**Disclaimer: I am new to the infrastructure/network space, and would love any support/guidance c:
I am learning what Zrok is about after getting a recommendation from one of OpenZiti’s dev on reddit (Reddit - Dive into anything), and the “Public Share” concept of Zrok is I think what I am looking for.
Question 0 (summary of what I wrote in the reddit link above):
Would self-hosting Zrok and it’s public share feature allow me to:
Setting up my first self-hosted machine using an old desktop I have.
I am trying to host a static website on the internet, and here is what I have got to thus far:
**Registered a Domain using Route53 (it is an Authoritative Domain Name Server)
Ubuntu as a Host OS (on my old desktop) Docker engine running on Host OS Container (Docker) for Nginx web server serving static content: As a result, I can view my website locally. Now here is the deal..
I do not have access to port forwarding using my resident’s router because I live in Airbnb (and I move around a lot). Thus, while doing some research I came across Cloudflare’s Zero Trust Tunnel which would allow me to access Cloudflare (Layer 7 proxy) by installing Cloudflare tunnel within my internal network. From my understanding, this would allow my site to use CloudFlare’s DNS server to perform Type A DNS query to serve users on the internet of my website using the domain.
However, a gentlemen who works on OpenZiti recommended my Zrok as an alternative to Cloudflare. So, would Zrok help to deploy my static website to the internet?
Reading the documentation about Zrok’s Public Share, I am confused about the statement:
public sharing does not require you to open any firewall ports or otherwise compromise the security of your local environments. A
public share goes away as soon as you terminate the
zrok share command.”
What is this “firewall ports” taking about? Is it the Software Firewall for my linux machines? Or hardware firewall on my router?
I am trying to self host a zrok instance, and following the youtube tutorial on self hosting (https://www.youtube.com/watch?v=870A5dke_u4), and the gentleman in the video allow an inbound rule for all Ipv4 and Ipv6 connection at different ports. So, my newbie knowledge gets me wonder, Would I have set these inbound rule on my linux machine?