For people who know about networking, if I setup lesbian.solutions to run in my home and set it up to connect to a reverse proxy somewhere else, I'd point the domain name to that second server's IP right? Would it connect to the fedi from that point or from my house?

@dragon with just a reverse proxy the outgoing fedi connections would happen from your house

@dragon as i run pixie.town to a setup like that, here's what I do to prevent that:

- wireguard (vpn software) to make a tunnel between vps and server at home
- server has all outgoing traffic going through that vpn
- nginx runs on vps, reverse proxy to the internal wireguard interface IP for the homeserver (something like 10.0.0.2)

@f0x I think that's about the setup I want, can I ask why you use the reverse proxy and the vpn? It feels like just the VPN would work but I think I'm missing something

@dragon @f0x yeah i have a similar setup but with iptables rules rather than nginx on the vps

mainly i don't want ssl terminated until it reaches my physical server

@haskal @dragon without the reverse proxy you would have to port-forward to the homeserver's port 80/443 and uhh that sucks (fuck iptables) :p
also that way you can have the vps nginx itself listen on 80/443 so some sites/paths are handled by the vps and some reverse proxied onto the homeserver

but as haskal mentions that's the tradeoff, with a setup like that all traffic has to be decrypted on the vps

@f0x @haskal right okay so if I just want the second server to act as a proxy both ways I can have the VPN and the reverse proxy setup so that everything that goes in or out of my home server goes through it?

@dragon @haskal if you really just want it to push traffic both ways, you only need wireguard + (iptables) portforward