Step 1: go through the basics :

Step 2: Identify your Global IPv6

Step 3: DuckDNS Automation

Step 4: Configure your Router(configure your ISP settings)

Step 5: Web Server & SSL:

Step 6: Firewall settings

Step 7: Tailscale:

Final check: You know it's always handy to have your own home server; you can do all kinds of things with it. Like hosting your personal websites, running cron jobs, automation services, and if you have a beast PC, also hosting AI models and running AI services.

This is a step-by-step guide to set up your Ubuntu home server and make it available over the internet. Before anything, you need a fresh installation of Ubuntu server Update your systemsudo apt update && sudo apt upgrade -y Install essential tools:sudo apt install curl cron sed -y Find your address:ip -6 addr Look for the "Global" address. It usually starts with inet6 2405:201:... Create the directory : mkdir ~/duckdns && cd ~/duckdns Create the script: nano duck.sh Paste this(Replace with your info):echo url="https://www.duckdns.org/update?domains=YOUR_DOMAIN&token=YOUR_TOKEN&ipv6=$(ip -6 addr show dev eth0 | grep 'scope global' | grep -v 'temporary' | awk '{print $2}' | cut -d'/' -f1)" | curl -k -o ~/duckdns/duck.log -K -[You need to go to this DuckDNS website, create a domain you like, and the token they will provide] Set Permissions: chmod 700 duck.sh Add this to the bottom: */5 * * * * ~/duckdns/duck.sh >/dev/null 2>&1 Your router blocks all incoming traffic by default. You must create a "Pinhole." Go to your router admin panel, for example, 192.168.29.1 Service Setup: Go to Security > Firewall > Custom Services. Add a service for Port 80 and Port 443 (TCP). Firewall Rule: Go to IPv6 Firewall Rules.Inbound Rule: Allow traffic to your Global IPv6 (from Step 2) using the services you just created. Install Apache: sudo apt install apache2 -y Install Certbot: sudo apt install python3-certbot-apache -y Get Certificate:sudo certbot --apache -d yourdomain.duckdns.org UFW firewall:sudo ufw allow 80/tcpsudo ufw allow 443/tcpsudo ufw allow 22/tcpsudo ufw enable You can also set up private SSH keys to access remotely (without passwords) Fail2Ban: Install to block brute-force attacks: sudo apt install fail2ban -y Tailscale is a private VPN. You should use it alongside DuckDNS, not instead of it. With Tailscale: You can access your server's terminal or files from anywhere in the world (even if DuckDNS or your Router's public port fails) without opening ports. Install: curl -fsSL https://tailscale.com/install.sh | shsudo tailscale up[If you mess up a firewall rule and lock yourself out of the public IP, Tailscale provides a private "backdoor" to get back in and fix it.] test DNS: nslookup yourdomain.duckdns.org (Should show your IPv6) Web access: Visit yourdomain.duckdns.org VPN: Turn off Wi-Fi on your phone, turn on Tailscale, and try to SSH into the Tailscale IP. If you want to host any application, you need to open those ports. Templates let you quickly answer FAQs or store snippets for re-use. Do let me know if this worked for you :> as well , this person and/or - Find your address:ip -6 addr- Look for the "Global" address. It usually starts with inet6 2405:201:... - Create the directory : mkdir ~/duckdns && cd ~/duckdns- Create the script: nano duck.sh- Paste this(Replace with your info):echo url="https://www.duckdns.org/update?domains=YOUR_DOMAIN&token=YOUR_TOKEN&ipv6=$(ip -6 addr show dev eth0 | grep 'scope global' | grep -v 'temporary' | awk '{print $2}' | cut -d'/' -f1)" | curl -k -o ~/duckdns/duck.log -K -[You need to go to this DuckDNS website, create a domain you like, and the token they will provide]- Set Permissions: chmod 700 duck.sh- Schedule it(Cron):- Run crontab -e- Add this to the bottom: */5 * * * * ~/duckdns/duck.sh >/dev/null 2>&1 - Go to your router admin panel, for example, 192.168.29.1- Service Setup: Go to Security > Firewall > Custom Services. Add a service for Port 80 and Port 443 (TCP).- Firewall Rule: Go to IPv6 Firewall Rules.Inbound Rule: Allow traffic to your Global IPv6 (from Step 2) using the services you just created. - Install Apache: sudo apt install apache2 -y- Install Certbot: sudo apt install python3-certbot-apache -y- Get Certificate:sudo certbot --apache -d yourdomain.duckdns.org - UFW firewall:sudo ufw allow 80/tcpsudo ufw allow 443/tcpsudo ufw allow 22/tcpsudo ufw enable- You can also set up private SSH keys to access remotely (without passwords)- Fail2Ban: Install to block brute-force attacks: sudo apt install fail2ban -y - With Tailscale: You can access your server's terminal or files from anywhere in the world (even if DuckDNS or your Router's public port fails) without opening ports.- Install: curl -fsSL https://tailscale.com/install.sh | shsudo tailscale up[If you mess up a firewall rule and lock yourself out of the public IP, Tailscale provides a private "backdoor" to get back in and fix it.] - test DNS: nslookup yourdomain.duckdns.org (Should show your IPv6)- Web access: Visit yourdomain.duckdns.org- VPN: Turn off Wi-Fi on your phone, turn on Tailscale, and try to SSH into the Tailscale IP. - Email [email protected]- Location India- Joined Aug 20, 2025