UPDATE: The site has been moved to a much more powerful host: HP t620 thin client. This content is preserved for anyone interested in running their own site on a router.

This runs on an old Netgear R6220 Wi-Fi router with OpenWrt.

I am lucky enough, that my internet service provider provides me with public (though dynamic) IP and a configurable router. The ISP provided router get a dynamic public IP, all other devices are behind NAT. The router allows for port forwarding. In ISP provider router I assigned a fixed IP for my home router and forwarded external port 80 to home router's 8080 and external 443 to home 8443.

The external IP is dynamic. To get reliable access I needed a domain name. I already had my domain name registered, but my registrar did not support dynamic DNS. I got myself a free account on cluodflare and added my domain there. Cloudflare provides two DNS servers, which I set at my registrars control panel to handle the domain. I did not enable cloudflare proxy - this would complicate checking, if current address is valid.

Now I set up dyndns client in openwrt to update the IP, whenever it is changed. The WAN interface of my home router does not get the public IP, so t get the public IP, I had to make the ddns client use the URL method for this.

To cater for dokuwiki, I set up uhttp + php8 server. The site for wiki was configured on port 8080 and 8443 not to conflict with luci configuration interface.

WARNING Don't forget about securing the `conf` and `data` directories of dokuwiki. Uhttpd's security options are limited, so the easiest way is to move these directories to somewhere out of the www root path.

The certificate is created and kept fresh using acmesh script, which uses Let's encrypt service. Surprisingly no registration was needed for this. I used the webroot method.

I was really surprised, that this all works. It did demand some mangling in the config files, but a lot of the configuration could be just clicked in the routers web UI.

Another surprise is, that the only costs are internet access and the domain registration (and renewal), where the second could be avoided, if I settled with some free domain instead of the country wide one.

Now, I realize this setup is not particularly secure and I exposed quite some details about it's internals. I keep a printer connected (Samsung ML-1865), so I wonder when will someone print me some greetings on it