Comment on Need some help with remote access please.
possiblylinux127@lemmy.zip 2 weeks ago
Caddy supports mTLS so if your client apps support it you could put everything behind client certs (assuming your services support it)
You also could use plain Wireguard since it might be simpler if you have the option to open up the firewall.
I would also deploy IPv6 since it will help a lot of performance on carrier grade Nat networks like mobile data.
Tippon@lemmy.dbzer0.com 2 weeks ago
I’m still a bit confused with all of this so I might be getting things completely wrong. I thought that I needed to get certificates for anything that I wanted to make public with an URL, and that’s where I thought Caddy came in, but a few of the other replies have said that I can use the Cloudflare tunnel and let them sort out the encryption. That seems like it should be easier for me, as I’ve dealt with it already.
IPv6 isn’t available through my ISP as far as I can tell, they only enable it locally through their router at the moment.