This is a decent writeup on applying “Zero Tust” principles to a home lab using mostly open source tools. I’m not the author, but thought it was worth sharing.
I’ve been researching zero-trust for my homelab recently and I’m considering OpenZiti instead of Cloudflare since I think it can all be self-hosted. The BrowZer from OpenZiti is especially interesting to me. The fact that I’m behind CGNAT is a hurdle though.