Hi, I moved this year to another city, because my internet provider didn’t give me a dedicated ipv4 address I can’t use a dyndns like duckdns. Another thing to mention is, that I have a dslite tunnel. So I can’t set up dyndns…
So my recent setup is a truenas server sitting under my desk. This is connected via cloudflared to the cloudflare tunnel. There I have my services like seafile or nextcloud configured. They are all pointing to a traefik instance that routes the traffic to the right container.
So to summarize what I have:
- Truenas server
- multiple services
- dslite tunnel
- own domain
- Cloudflare tunnel
- v-server
- Nginx
- docker
To visualize the route the traffic is going
Internet - cloudflare tunnel - cloudfared docker - traefik docker - service (nextcloud) docker
So I want to setup something on my v-server that routes the traffic to my homeserver (truenas)
Internet - DNS (cloudflare) - v-server - (magic docker service on truenas) - traefik docker - service (nextcloud) docker
Does someone have an idea how to solve this?
My suggestion would be to setup a VPN service in your publicly available v-server. The most suggested solution is wireguard.
Then you can connect your truenas to that VPN and make it accessible, maybe via nginx.
The traffic flow would be:
That’s a good point. But that’s also the point where my tinkering won’t help me… Do you have a writeup or a yt video where nginx points to the wireguard VPN? Another question. If I set up the wireguard tunnel, how can I just route the traffic from traefik?
I found this writeup and it looks correct, but I have not tested it.
The author posted a nice graphic that shows the idea:
I’m not sure I understand why they need two Caddy servers. The first one should be a simple port forward, no need for a proxy forward. Unless they want to do something with the connections at application level, but it sounds like they simply forward them as-is.
You need two caddy servers if there are other websites on the vserver that will use port 80/443. If not, port forwarding (eg. with iptables) will work.