://docs.cloudron.io/networking/#dynamic-dns
Both @girish and I run Cloudrons in such a way at home
Yeah, I've had problems with my ISP regarding forwarding of these ports. Most of them around here block forwarding of 80, 443, 25 and such for so-called "security reasons" which most people are pretty sure just mean they want to sell you fixed IP addresses and more expensive plans.
That's why I thought about running it like this, since I've already got a cheap small box somewhere else.
What ports do you think I should be concernet about forwarding packages? Is it just 80, 443 and 25? I've taken a look at
cloudron_firewall.shand there's a bit more stuff going on there, isn't there? Heheh
What ports do you think I should be concernet about forwarding packages? Is it just 80, 443 and 25? I've taken a look at cloudron_firewall.sh and there's a bit more stuff going on there, isn't there? Heheh
https://docs.cloudron.io/security/#cloud-firewall is the full list. But at the barest minimum port 443 is enough.