a cookbook style guide for carefully reverse-proxying services from your firewall-isolated home lan to a cheap vps via wireguard
i haven't found one yet. if it doesn't exist, i want to learn how, then do it, then write it for other would-be self-hosters
apprehension about pointing internet miscreants directly at my cable modem is what deters me from hosting services out of my hypothetical basement
after that, a guide for sharing one cheap vps among many self-hosters who want to do the same?
fuchsiaaaaaaaaaaaaaaaaa
@pho4cexa oof this is almost a callout post for me :P
pixie.town has been running like this for multiple years now, with servers at home proxied through a vps with wireguard. I just haven't had the spoons to properly write about it other than one-off conversations.
I also got started on a project to allow the latter, sharing such a vps among hosters in a userfriendly configurable way but that too got stranded a while ago
@f0x there's no such thing as free time for blogging in capitalism, nobody should fault you for that! 😁 hopefully i'll be able to make good on my promise to document my attempt. do you happen to have any public links to that stranded project i could take a look at?
(also i totally expect that after i get done writing this stuff down is when i'll finally discover that a nice how-to guide was already out there somewhere and google search was just failing me, as it ever more often does)
@pho4cexa the project was in a rather early stage; https://git.pixie.town/f0x/waasig/
because wireguard works around network interfaces, I wanted to use systemd containers to separate those from different users from each other. NixOS would be a great fit to convert the user-facing configuration panel into deterministic systems + config for the networks, but I got stuck on some of the networking complexities with the containers
@f0x ha, that's a great project name. regardless of its completion i'm sure to learn something from studying the work you've done already, so thank you!
@pho4cexa as for static downtime pages, setting a custom 502/504 page in nginx usually works well