Well, that’s good and all, but if you want to reach some services like Jellyfin without a VPN, then you need to go this route. Because if you have some folks like your parents or friends who you want to give access to these services but they don’t want to have a VPN Then I can only think of two routes to go. The one is opening ports on your router or the second is VPN to an VPS. Or maybe have a cloudflaredtunnel setup.
Comment on Using VPS for remote access of my server - some questions
frongt@lemmy.zip 1 day ago
Configure the VPN route for only that one address, not the whole subnet.
If you only have the VPN, nothing exposed directly, you don’t need fail2ban at all. I suppose you could configure it for the VPN service, but that seems unnecessary to me.
MIXEDUNIVERS@discuss.tchncs.de 1 day ago
frongt@lemmy.zip 1 day ago
Sure, but OP doesn’t want to do that.
Tywele@piefed.social 1 day ago
or the second is VPN to an VPS
is what I want to do
irotsoma@piefed.blahaj.zone 1 day ago
Fail2ban, crowdsec, or similar is still nice to have on the VPS side to reduce the load on your internet connection from abusive bots and LLM scrapers and such.
Personally, I’ve been having good luck with Pangolin, but I have several services that I expose via different subdomains.