I have a nextcloud instance being hosted from my home network. The URL associated with it points directly at my home’s IP. I don’t want to host the instance on a VPS because disk space is expensive. So, instead, I want to point the URL at the VPS, and then somehow route the connection to my home’s nextcloud instance without leaking my home’s ip.

How might I go about doing this? Can this be achieved with nginx?

EDIT: Actually, not leaking my home’s IP is not essential. It is acceptable if it is possible to determine the IP with some effort. What I really want is to be able to host multiple websites with my single home IP without those websites being obviously connected, and to avoid automatic bots constantly looking for vulnerabilities in my home network.

  • poVoq@slrpnk.net
    link
    fedilink
    English
    arrow-up
    0
    ·
    edit-2
    1 year ago

    Nginx can also do something called SNI routing that would allow to keep the connection between your VPS and your homeserver encrypted, but overall I think a Wireguard tunnel is probably more flexible.

    • Max@mander.xyzOP
      link
      fedilink
      English
      arrow-up
      1
      ·
      1 year ago

      Oh, cool! I have managed to do it with the Wireguard tunnel! I set up a tunnel and use the nginx proxy_pass to redirect through the tunnel. It is pretty nifty that I don’t even need to port-forward!

      My next step is: in my current configuration, the SSL handshake occurs between the VPS and connecting client. So the VPS has access to everything that goes through… I need to figure out how to hand-shake through the tunnel such that the VPS does not get the SSL keys.

      Thanks a lot for your suggestion!