I have a nextcloud instance being hosted from my home network. The URL associated with it points directly at my home’s IP. I don’t want to host the instance on a VPS because disk space is expensive. So, instead, I want to point the URL at the VPS, and then somehow route the connection to my home’s nextcloud instance without leaking my home’s ip.
How might I go about doing this? Can this be achieved with nginx?
EDIT: Actually, not leaking my home’s IP is not essential. It is acceptable if it is possible to determine the IP with some effort. What I really want is to be able to host multiple websites with my single home IP without those websites being obviously connected, and to avoid automatic bots constantly looking for vulnerabilities in my home network.
These two questions are really quite different and the answers to each are completely different.
Or… to say the same thing another way, do these “multiple websites” need to be accessible by the public?
If not, then use wireguard. This way your home network only needs to expose a single port listening for wireguard connections. Not much of an attack surface area.
If so, then use a reverse proxy. This way you expose a single port 443 listening for https connections, and nginx (or whatever) routes requests to the correct internal port depending on the domain used in the request. Again, not much of an attack surface area.
No bots are going to assess your multiple websites and conclude that it’s your home network, because it will just look like any other web server on the net. Additionally even if they did conclude that it’s your home network an nginx server listening to https requests is the same surface area you would have if you were forwarding all the traffic via your VPS.
IMO, in all cases the VPS is just added complexity for no benefit.