phein4242B

Definetely! In your case I would get a vps from somewhere and host from there. Cloudflare is not going to work around your power issues. Some caching CDN might, but that would make the service read-only

If you want to forward an ssh connection over an existing ssh connection, ProxyJump is the way to go.

This. You need to tune the zfs memory, esp if the box is shared with other applications.

They have some pointers in their documentation: https://webmin.com/faq/

you need to reconfigure webmin to serve you a wss:// url towards that websocket. The second S in wss stands for securitah! :)

Start by reading what DNS can do. Good luck!

Objectively you reduce your attack surface if you actually self-host wireguard, since you dont control 3rd party products, and cannot give any guarantees wrt their security.

Unpopular opinion, yes, but security > convenience ;-)

Thing is, you grew up in the pioneering age of computing, and in that time you needed to do everything yourself. This gave you a bunch of skills for free, that are hard to do today, because most of the hard stuff is automated away and snuck behind a gui and/or containers.

Syslog is what you are looking for.

Even if you can get the appZTNA stuff to work (which I doubt), how is your infra going to absorb multi Tbit traffic without customer impact?