Total noob, but I set up TrueNAS/Nextcloud on an old laptop and it’s working great locally.
What would be the easiest secure way to access my files remotely from my phone and/or laptop?
Vpn.
Openvpn or wireguard.
My recommendation would be some kind of VPN. If your looking for something plug and play and free, look into zerotier.
If your home internet connection sits behind CGNAT, like me, just buy a cheap vps and set up your own wireguard network.
Both solutions avoid exposing your services directly to the public internet which reduces attack vectors and adds an extra layer of encryption.
Idk what CGNAT is tbh so I doubt it.
Other comment mentioned OpenVPN, would you say Zerotier is an easier option?
CGNAT = Carrier Grade Network Address Translation. It makes it practically impossible to open ports to the public internet and in some extreme instances make zerotier very unstable. Typically you only have CGNAT if your internet connection is 4G or fixed wireless.
OpenVPN is just a VPN protocol. Roughly comparable to wireguard. It has been the gold standard for VPN technology for the past decade or so. Wireguard by comparison is much newer, and lighter to run. This typically results in faster throughput from a computational standpoint and devices where power is limited (cell phones), uses much less power by leveraging modern CPU encryption methods.
If you have the option to port forward on your home internet connection, its possible to setup a VPN connecting in a straight shot from your home to your roaming device. If you can’t port forward, you will need a main in the middle (the VPS) to establish and route the connections through.
Zerotier works off of a PTP style network and the free plan allows up to 50 devices when last I checked. I’m not sure on the availability of zerotier or wireguard on truenas as the last time I used TrueNAS was Scale 22.
Btw, Tailscale raised the free tier limits a while ago and it’s now an even more generous 100 devices/3 users
My provider uses CGNAT in AUS and I’m on fiber then copper connection. Luckily they just had a option on their account page to turn it off.
It is a NAT, but created by an operator. The operator does not give you a real IP address, but instead hides you behind his own NAT and gives you one private address.
Would probably setup something like Pivpn on the server
Edit: GrammarCloudflare zero trust tunnel might be up your alley. Look into that. It’s free but has privacy concerns so do your homework.
TrueNAS has an OpenVPN plugin available, which is typically the recommended option.
If you are using Scale, it has been depreciated. Rather inconvenient for me as I have to come up with a new solution.
Yea, I didn’t like that they are going to drop support in the next version or whatever. Not sure if it’s their intended replacement, but Wireguard is installed by default in TrueNAS Bluefin. I recently switched to that, and I find the performance is way better than OpenVPN.
Acronyms, initialisms, abbreviations, contractions, and other phrases which expand to something larger, that I’ve seen in this thread:
Fewer Letters More Letters CGNAT Carrier-Grade NAT IP Internet Protocol NAT Network Address Translation VPN Virtual Private Network VPS Virtual Private Server (opposed to shared hosting)
5 acronyms in this thread; the most compressed thread commented on today has 8 acronyms.
[Thread #46 for this sub, first seen 15th Aug 2023, 02:15] [FAQ] [Full list] [Contact] [Source code]
Your nextcloud isn’t public facing?
I don’t think so? It’s whatever the default is aha I am new to networking like this
Out of curiosity what are you using nextcloud for? Most people use it for public facing collab and sharing, and it’s an absolute beast to maintain because it’s so complicated.
I’ve been running it for years with very little maintenance… What about it is a “beast?”
Just google “nextcloud frustration”
Very basic backup system and cloud-ish storage. Mostly handy that I can access it from any device wireless cause I use a ton of different devices