I use both a home server and a cloud VM, and they work together. I'm thankfully able to use FreeBSD 14 on my cloud VM (just a preference).
I push data from my home server for easy access on my cloud VM. For example, weather data from my weather station, images/time-lapses from my weather cam. I have no ports open to my home network. Basically just fun stuff without exposing my home network.
I use the cloud VM as an SSH "jump box" into my home network. My OpenBSD box sets up a remote SSH tunnel port. I can then use the SSH -J option to jump through the cloud VM into that home OpenBSD box (as well as chain "jumps" to other home servers).
* This way I don't need any home server to trust a cloud VM.
* This mostly is for checking on my Home Assistant instance.
* I've also fixed some things remotely with an SSH session.
Do I need all this? Well, would be less fun without.
The test for me in defining social medial is whether its core is based a graph of connections. This is where you lose control in, for example, FB: Meta can infer many details about me without me ever posting anything, such as figuring out my home town based on relatives and school friends -- many other examples.
And this is why I no longer use any Meta products.
What I can do is help my family and friends understand the choices they are making (e.g. use Signal to talk to me). That rush they feel posting something has effects on people in their graph and now they at least understand that and pause.
Another example is ancestor "research" type sites, or DNA tests to find "your true ancestry". I had no choice a cousin of mine chose that as a hobby.
I still find SSH adequate for connecting to a home server remotely. I don't have the CGNAT terrible problem but I also don't do any port forwarding on my home router.
Instead, I have a VM running on a cloud provider that I SSH to from an OpenBSD box inside my home network. The SSH connection establishes a reverse SSH tunnel. This opens a port on the cloud VM to tunnel to my OpenBSD sshd port.
With the reverse proxy to my home OpenBSD box established, I can use the SSH jump box option, -J. I connect to the cloud VM and "jump" through the tunnel to the OpenBSD box at home. You can even specify multiple jumps if I need to connect to another machine in my home.
I can also set up a local tunnel through that jump for things like connecting to my Home Assistant server from my remote laptop or phone.
If I'm understanding correctly, this will break whenever the IP address of your tunnel changes. You'll have to reestablish all of your connections.
My use case for tailscale: have an SSH (or other) connection to my home server while working from home. Drive to a coffee shop, register on their network, and continue using the same connection. (Or hotspot, if I'm somewhere without Wifi.)
The IP address of my server does not change. When at home, the packets do not leave my home network. When out and about, they do.
It's magic to me. I set up a sophisticated (read: overkill) SSH tunneling setup previously, using Match rules in .ssh/config to autodetect the network I was on so that `ssh myserver` would always go via the correct route. But my connections were still interrupted broke when I switched, and I'm not good enough at networking to do any better.
(I guess this is what Wireguard is for? I could access my server via a fixed IP address on my machine that goes to a tun device, and that would send the packets to the actual server if nearby otherwise hand off to the carrier pigeons? Is that what the tailnet is doing? I don't understand how packets get intercepted by tailscaled, though I do see a tailscale0 device. Is that just a vanity license plate version of tun0? Why does `ip route show` give me only routes through my actual devices, then? Never mind, this isn't a helpdesk. I'm just getting old and stupid, I think.)
> If I'm understanding correctly, this will break whenever the IP address of your tunnel changes. You'll have to reestablish all of your connections.
The tunnel is on localhost only. The VM has a static IPv4/IPv6 with DNS.
Connecting the SSH tunnel from my home is stable as well as connecting to the VM remotely.
I do appreciate Tailscale and Wireguard. I was more responding to the fact that I don't have to trust any provider here, other than the one keeping my VM running.
I am thankful my father-in-law gave me his HP-35 purchased in the early 1970s. With it came a metal case with a lock and a base you would bolt to your desk. It was a precious item back then.
Thankfully the power supply still works so I can take it out every so often and enjoy the history of it.
I was pleasantly surprised to see FreeBSD part of the list of available cross-platforms running .NET. I already had a FreeBSD instance for ZFS and was able to also host a website and some workloads written in C#, avoiding the need for a separate Linux instance.
I resigned myself to the fact that IoT crappy devices will always exist and I isolated these to their own VLAN with IPv4-only (maybe I'll go dual-stack at some point).
Yes, VLANs add complexity -- even the obligatory IoT VLAN -- but I generally want to keep these IoT devices isolated anyway.
I push data from my home server for easy access on my cloud VM. For example, weather data from my weather station, images/time-lapses from my weather cam. I have no ports open to my home network. Basically just fun stuff without exposing my home network.
I use the cloud VM as an SSH "jump box" into my home network. My OpenBSD box sets up a remote SSH tunnel port. I can then use the SSH -J option to jump through the cloud VM into that home OpenBSD box (as well as chain "jumps" to other home servers).
Do I need all this? Well, would be less fun without.