I have a small homelab that is not open to the internet. I am considering the following setup. Please let me know if there are any glaring issues or if I am over complicating things.

  • I want to setup a reverse proxy in the cloud that will also act as a certificate authority. (I want to limit who can access the server to a small group of people.)

  • I will setup a vpn from a raspberry pi in my home to the reverse proxy in the cloud.

  • The traffic will pass from the raspberry pi vpn to my homelab.

I am not sure if I need the raspberry pi. I like the cloud as the reverse proxy as I do not have a static IP. I would just get a cheap vps from hetzner or something like that.

  • @[email protected]
    link
    fedilink
    English
    -11 month ago

    If you use tailscale you can omit the raspberry pi and tunnel directly from the reverse proxy to each server (could do this with wireguard but requires a little more setup). Also you can configure your cloud server as an exit node so that all traffic from your device go through it, sort of as a vpn service. It’s not as anonymous as a paid VPN service but at least you bypass the ISP or local wifi provider if you’re out and about.