• Vent@lemm.ee
    ·
    3 months ago

    Cloudflare tunnel (aka a reverse proxy, like ngrok) will also likely work for your mystery project, and it’s free. VPN is more secure, but as always, it's a trade-off between the security of a vpn and the convinence of a reverse proxy that's available on the open internet.

    • TankieTanuki [he/him]
      hexagon
      ·
      edit-2
      3 months ago

      A reverse proxy like nginx?

      Basically, I want to move files between my NAS (behind CGNAT) and webserver and rsync isn't cutting it. I think WireGuard will be best, then I can use my existing NFS and Kerberos infrastructure.

      • wheresmysurplusvalue [comrade/them]
        ·
        3 months ago

        Do you need a static IP or could you get away with using dynamic DNS like duckdns? I think wireguard allows you to use a hostname instead of IP address. The wireguard peers would have static private IPs in the VPN address space. I had a much simpler setup than you, but this is what I was doing before tailscale.

        • TankieTanuki [he/him]
          hexagon
          ·
          edit-2
          3 months ago

          A dynamic IP would work; I just need an IP that is unique to my router and isn't shared by a dozen other households---I don't know what the term for that is.

          There is a way to make it work with WireGuard using something called MASQUERADE, I'm learning.