Self-hosted Infrastructure Migration and Public Access via Mesh VPN

Migrating from a VPS to self-hosted infrastructure primarily in a new Toronto data center enables greater control over backend operations, while also distributing non-demanding workloads across various locations like a studio or individual homes. This setup allows for creating support systems that do not require direct audience interaction. To maintain public access without exposing LAN IP addresses and minimizing interference from the ISP, a mesh VPN approach, such as Tailscale, is implemented. This method permits the separation of the public-facing VPS from the backend without dependencies on physical node locations. The dynamic nature of the ISP's IP further reinforces the reliability of this architecture. Initial configurations using traditional methods like open ports proved ineffective due to peering issues with ISPs, prompting a re-evaluation of the setup. A minimal VPS setup was established using Linode, leveraging Nix OS for streamlined deployments and maintaining a lightweight architecture that avoids the complexities and risks associated with distributed systems. Overall, this approach enhances system robustness and flexibility.