Virtualmin is a fantastic platform to manage shared hosting. Now, I would like to add functionality to also make it suitable for a home server. As most homes don’t have a fixed IP address, this is the first thing to solve.
I am thinking we could use PageKite or something like it.
So users could set up PageKite on a small rented server (with a fixed IP address) that transfers the traffic. Since all the code is Open Source, anyone could start offering this service.
There are also alternatives:
What do you think?
Hello, Marc. Good to hear from you!
Thanks for you interesting suggestions, although it seems that Virtualmin already supports the feature you’re looking for using
Addresses and Networking ⇾ Dynamic IP Update:
Automatic dynamic DNS update
This page allows you to setup Virtualmin to detect changes to the systems primary network interface, and update a dynamic DNS entry when it changes. This is useful if you are running Virtualmin on a system with an address that occasionally changes, such as one running on in a virtual machine environment like Amazon’s EC2. It is also useful for servers that are connected to the Internet via a connection without a fixed IP address, such as ADSL or Cable.
To use this page, you must select a dynamic DNS service, enter the hostname used by your system on that service, and also the service’s login details. By default, Virtualmin will look at the IP address assigned to the primary network interface (like eth0) to check for changes, but if your system is behind a NAT router you should select the
Address visible from the Internet option to have it discover the IP that the rest of the Internet really sees.
When a change is detected, all virtual servers with shared IP addresses using the old address will be updated to the new one. This change will be made in both the Apache configuration and DNS records.
If the External script service is selected, you must enter the full path to a script into the adjacent field that will be called when the system’s IP address changes. The new IP and hostname will be passed to the script as command-line parameters.
Well PageKite is a reverse proxy while Virtualmin currently offers a dynamic DNS feature.
In India, for example, a reverse proxy would benefit lots of people who wish to use something like Virtualmin ‘at home’ but are unable to do so because the most popular telco, which I shall not name but is used by a sizable percent of the population, uses a double NAT which prevents incoming connections.
By offering a reverse proxy functionality in Virtualmin / Webmin / Cloudmin, it will open up a whole new market for *min in India and other places too.
@Jamie, what are your thoughts on this?
Is the suggestion that we support PageKite on Virtualmin systems as a proxy, or that we support running Virtualmin behind PageKite hosted elsewhere?
I world vote for the latter but let’s await @marclaporte 's response.
Since we are in the Blue Skies section, I can dream a little. So, both
For a home server, @calport expressed some of the issues. Indeed, I prefer to avoid dealing with ISPs and router settings (DMZs, bridge mode, pass-through mode, etc.)
- Some ports can be blocked
- What if you want more than one server?
- Rarer, but what if you move the machine or change ISP?
An example of a resilient-to-network-changes solution is Syncthing. Once you connect Syncthing devices, you don’t need to worry about networking. There is a network of community-contributed relay servers.
“Virtualmin system as a proxy”: I would love a PageKite-style app within Virtualmin. So any Virtualmin Virtual Server can be the public-facing face to my home servers (which I want to migrate to Virtualmin). This would be a great way to put old hardware to good use for things like backup servers, development servers, etc.
If we like this idea and are thinking of proceeding, we (I and whomever wants to help) could do more research to confirm PageKite is the best option. Here is more info:
pagekite.net has to relay the traffic, what if governments of oppressive regimes start blocking it?
Good point, @Ilia .
For those who do not use PageKite servers and services, because these are blocked by oppressive regimes or for any other reason, the PageKite open source software can be installed on any VPS, which will act as gateway, from what I could understand when I had a quick look at the documentation and features.
This will make it impossible for oppressive regimes to block PageKite users.
How does it work? section says:
pagekite.net relays your traffic
Nobody ever needs to know your IP address, all traffic passes through our relays. For even more privacy, we support both end-to-end and wild-card TLS encryption.
I meant, if ISP blocks access to
pagekite.net at the first place, then how will it work?
Yes, the way I understand it, that is one of the options. But is not the only way to use the software. If one has a VPS of one’s own then there is no need to use the PageKite service on PageKite.net. The VPS could be configured to provide the same functionality that PageKite.net offers.
Again, I have not use the software. All which I say is based on my initial understanding after a quick look at the software that I had a few days ago.
Lets get this straight…
As @jamie pointed…
“Is the suggestion that we support PageKite on Virtualmin systems as a proxy, or that we support running Virtualmin behind PageKite hosted elsewhere?”
I can see where he is pointing the whole issue. - It would be nice to have some sort of 3th party of proxy gui however as @Illia pointed we all have that already. Needless to say @marclaporte suggesting to have both options - so @marclaporte who is going to pay… virtualmin or your wiki company? - what do you proposing here is - have users to pay for service like dynamic ip update or what you are actually looking for?
