this post was submitted on 08 Sep 2024
84 points (96.7% liked)

Selfhosted

40211 readers
1311 users here now

A place to share alternatives to popular online services that can be self-hosted without giving up privacy or locking you into a service you don't control.

Rules:

  1. Be civil: we're here to support and learn from one another. Insults won't be tolerated. Flame wars are frowned upon.

  2. No spam posting.

  3. Posts have to be centered around self-hosting. There are other communities for discussing hardware or home computing. If it's not obvious why your post topic revolves around selfhosting, please include details to make it clear.

  4. Don't duplicate the full text of your blog or github here. Just post the link for folks to click.

  5. Submission headline should match the article title (don’t cherry-pick information from the title to fit your agenda).

  6. No trolling.

Resources:

Any issues on the community? Report it using the report flag.

Questions? DM the mods!

founded 1 year ago
MODERATORS
 

I just setup a minecraft server on an old laptop, but to make it acessible i needed to open up a port. Currently, these are the ufw rules i have. when my friends want to connect, i will have them find their public ip and ill whilelist only them. is this secure enough? thanks

`Status: active

To Action From


22/tcp ALLOW Anywhere Anywhere ALLOW my.pcs.local.ip`

also, minecraft is installed under a separate user, without root privlege

you are viewing a single comment's thread
view the rest of the comments
[–] ricecake@sh.itjust.works 30 points 2 months ago (1 children)

I would use something like wireguard, or another VPN service you can host yourself if your router supports it natively.

From the looks of it Minecraft servers seem to have dogshit authentication, so using some form of private network setup is going to be your best move.

[–] lud@lemm.ee 5 points 2 months ago (1 children)

You don't have to host the VPN on the router. You can also host it on a separate machine or the same one that's running the Minecraft server.

[–] ricecake@sh.itjust.works 3 points 2 months ago (1 children)

Oh for sure. What I meant was "check router for a built in VPN and use it if it has one, otherwise use wireguard because it's the easiest".

The specific VPN doesn't really matter so much. The built-in one would be the easiest, so checking for a solution that took a few clicks is worth it. :)

[–] lud@lemm.ee 1 points 2 months ago (1 children)

Fair enough.

But personally I would recommend trying to setup wireguard if your router doesn't have it integrated. It's just so much faster than OpenVPN (usually the only built in option).

[–] ricecake@sh.itjust.works 2 points 2 months ago (1 children)

Yeah, it's definitely faster, but I'm not sure it's going to make too much of a difference for a Minecraft server.

With setting it up being a bit annoying by hand, I'd still rank the router option higher even if it's a worse VPN. Otherwise you risk ending up in that yak shaving situation where you're fighting with routing tables and DNS when you wanted a Minecraft server.

[–] lud@lemm.ee 2 points 2 months ago

Yeah, that's also fair. I have a tendency to overcomplicate things like this when all I wanted was a simple service.