My current setup is that I have a home server running a number of services that are only accessible to myself on my local network (Jellyfin, Home Assistant, etc.) and a DigitalOcean droplet I rent that runs a number of public facing items (personal websites). I’ve been looking into running my own Matrix server for myself and some friends, but while it will be public facing, I would prefer to run it on my own hardware for cost and storage reasons.
I have gotten it up and running the “old fashioned way”, by pointing my domain at my home network, setting up port forwarding and a reverse proxy. Is this the recommended solution? I have heard vague references made to somehow using a VPS service to forward specific traffic to a home server via WireGuard. I’m not sure how this is done, or really what the benefits are, so I was curious if anyone had any advice.
I’m sure it’s also doable via your own vps, but I think most people are talking about managed systems like cloudflare tunnels https://www.makeuseof.com/use-cloudflare-tunnel-expose-local-servers-internet/
I’ve used this and it’s really easy
Just wanted to add this link explaining how to use tunnels in a more privacy respecting way
https://help.nextcloud.com/t/is-cloudflare-tunnel-safe-privacy-focused/150268/2
Problems with TLS (free option of routing on cloudlfare tunnels)
> interception (or HTTPS interception if applied particularly to that protocol) is the practice of intercepting an encrypted data stream in order to decrypt it, read and possibly manipulate it, and then re-encrypt it and send the data on its way again. This is done by way of a “transparent proxy”: the interception software terminates the incoming TLS connection, inspects the HTTP plaintext, and then creates a new TLS connection to the destination.