As mentioned @Illia we have that option already, and he is totally right here folks…
needless to say I wrote bash script which root runs every 10 or 15 minutes to check your IP and if its changed, it will notify you via email or telegram bot (depending what you choose) about IP changes. Meaning user would only log into dns of registrar and change those records manually then log into virtualmin and changes IP towards new one. I can confirm that script works for more then 100k users - be it pro or gpl and giving £25 per person - not platform not instance… - I can advanced this script to do automatic changes to bind records however I did not had time yet - do lot of sysadmin crap on my day job and as you guessed - im too freaking busy, however some @staff could give me hands… it would change hosting from home and those on dynamic IPs - to not pay anything and make it feature for pro users only - it would pay off some bills.
@Illia is right - if regime will block you on end point of domain name - you are fkt… no matter the IP.
@calport and rest - there is no market in India regards this and if it was - you would have it already… proxy and reversed dns is totally different things… needless to say @calport was talking about tomatoes and @marclaporte was about onions…
Anyway this topic should be closed as marclaporte proposed basically rubbish from sysadmin point of stand and logic as virtualmin is build.
not to mention of interest issues here…
screenshot is independent and also give you inside readings… this exact post is on tracker of wikisuite.org… not public to be mentioned here… at the time of this post…
Wait, wait, wait – be polite please.
We are in discussion here. We may eventually come up to a better solution or even some other solution. Nevertheless, we should keep the discussion open and free from prejudices.
Having ability to quickly put up a website hosted on your home PC or even a laptop disregard of your ISP looks like a great feature to me.
@illia sure. time is endless… - I would gladly to speak with you about my bash. anyway lets wait and see outcome of this convo… needless to say options are there you know… in reality proposal was about pay service monthly as I know laporte - exploration will never stop. Thats why I reacted…
edit: - i hosted my sites past 11 years ago… IP changed frequently even when I was sleep so I have to come up with solution - unpaid and open sourced…
I indeed added this idea here in 2017: WikiSuite | Investigate for a solution to permit self-hosting without a fixed IP address (such as PageKite)
Not a secret. That is from the public WikiSuite.org to do list. Virtualmin is a key component of WikiSuite: WikiSuite | Virtualmin
So it’s not a new idea. Someone has done this with Webmin in 2011:
@Ilia and rest of the team, can I reach you in private?
Hi @marclaporte , sure hi from back in times. In best of interest of GPL and pro users I’m against it.
Edit: interestingly you did not reply to my questions, who is going to pay for services like that if it’s needs to be hosted somewhere etc… nothing comes free not even opensource you know this very well!
So @Ilia and @Jamie what about improving a bit that “Dynamic IP Update” page with a useful feature: nsupdate? Make it an option to the existing external/third-party services.
This little known/used brother of nslookup (guess they are in dnsutils/bind-utils/bind-tools?) can easily change your life as long as you have a public DNS server that can update it’s records. If one has one - news, it can. There are ways that you can probably host those too behind a dynamic IP, or you have to update at the registrar (maybe some offer that… though I don’t recall EVER seeing that?). And you essentially get a self hosted dynamic IP DNS service
I used that for a while with Virtualmin&Webmin and my OPNsense home router (running BIND too, as a package). Needed to host some subdomains at my home, on a personal domain. My router was simply communicating the new IP to Virtualmin, that had a low TTL, and (in my case but not necessary, you can get away with a simple Webmin machine or any simple BIND setup) than was sent via Webmin API to the public DNS servers, the slaves.
I stopped using that in favor of a different method because it didn’t cope well with DNSSEC, there were a few stories about this one on the internet. And for me DNSSEC is paramount.
Doesn’t help against censorship though, but for sure it helps for rioting against the establishment, have fun, make some money and save some, or simply going against the stream And of course it is the dream that all the tinkerers with home labs have. Not to mention that such a wonderful person will have at his disposal a proper domain, that can point at his/hers home, waiting to be used with… < your whish here >
PS: full recipe - at home one will also need a reverse proxy and than the number of services/domains become quite unlimited. I use NGINX directly on OPNSense, HAproxy didn’t worked for me for unknown reasons and lack of time&experience. And somehow IT IS very resilient - no, you can’t just access my ports, web interfaces and stuff. You get there only via VPN, from a very specific IP.
About “who is going to pay”: I don’t think it’s time to go into details on this until there is a general positive feeling on the concept itself. I also am uncomfortable in speculating on business models for Virtualmin Inc. (It could be a service which is part of Virtualmin Pro, or an add-on)
- Validate idea (Do the various stakeholders like the idea?)
- Analyze / Compare / Pick best technology
After that, we should have enough info to think about financial aspects. If PageKite is deemed the best option, the entities behind each Open Source project can perhaps work out a deal. But this is way too speculative, and I want to first validate the idea. My general goal is that people should be able to self-host, or delegate/pay another entity to do so.