I have set up a small Lemmy instance (Docker + NPM) for testing purposes, and I was wondering if it is possible to only expose the activitypub to the internet and hide the Lemmy UI behind my personal wireguard VPN. So the UI is only accessible on the local LAN.
The UI is not involved at all with the federation aspect, so you could just expose the backend and not the frontend.
That won’t stop anyone from using your instance however, the UI is just the UI, all the API calls go to the lemmy backend regardless. It’ll still be completely useable through say, mobile apps which only care about the backend.
Technically you could only allow the webfinger and inbox endpoints available to the wide internet, but I suspect that’ll be a bit fragile.
Thanks for the info. I knew about the inbox endpoint but the webfinger is new to me.