Reason for my question is the following:
I want to host some services on my public server and while they all have normal password protection, I want to ensure the security a tiny bit more. Therefore I want to limit the access to the specific services through ufw and nginx to specific IP addresses. For my homeaddress I can use DYNDNS to get my current IP. However that will not work for my phone, when I’m on the go.
I don’t want to constantly use vpn, as it slows down the speed of the internet connection significantly. Instead I would much prefer to just simply keep my server updated on my phones IP, so I can update the necessary config files through a script and thus allow my phone to access the services, where ever I am.

  • NikStalwart@alien.topBEnglish
    2·
    10 months ago

    I think you are overcomplicating and undercomplicating things at once.

    Proper VPNs will allow split tunneling  —  only the traffic that needs to go through the VPN will go through the VPN.

    So, the solution would be:

    • Set up a VPN capable of split tunneling — vanilla Wireguard and tailscale should work
    • Set up split horizon DNS so that you get are pointed to the internal/VPN-facing IP address of your server while connected to the VPN *???
    • Profit