Comment on Access control for selfhosted services via VPS?
SeeJayEmm@lemmy.procrastinati.org 6 months ago
What I do is have NGINX proxy manager running in the VPS with ACLs defined there and then forwarding traffic over the WG tunnel.
Alternatively you could treat the vps like a full VPN endpoint. Route all traffic over the tunnel and nat/masquerade on the vps.
Having done both. Option 1 is cleaner and you’re not routing unnecessary traffic over what is likely a metered link.
qjkxbmwvz@lemmy.sdf.org 6 months ago
Thanks! So, for local (not VPN) traffic I like to access the local IP for bandwidth reasons — would you then just set up SSL on both the local server and the VPS?
SeeJayEmm@lemmy.procrastinati.org 6 months ago
Yeah. I have a couple of those. I’ll admit it’s a little bit of a hassle but if you’re using something like let’s encrypt you could have a Cron job sync the cert.
rammer@sopuli.xyz 6 months ago
Let’s Encrypt’s certbot allows you to setup a script to be run after acquiring the certificate. No cron job needed.