Suggestions for Non-VPN external access for non-techie family members? WAY more detail inside.
Currently trying to figure out the best way to allow external access to some services like NextCloud for my less tech savvy family members that do not care to or will not remember to VPN to access said services. Cloudflare Tunnels might have been... OK for some of this but I understand others would be against TOS plus there is the MITM issue to consider.
Right now everything I'm hosting is running in the UFW ignoring containerized wizardry that is TrueNAS Apps/Docker Containers which while convenient from a setup standpoint hardware wise seems a nightmare networking wise. I admit to a bit of a learning gap in regards to the wrapping my head around networking and DNS records for such containers. Used to giving everything physical NICS, Static IPs and sticking them behind physical Load Balancers. If I can 1.) Get more powerful hardware, I have RDIMMS (see below if you wanna help in my other thread). 2.) See if I can cut out TrueNAS entirely via Proxmox. If I can get the hardware, etc to run everything in Proxmox I think my brain will thank me.
I have a domain through Cloudflare, A public IP through my ISP, and a UniFi UCG-MAX (that will likely be upgraded to UCG-Fiber at some point for extra 10GbaseT, gPON and throughput) so I have some base level of IDS/IPS and already GEO block unsolicited incoming from pretty much everywhere, so while I guess port forwarding would not be the END of the world it makes me leery. What would your recommendation be for the least friction method to implement external access to the following services?
- Jellyfin (will likely remain inaccessible from anything besides Wireguard/Teleport VPN unless I run into a device I need to access them with that can't).
- Home Assistant (mostly I need SSL certs for some features and most of my attempts for self-signing have failed when using the Android APP and/or the browser keeps needing me to forget the cert it's strange and I'm fed up or this would be VPN only too)
- Audiobookshelf
- NextCloud
- Calibre Library
- Eventual Game Server^(TM) probably Palworld.
- FoundryVTT
- Matrix/Conduit
If you would like to help me pick a new hardware platform for my HomeLabbing and self-host projects I have a thread over in r/HomeLab I'm currently scouring eBay for LGA3647 and X99 (such as X10DRH-CT) motherboards.