Info

Building Your Home Server: Accessible Anywhere with Tailscale, Ubuntu VPS, and Cloudflare

fdciabdul16 hours ago

0 7 4 minutes read

Running a home server opens up a world of possibilities – from hosting your own media server to managing personal cloud storage. However, accessing it securely from outside your home network has traditionally been challenging. This guide walks you through creating a reliable, secure setup that allows you to access your home server from anywhere using Tailscale, an affordable VPS, and a custom domain configured through Cloudflare.

Overview of Our Setup

This guide will help you build:

A home server running Ubuntu Server
A secure network connection using Tailscale
A VPS relay for reliable external access
A custom domain pointed to your server via Cloudflare

Why This Approach Works

This setup solves several common problems with home servers:

No Need for Port Forwarding: Avoid exposing your home network directly to the internet
Dynamic IP Handling: Works even if your home internet doesn’t have a static IP
Cost-Effective: Minimal ongoing costs with the cheapest VPS plans
Professional Setup: Access your services via a clean domain name instead of IP addresses
Enhanced Security: End-to-end encryption with Tailscale’s WireGuard-based VPN

Part 1: Setting Up Your Home Server

Hardware Requirements

You don’t need powerful hardware for a basic home server. Options include:

An old desktop computer or laptop
A Raspberry Pi (4 or better recommended)
A mini PC like an Intel NUC

Installing Ubuntu Server

Download Ubuntu Server from the official website
Flash the ISO to a USB drive using Rufus (Windows) or Balena Etcher (Cross-platform)
Boot from the USB drive and follow the installation instructions
Choose the minimal installation option to keep things lightweight
Set up SSH access for remote management

# After installation, update your system

sudo apt update && sudo apt upgrade -y

# Install some essential tools

sudo apt install -y curl wget git htop net-tools

Part 2: Setting Up Tailscale

Tailscale creates a secure mesh network between your devices using WireGuard. It’s perfect for accessing your home server without exposing it directly to the internet.

On Your Home Server

Install Tailscale:

1 2	curl -fsSL https://tailscale.com/install.sh \| sh

Authenticate and connect:

1 2	sudo tailscale up

Follow the URL provided to authenticate with your Tailscale account

On Your Personal Devices

Install Tailscale clients on your:
- Laptop (Windows, macOS, Linux)
- Smartphone (iOS, Android)
- Any device you want to use to access your server
Login with the same Tailscale account

Once done, your devices can communicate securely through the Tailscale network, regardless of their physical location or network configuration.

Part 3: Setting Up a VPS Relay

While Tailscale often works directly between devices, a small VPS can serve as a relay for more reliable connections, especially when dealing with restrictive networks.

Choosing a VPS Provider

Look for affordable options like:

Linode ($5/month plans)
DigitalOcean ($5/month droplets)
Vultr ($3.50/month)
Oracle Cloud (has a free tier)

Setting Up the VPS

Create an account with your chosen provider
Launch a minimal Ubuntu Server instance (20.04 LTS or newer)
Connect to your VPS via SSH

1 2	ssh root@your-vps-ip

Update the system:

1 2	apt update && apt upgrade -y

Install Tailscale:

1 2	curl -fsSL https://tailscale.com/install.sh \| sh

Set up as a relay:

1 2	sudo tailscale up --advertise-exit-node

In your Tailscale admin console, enable this node as an exit node

Part 4: Configuring Your Domain with Cloudflare

Using Cloudflare gives you a free and easy way to manage your domain and secure your traffic.

Domain Registration

Register a domain with any registrar (Namecheap, GoDaddy, Google Domains, etc.)
Create a Cloudflare account if you don’t have one

Connecting Domain to Cloudflare

Add your domain to Cloudflare
Update your domain’s nameservers to those provided by Cloudflare
Wait for DNS propagation (can take up to 24-48 hours)

Creating DNS Records

In Cloudflare’s DNS settings, create an A record:
- Name: @ or a subdomain like server
- Content: Your VPS’s IP address
- TTL: Auto
- Proxy status: Proxied (for added security)
If using subdomains for different services, add more records:
- nextcloud.yourdomain.com → VPS IP
- media.yourdomain.com → VPS IP

Part 5: Routing Traffic to Your Home Server

Now we’ll set up the VPS to route incoming traffic to your home server.

