• BluePhoenix01@sh.itjust.works
    link
    fedilink
    English
    arrow-up
    2
    ·
    10 months ago

    Very good points all around.

    So far, I have WireGuard set up, and activate it when I need access.

    This year I have considered Cloudflare tunnels to enable them only to issue SSL certificates (instead of signing my own like I did last year). But not sure if it is worth it or if I should just keep signing myself.

    (Cert is mainly to avoid SSL warnings on iOS and browsers, so far I am the only one using what I host)

    Might also be nice to not have to configure each device to use a different dns server (my own), but not sure the benefit is worth having that dns record “out there” and Cloudflare “in here”.