Thanks, I like it. The downside is that the VPS can see the content of my services, so it’s no good if you don’t trust the VPS provider, or if the content is too sensitive to allow that. I think it’s a good trade-off for my usage though. Performs well. One of the services I proxy is a rpi serving images downloaded from weather satellites. Connecting directly to the pi is super slow, but the proxy caching makes it 100% faster.

I use a $2 VPS in Quebec that proxies my home stuff over Tailscale. It uses Caddy and does the TLS encryption and caching. It has the providers DDOS protection, plus I have configured the firewall to have some further protection.

It could also just directly forward TLS packets over any sort of VPN if you didn’t trust the VPS provider or wanted to reduce cpu load.

The VPS is a $2 instance and very under powered, however it has a dedicated static IP and some Ddos protection. The basement computer is powerfully and capable of providing various services, but I don’t want any trouble with my home IP address. Tailscale let’s the VPS see the home computer securely.

I use both. Caddy on a VPS that reaches into my Tailscale network and proxies services hosted on a computer in my basement.

Either DMZ on the first router, or bridge mode on the second.

Your opinion is a hard-learned lesson here. I only recently figured that out. The Nextcloud “app store” is just too tempting.

I use both as well. They server different purposes. When my wife wants to take a quick scan of a paper document and archive it instantly, or have pictures auto-upload, or open and edit a document we worked on a year ago, all on her IPhone, the Nextcloud client works great and really has no competition in the iOS world. When I want to keep the files in my home directory, including some big, regularly changing files, instantly synced between computers and hosted VMs, Syncthing is amazing. I also add Syncthing shares as an external source in Nextcloud, so I can open those files via the web. As others have said, Nextcloud works fine, provided you don’t start installing all sorts of “apps” you don’t need -stick to the basics.

Wow, what a dumb thing to claim when you have surrounded yourself with “free speech absolutists”. They are going to lose it on him, right? …. Right?

I see you have a bunch of good answers now, so I’ll ask; if you are comfortable self hosting, why not consider a VPS? Yes it can be a little bit of maintenance, but it’s very minimal and you get far more flexibility and the ability to further develop those selfhosting chops.

I use sendgrid as my outgoing smtp relay to avoid ip reputation issues you mention. You still have to configure your dns settings for spf and dkim pointing at their servers instead of yours. Their free tier is 10x the email I’ll ever send so it doesn’t cost anything. There are a few companies in this space with free tiers. It works, but it isnt Gmail level deliverability. I still get spam binned occasionally.

This is signal detection theory combined with an arms race that keeps the problem hard. You cannot block scrapers without blocking people, and you cannot inconvenience bots without also inconveniencing readers. You might figure something clever out temporarily, but eventually this truism will resurface. Excuse me while I solve a few more captchas.