

I recently switched my home to using cloudaflare tunnels from dns because the ISP blocked traffic. my services are exposed to the Internet, so if you only want access by vpn, I’ve found tailscale to be easier than wireguard. If you want external access, you can get a domain name from CF and set up cloudflared on the host device and target the docker service names. But with both ways, you can have your ports not exposed to the Internet.
I formerly used external DNS until the ISP blocked the modem.
WTF