Expose home server with Rathole tunnel and Traefik
Posted by nemanja_codes@reddit | linuxadmin | View on Reddit | 9 comments
I wrote a straightforward guide for everyone who wants to experiment with self-hosting websites from home but is unable to because of the lack of a public, static IP address. The reality is that most consumer-grade IPv4 addresses are behind CGNAT, and IPv6 is still not widely adopted.
Code is also included, you can run everything and have your home server available online in less than 30 minutes, whether it is a virtual machine, an LXC container in Proxmox, or a Raspberry Pi - anywhere you can run Docker.
I used Rathole for tunneling due to performance reasons and Docker for flexibility and reusability. Traefik runs on the local network, so your home server is tunnel-agnostic.
Here is the link to the article:
https://nemanjamitic.com/blog/2025-04-29-rathole-traefik-home-server
Have you done something similar yourself, did you take a different tools and approaches? I would love to hear your feedback.
420GB@reddit
For exposing a single port, I've used ssh port forwarding.
nemanja_codes@reddit (OP)
SSH is ok for temporary tunnel. For persistent connection you would need to add
autosshdaemon for reconnecting.BeasleyMusic@reddit
Cloudflare tunnels do this, are free, and don’t require you to host a VPS, just a container locally.
You can even setup authentication on the free plan too
You can also use custom domains with this for free
https://developers.cloudflare.com/cloudflare-one/connections/connect-networks/get-started/create-remote-tunnel/
Mallanaga@reddit
I use this with great success. I even created a new helm chart that allows you to reference a secret instead of plain text (the official chart seems no longer maintained, which is annoying… archive the damn thing)
nemanja_codes@reddit (OP)
True. But I prefer native technologies over proprietary services.
XQCoL2Yg8gTw3hjRBQ9R@reddit
Never heard of rathole before. Is it better/easier than plain Wireguard or tailscale?
nemanja_codes@reddit (OP)
Rathole is lightweight and 2 times faster. You can see iperf benchmark comparisons here:
https://blog.mni.li/posts/caddy-rathole-zero-knowledge/#bonus-benchmarks
https://blog.mni.li/posts/tailscale-vs-rathole-speed/
Runnergeek@reddit
why not use wireguard to setup a vpn
nemanja_codes@reddit (OP)
Rathole is lightweight, it forwards a single port. Wireguard creates virtual local network.