@matt If I do, the first thing I'll have to sort out is isolation of the server from the rest of my network. I know it's doable--my server has a 4-port NIC, and my new router can absolutely do VLANs, traffic isolation, and other stuff. I just have to figure it all out. There are a few things I'd like to publicly host without having users first be on my Wireguard.
@alexhall @matt Had to come up with a solution for this myself recently. Home server is hosting several private things that only I need to have access to over LAN or Tailscale, but some things need to be publicly accessible. Didn’t feel like publishing my home IP in DNS records either, solution was to rent a cheap (€3 / month) VPS, which then directs internet traffic to my home server via Tailscale using haproxy. Works surprisingly well so far.
@robin_kipp @matt I tried something similar, though using Wireguard directly instead of Tailscale, and couldn't get it to work. It's probably the route I'll go back to if I ever get to this project. I don't have a static IP, and my ISP charges quite a lot for one. Far more than I pay for my Digital Ocean droplet VPS.
@alexhall @robin_kipp @matt if you have already a VPS, you can run a reverse proxy there to your service at home to expose it. There are a few tools that will take care of the networking
@alexhall @matt Yup, I’m in exactly the same position. No static IP and would have to pay a small fortune to get one, and honestly also not sure if I’d even want that for my home internet, my browsing behavior would be even easier to track by advertisers in this way. Hit me up if you do decide to try this again, I already have a working config for this anyway and I’m sure it could easily be modified for your setup.