I currently use zero trust to tunnel my websites and use ssh, since my ISP do not open any port.
Is possible to set a VPN server using zero truest? where can i find a example or documentation?
As far as I know, application ports (apart from the ones supported) don’t work.
In the OpenZiti project (technically not a VPN, I would say the next generation built on zero trust principles) we utilise mTLS and E2E encryption using Libsodium (chacha20-poly1035). This allows you to run any IP protocol and shift your packets from one place to another while not having any inbound ports. Ref: https://openziti.github.io/
that is super interesting, however my IT skills arent so good to completely understand openziti project 
, could you help me with the main concepts I have to know to “tunnel” a vpn through openziti?
There are a couple of good blogs that discuss it. One for minecraft and one for home assistant
I work on the project too and I’d be happy to help you understand either here or over on the Discourse forum.
Main idea is that you use a VPS - a virtual private server - to run your OWN vpn. We also have a nice ‘how to do that’ with Oracle’s free tier you can find on the blog if that sounds fun… Once you have your own VPN setup, you define a service you want to share, you authorize an identity to “bind” the service (to act like the “server-side proxy” sort of) and then you install the overlay clients and authorize people to use that service.
There are some devils to it, like any tech, some new concepts to read about and whatnot.
If that sounds cool, check it out and if you have questions lemme know here or in discourse and we’ll see if we can get you going
Excelent! I’ll definitely take a look this weekend 
I have seen the blogs, and the projects are quite interesting, however the concepts still difficult to understand.
Ive installed according to “Host OpenZiti Anywhere” (following oracles free tier video) and https://ip:8441 works well. Then i tried to install the ziti console, but it failed at the last step:
Process: 3587 ExecStart=/usr/bin/node /root/.ziti/quickstart/hel1-u22/ziti-console/server.js (code=exited, status=1/FAILURE)
Ive run it on a hetzner vps using ubuntu22 openning all neccesary ports, don’t know if that makes a difference.
I currently use pivpn+pihole on the server, although I can simply open the neccesary ports, I just want to use a zero-trust technology to run multiple applications, so openziti is perfect.
I would really appreciate if you can provide to me some practical examples.
Sure. How about we turn it around and ask what kind of app you’re trying to secure, would that help? I thought securing a Minecraft server or HomeAssistant were particularly practical examples (i mean as opposed to “toy” samples) but if something easier or more directly interesting to you would be more impactful and helpful, so maybe let’s try that? That covers the example portion of your reply but you also had a second one around the UI…
As to the ZAC installation and exit failure, I probably need a bit more context on that one. If you use “journalctl -fu ziti-console” it should be constantly restarting over and over again. Is there something in the logs that’s useful to get that going? I would think there’d be something in there that was an obvious issue, often it’s the version of node is too old.