This is what ngrok does right? I'm really interested in how this works, I've never looked into it before. Presumably it requires some kind of dynamic DNS updates if you don't have a static IP?
ngrok, localtunnel, pyjamas, the list is endless..
Yeah, many ways to do it, one is running your own DNS server and have wireguard connections use that DNS server.
I want to avoid having DNS issues, so I'm thinking more like this:
1. DNS CNAME *.internal.example.com 123.23.45.67
2. On 123.23.45.67, run wg.
3. On 123.23.45.67 , run nginx. nginx must be in the same network to do geo blocking on Wireguard peer addressess.
4. Create one nginx server config per service to map domain names to upstream servers. Use variables for upstream servers, allow nginx to start even if upstreams unreachable. Add internal locations for custom errors (Forbidden, Unreachable, etc).
5. When connecting to 123.23.45.67 via Wireguard (ie, Peer Endpoint = 123.23.45.67), ensure 123.23.45.67 is in the range defined by Peer AllowedIPs.
