So I have RetroPie setup locally, but don’t understand enough /trust myself to punch holes in my home router. So I was thinking about setting up a Droplet I can turn on when needed, but is it possible to setup RetroPie on a VPS then turn on Netplay to play with a friend? Obviously I would need some sort of remote desktop connection to the server instance as well, right? Or would I be better off following exactly that and just hoping nothing else sneaks through the firewall at the same time?
The main problem with VPSs is they tend not to have GPU hardware support like the Pie so the experience of remote play would be terrible even before you consider the latency issue.
I don’t have experience with the RetroPie but if you don’t want to punch a hole in your router you could use SSH port forwarding to something like a Digital Ocean droplet (use do.co/dln for a free one) so your friend would just connect to the droplet’s IP.
If you want even better security you could have your friend also ssh into the server and reverse port forward the port you forwarded to the droplet so they can connect to you as if you’re playing on their local machine.
Let me know if you need some details. Someone may have a better solution though.
I was sort of with you until “reverse port forward the port you forwarded” lol. I don’t know enough about port forwarding either; it’s better than just opening say one UDP port? I don’t know what opening a UDP port does either though. I have a DO account already too, so I could do either, really.
The benefit of port forwarding to something like a droplet is it allows you to expose your computer’s local port publicly on a remote server without having to adjust your home network or expose your IP. Anyone connecting to that port on the droplet will connect to your local computer as if it was in the cloud. It gets more complicated if you want a secure connection end to end.
If you’re talking about opening a port on a DO server, all ports are already open by default in their control panel and in their OS images.
If you’re talking about your home router, that should be fine. Just look up how to do port forwarding to your LAN IP in your router’s GUI, it should have it. Just make sure to only open the port(s) your software needs to communicate and preferably close it when not in use.
In terms of vulnerability that’s really down to how vulnerable your software/os is which I have no idea.
If you don’t want to expose the software publicly, you could expose an SSH port instead (Make sure there’s a strong password or key based auth first, Pis are notorious for default passwords) and have your friend SSH into it and reverse port forward to his computer.
Here’s an example of your friend connecting to your house:
Secure your Pi:
Find a guide to set up decent SSH security (lots everywhere) then set your router to port forward TCP port 22 to the Pi’s LAN IP. Your friend would then run:
If you’re using keys and you gave him one:
ssh -R PORT:localhost:PORT USER@YOUR_HOME_IP -p 22 -o IdentityFile=~/.ssh/PI_KEY
Or password example:
ssh -R PORT:localhost:PORT USER@YOUR_HOME_IP -p 22
(Where PORT is the one the game needs to communicate)
Your friend would then type in “localhost” into the game as the IP for connecting to your Pi remotely.