Hey all! For the longest time I’ve had a server that hosts some things (eg Syncthing), but is only available via SSH tunneling.
I’ve been thinking of self-hosting more things like Nextcloud and Vaultwarden. I can keep my SSH tunneling setup but it might make it difficult to do SSL.
How do you manage the security of having public-facing servers?
Either tailscale the network and not worry about it being “public facing” or if it must be somewhere in the denizens then an outbound only connection between a secure remote server and my server.