Hey, I have a server at home that is running several services and I want to make it accessible in 3 ways
- Via LAN for me when I am at home, access to all services
- Via Tailscale when I am outside, access to all services
- Via Cloudflare tunnels to let others access some services on my system
The solution I have come up with is as follows
I own a domain (say example.com) and have obtained SSL certificates from let's encrypt for the domains myserver.example.com and *.myserver.example.com.
All services running on my server are behind an nginx reverse proxy with each service assigned a domain like service1.myserver.example.com with encryption with the afforementioned ssl certificate.
I am also running a bind9 dns server on my server with a split dns config that responds with the tailscale ip for requests coming from the tailscale subnet and responds with the local ip for requests coming from the local subnet.
Since I can't add multilevel subdomains for cloudflare tunnels in their free tier, for services that I plan to share with others I am going to set service1-myserver.example.com to point to the tunnel and share that url to them.
Is there any change I should make to this? Any advice will be appreciated