Hey fellow selfhosters! Hope you’re doing well, today I would like to have some help to know how I could make this project a reality. So I would like to give to friends and family a VPN access to my homelab (probably with Wireguard).
I also have a VPS in the cloud and I can VPN to it to anonimize outgoing connections.
So basically in the case that a friend ask a local service I want the request to come to my home with his VPN connection and then comeback directly from my home.
In the case that a friend request google[dot]com I want the request to come to my house and then go trough the VPS to make the request from it and not from my home. Then comeback from google to the VPS to my home to the client.
The principal issue I have is how can I route my services directly trough my home without going into the regular WWW, but make all other requests to go trough the VPS and to the WWW
If you need some more explanations or infos, feel free to ask.
PS : I also self host PiHole so all the DNS requests should go trough it (and maybe I could use it to route requests where I want by tweaking my domain request to local IPs?)
This is not what I exactly want to do. Requests to my home services are protected by not going directly to my home and rather going trough VPS, but since I know my friends I can let them go directly to my home without at any time go trough the VPS (expect to make up the out request).
In that case you would need to add the peers to the wireguard node you have running in the home lab as well. Wireguard can route peer to peer and will take the shortest path available to it.
That said, i highly recommend first getting things working in a “spoke and hub” style wireguard configuration with either your homelab or the vps as a central peer, then add peers as endpoints after you have everyone with working connections to the central peer. Its just a heck of a lot easier to trouble shoot and get your head around thatway.