Hey folks, I just set up a Raspberry Pi home server with a bunch of containerised apps (FreshRSS, Firefly III, etc.). I’m now looking at some options to let me access this Pi from a device outside the network and am a little bit intimidated by all the options that I seem to have.
My requirements are just to be able to access the Pi from my Android phone or Linux laptop and access the FreshRSS service. I’m not looking to stream media over this connection or do anything super data intensive. I don’t have a static IP address or a domain name, but I do use a VPN subscription (some guides I read suggested that you could use a VPN to connect externally but haven’t looked to deep into this yet).
With this in mind, what would be my best option? Thanks in advance for your help!
I’m currently using cloudflare tunnel. It works with ssh but you have to have cloudflare cli on the client. Please note that I’m a complete noob and this probably isn’t the best solution.
Tailscale 👍👍👍
Safest way would be Wireguard. If you don’t have a static IP or domain, use an DDNS service like Duck DNS.
Ssh with ed25519 pubkey access and password login disabled works fine for me. I have access from my phone via termux and any other terminal software.
As far as your changing ip goes, you could have a cron job that periodically checks your current IP and notifies you of changes over telegram or other method.
Best: Wireguard VPN, very easy to setup using PiVPN
Second best: DDNS with port forwarding and a strong password
Optional: Install XRDP for GUI and connect using Remote Desktop instead of SSH
Install Tailscale on your Pi and on any other device you want to access it from. It’s super straightforward and you should be able to connect the two devices without opening any ports instantly.
Free, foolproof, safe and quick way to do it is Tailscale.
Safest and fast - Wireguard. But you need to setup duckdns too.
Safest and easiest - Tailscale. It’s a userland implementation of Wireguard with added stuff to make it stupidly easy to run. But because it’s not a kernel module, it’s slightly slower.