And if you don’t have an unique public IP address, for example because you are behind CGNAT, you can use Pangolin. It tunnels all traffic from your homelab to a VPS via Wireguard and exposes your services via a Traefik reverse proxy. Pangolin also automates the Traefik setup and provides a webui to configure the individual proxies.
For a VPS I recommended ionos, because they offer servers with unlimited traffic starting at only 1€ per month with server locations in both Europe and the US.
Just do Caddy instead of nginx/cerbot all that garbage. Caddy just simply handles it all for you: Subdomains, wildcard certs, authentication, ssl
My whole caddy config file is like 6 lines; something like
@mydomain.com {ipaddress:portpath:/}And you can do all sorts of plugins that make it compatible with fail2ban, etc.
I hear Traefik is pretty easy to set up too.
And if you don’t have an unique public IP address, for example because you are behind CGNAT, you can use Pangolin. It tunnels all traffic from your homelab to a VPS via Wireguard and exposes your services via a Traefik reverse proxy. Pangolin also automates the Traefik setup and provides a webui to configure the individual proxies.
For a VPS I recommended ionos, because they offer servers with unlimited traffic starting at only 1€ per month with server locations in both Europe and the US.