Lots of options. Here’s what I do:
I have HAProxy running on my VPS (Hetzner), and it routes traffic over my WireGuard VPN to whatever physical device on my internal network handles that service (i.e. 2). This allows me to add devices to my network as needed, and TLS certs all live on that device.
This is probably overkill for your setup since it sounds like you can talk to your home router from the internet (I can’t because I’m behind CGNAT), so you could drop #1 and just use Caddy, assuming you’re okay with having all traffic handled by a single device. Or you can see if your router supports SNI-based routing to handle what I’m using HAProxy for.
If you don’t need to share your services w/ anyone, you can have everything live inside of a VPN and just access it via that VPN. You can look into Tailscale if you want something dead simple, and I think Cloudflare offers something similar. I started with that, but decided I wanted to share a number of services with family members, and I didn’t want to force each of them to configure my VPN.
=> More informations about this toot | View the thread | More toots from sugar_in_your_tea@sh.itjust.works
=> View sem@lemmy.blahaj.zone profile
text/geminiThis content has been proxied by September (3851b).