Setting Up Nginx as a Reverse Proxy

Install Nginx on your VPS:

1 2	sudo apt install -y nginx

Create a configuration file for your domain:

1 2	sudo nano /etc/nginx/sites-available/yourdomain.com

Configure the reverse proxy:

server {

listen 80;

server_name yourdomain.com www.yourdomain.com;

location / {

proxy_pass http://tailscale-ip-of-home-server:port;

proxy_set_header Host $host;

proxy_set_header X-Real-IP $remote_addr;

proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;

proxy_set_header X-Forwarded-Proto $scheme;

}

}<code class="language-nginx"></code><code class="language-nginx">

Enable the configuration:

sudo ln -s /etc/nginx/sites-available/yourdomain.com /etc/nginx/sites-enabled/

sudo nginx -t

sudo systemctl restart nginx

Setting Up SSL with Certbot

Install Certbot:

1 2	sudo apt install -y certbot python3-certbot-nginx

Obtain SSL certificates:

1 2	sudo certbot --nginx -d yourdomain.com -d www.yourdomain.com

Follow the prompts to complete the setup

Part 6: Setting Up Services on Your Home Server

Now you can install whatever services you want on your home server. Here are some popular options:

Nextcloud (Personal Cloud Storage)

# Install Docker for easy deployment

sudo apt install -y docker.io docker-compose

# Create a directory for Nextcloud

mkdir -p ~/nextcloud

cd ~/nextcloud

# Create docker-compose.yml

nano docker-compose.yml

Add this configuration:

version: '3'

services:

nextcloud:

image: nextcloud

restart: always

ports:

- 8080:80

volumes:

- ./nextcloud-data:/var/www/html

- ./apps:/var/www/html/custom_apps

- ./config:/var/www/html/config

- ./data:/var/www/html/data

Start Nextcloud:

1 2	docker-compose up -d

Plex Media Server

# Add the Plex repository

echo deb https://downloads.plex.tv/repo/deb public main | sudo tee /etc/apt/sources.list.d/plexmediaserver.list

curl https://downloads.plex.tv/plex-keys/PlexSign.key | sudo apt-key add -

# Install Plex

sudo apt update

sudo apt install plexmediaserver

# Ensure Plex is running

sudo systemctl status plexmediaserver

Part 7: Security Considerations

Keep everything updated:

# On both home server and VPS

sudo apt update && sudo apt upgrade -y

Set up a firewall on both systems:

# Allow only necessary connections

sudo ufw allow ssh

sudo ufw allow http

sudo ufw allow https

sudo ufw allow 41641/udp # For Tailscale

sudo ufw enable

Use strong passwords everywhere
Consider setting up fail2ban:

sudo apt install -y fail2ban

sudo systemctl enable fail2ban

sudo systemctl start fail2ban

Troubleshooting Common Issues

Can’t Access Your Server?

Check if Tailscale is running on both systems:

sudo tailscale status

1
2

sudo tailscale status
Verify your Nginx configuration:

sudo nginx -t

1
2

sudo nginx -t
Check firewall settings:

sudo ufw status

1
2

sudo ufw status
Review logs for errors:

sudo journalctl -u nginx sudo journalctl -u tailscale

1
2
3

sudo journalctl -u nginx
sudo journalctl -u tailscale

Slow Performance?

Consider upgrading your VPS plan
Optimize your Nginx configuration with caching
Check if your home internet upload speed is sufficient

Conclusion

You now have a professional home server setup that’s:

Accessible from anywhere via a custom domain
Secured with encryption through Tailscale
Protected from direct internet exposure
Cost-effective with minimal ongoing expenses

This configuration gives you the flexibility to host nearly any service you want, from personal cloud storage to media servers, home automation controllers, and more. All accessible through your own domain, as if you were running it from a professional data center.

By combining the power of Tailscale’s secure networking, a minimal VPS as a relay point, and Cloudflare’s domain management, you’ve created a robust solution that overcomes the traditional limitations of home servers.