Hey everybody,
I’m not sure if this post is in the correct spot right here. But let me try to express my needs…
I have several VPS out there and I want to securely maintain them. Every Server has the following software stack on it:
NPM with MariaDB
WordPress
MySQL for WordPress
NPM is using a frontend and backend network in Docker. Everything else is using backend. Via NPM I’m routing my traffic to the WordPress Docker on Port 80 (internally). Handling it via SSL externally of course!
Now, to maintain everything I have to check every server on its own. My thoughts are, if I use my management VPS and install a VPN Server with split tunnel functionality and connect to each VPS to access the NPM Management-Website, the Ubuntu Exporter (will be installed in the future) and Cadvisor (will be installed in the future), my Wazuh instance and so on. Everything that’s only for my eyes to sum it up.
I hope it does make sense in any way what I’m trying to do. Hope you guys can help to give me some ideas.
Consider SSH dynamic port forwarding combined with firefox container tabs.
SSH dynamic port forwarding basically gives you a local proxy on your client, which routes all your traffic through the SSH server of choice. You can then set up an appropriate amount of containers in firefox and assign the proxies to their respective containers.
I’ve been doing this for a while, and it is extremely convenient. Feel free to ask me if you have any questions.
You could also do local port forwarding for each service you want to access, no need to fiddle with proxies in that case, but you have to set up a new rule for each service you want to access.
Wireguard or for that matter Tailscale/Headscale will do what you want, you just do not need to add a exit node to Tailscale/Headscale to access the server.
I will add/suggest is locally at home just setup a service like uptime kuma to see that your services are up instead of manually checking each server.