Is there a good way to self host a federated service at home without port forwarding? Is it possible to use cloudflare tunnels or tailscale funnel and still connect to the federation?
It’s what I moved too. Allows me to be in control of my account and be less subject to aggresive moderation. I can still participate I. Aggressively moderated communities but may not be cut off as easily if they decide to defederate suddenly like what happened with lemmy.world and beehaw (which I’m not judging, just don’t want an account on one instance to be suddenly thrust into relegation).
I may open my instance up to other users more but don’t intend to host communities since I don’t have the time nor the inclination to moderate people behavior or spammers.
In the spirit of self-hosting I am self-hosting a tool that does what you are asking for. I run frp on a cloud provider. My homelab makes an outgoing connectionusing the frp client to the frp server(s), which use that connection to forward port 443 (and any other ports I specify in the client config) into my lab. You could even terminate SSL in the cloud running nginx/Traefik/etc there, though I have chosen not to.
I would use cloudflare first and foremost. Tailscale doesn’t use public IPs, instead they use cgnat space from rfc6598 inside 100.64.0.0/10 I believe. Though you may be able to open a port or something, it’s not really the intended use of the service and could introduce some unexpected results or exposure.