Will share this evening after work.

My setup: Locally (all in docker):

• JF for managing and local access
• JF with read only mounted volumes that uses the network of my Wireguard client container
• Wireguard client opening a tunnel to Wireguard server on VPS ** Ping container regularly doing pings to Wireguard Server so the connection stays up (didn’t manage it otherwise)

VPS (Oracle Cloud free tier, also everything in docker):

• Caddy as a reverse proxy with https enabled and geolocking (only certain countries are allowed to connect to)
• fail2ban to block IPs that try to bruteforce credentials
• Wireguard server

Usernames are not shown in the frontend and have to be entered. Passwords are generated by a password manager and can’t be changed by the user.

So my clients just get the URL of my reverse proxy and can access the read only JF through my Wireguard tunnel. Didn’t have to open any ports on my side. If someone is interested I can share the docker compose files later.

My Proton account still runs til November (it’s cancelled) this year, would be nice to subscribe to Tuta and activate it starting October so I cpuld move stuff. Guess I have to hope for other deals in the future

Thank you. Guess I have to rewatch it.

Thank you kind stranger!

What’s the source of the gif?