I self-host a couple of services, but I haven’t exposed anything outside my home network. I want to self-host my calendar, but not sure if I can do it without exposing it. Any recommendations on the best way to go about this? For those who do self-host a calendar service, how do you keep it secure?
You must log in or register to comment.
Radicale is the GOAT and supports authentication. Or you can just run it on a LAN behind a firewall.
VPN is the way to go if you’re not sharing it with a bunch of people
I think the general consensus for homelabbers is a mesh network – Tailscale and Netbird are the two most popular options
Or headscale.
Related question, what CalDAV server are you using? Been looking for something lightweight
I run nextcloud on my machine. If there’s a crack, there would be one in their hosted instance as well. There’s nothing really I can do about security of it.
I do not expose Nextcloud to the internet. I use dnsmasq to give LAN clients the private IP. If I need to access NC from elsewhere, there’s VPN for that.
Sounds like a good solution as well
Who do you want to have access to said calendar?
Just myself, but I would like to keep it synced between my phone and my laptop while also keeping a backup.
Then you should really look into setting up a personal VPN. After that what you use to do calendar becomes irrelevant in terms of access.
mTLS with a reverse proxy!
What caldav clients supports that?
I’d recommend the Tailscale style approach. MTLS is a pain imo without infrastructure and especially on the app layers
This is the first time I’ve heard of mTLS. Sounds interesting, any tutorial recs?
Could you set up a Cloudflare tunnel and make sure the security rules are tight enough to keep others out?
