this post was submitted on 30 Dec 2023
38 points (93.2% liked)

Selfhosted

40041 readers
815 users here now

A place to share alternatives to popular online services that can be self-hosted without giving up privacy or locking you into a service you don't control.

Rules:

  1. Be civil: we're here to support and learn from one another. Insults won't be tolerated. Flame wars are frowned upon.

  2. No spam posting.

  3. Posts have to be centered around self-hosting. There are other communities for discussing hardware or home computing. If it's not obvious why your post topic revolves around selfhosting, please include details to make it clear.

  4. Don't duplicate the full text of your blog or github here. Just post the link for folks to click.

  5. Submission headline should match the article title (don’t cherry-pick information from the title to fit your agenda).

  6. No trolling.

Resources:

Any issues on the community? Report it using the report flag.

Questions? DM the mods!

founded 1 year ago
MODERATORS
 

Currently I set up Tailscale in my Synology NAS and I can access selfhosted services on my phone using the Android app. I want to use some services in my work PC too but I'm blocked from installing any software. So my question is, is there any solution that allows me to connect to selfhosted VPN via browser extension? (Just like NordVPN, I can install the browser extension to use it and I don't need the Windows app.)

all 16 comments
sorted by: hot top controversial new old
[–] AtariDump@lemmy.world 22 points 10 months ago* (last edited 10 months ago) (2 children)

I’d be very wary about trying to bypass any workplace restrictions (which includes using a non-company VPN etc. etc.) to access self-hosted services.

Remember, your work computer belongs to the business (unless you’re self employed).

Depending on your line of work this could range from a slap on the wrist onto immediate termination and fines.

[–] RootBeerGuy@discuss.tchncs.de 3 points 10 months ago

Yeah, that is the unfortunate reality. The better way is going through your IT department to get those extra things you need for work. If you are found out, and I am sure IT will eventually be able to, you will be in trouble.

[–] BearOfaTime@lemm.ee 2 points 10 months ago

Also very good advice

[–] valkyre09@lemmy.world 11 points 10 months ago (2 children)

I use Cloudflare tunnels for this very reason, you can protect access to the page behind a login (I use azure AD).

It basically acts like a reverse proxy allowing me access to those local resources without anything being installed on the client computer.

[–] thefactremains@lemmy.world 3 points 10 months ago (1 children)

This is the right answer.

The only other solution I can think of would be to put a device in the middle (such as this router).

[–] lemmyvore@feddit.nl 1 points 10 months ago

Or you can use the CF Tunnel equivalent from Tailscale, called Funnel.

https://tailscale.com/blog/reintroducing-serve-funnel

[–] k4j8@lemmy.world 1 points 10 months ago

I had the same problem as OP. My solution was to port forward to my server but then block connections from all IP addresses accept from my work, which I added to an allowlist.

It's working well so far, but I think the Cloudflare tunnel is the better option.

[–] redcalcium@lemmy.institute 8 points 10 months ago (1 children)

Maybe look into deploying a Socks5 proxy (e.g. socks5-server)? Then you can use socks5 browser extensions like FoxyProxy

[–] lorentz@feddit.it 2 points 10 months ago

https://shadowsocks.org/ should be a good option, easy to install, encrypted, and password protected

[–] Moonrise2473@feddit.it 5 points 10 months ago

Most "VPN" browser extensions (if not all of them) aren't actually doing a VPN connection but just change the proxy setting in the browser. This is because as a browser extension they wouldn't have enough permissions/power to establish a real VPN connection.

So if you want to use a browser extension you have to run a proxy server, or as other said, just use cloudflared as running a proxy server attracts bots from all over the world

[–] bruhduh@lemmy.world 2 points 10 months ago* (last edited 10 months ago)

https://github.com/MHSanaei/3x-ui plus foxyproxy or Proxy SwitchyOmega if you're using chromiums

[–] BearOfaTime@lemm.ee 1 points 10 months ago

Configure the Funnel feature in Tailscale.

Funnel enables non-Tailscale clients to access specified resources in your Tailscale network via an encrypted tunnel provided by Tailscale.org.

[–] MonkderZweite@feddit.ch 1 points 10 months ago* (last edited 10 months ago)

Portable Apps or Scoop or if Linux, Appimage?

[–] auf@lemmy.ml 0 points 10 months ago

Not a direct solution, but I found an interesting feature named SSH console. It won’t enable you to access your NAS directly but instead open SSH in the browser to access it remotely. Then you can somehow put some file on another cloud to access it from host machine. I know it’s not what you want but you know, doesn’t need any software other than a browser this way ;)

https://tailscale.com/blog/ssh-console

[–] Decronym@lemmy.decronym.xyz -1 points 10 months ago* (last edited 10 months ago)

Acronyms, initialisms, abbreviations, contractions, and other phrases which expand to something larger, that I've seen in this thread:

Fewer Letters More Letters
NAS Network-Attached Storage
SSH Secure Shell for remote terminal access
VPN Virtual Private Network

3 acronyms in this thread; the most compressed thread commented on today has 8 acronyms.

[Thread #387 for this sub, first seen 30th Dec 2023, 10:35] [FAQ] [Full list] [Contact] [Source code]