Oracle VPS Gateway¶
The VPS is the only publicly exposed system in the architecture.
🔐 Responsibilities¶
- Public entry point (141.144.233.165)
- TLS termination via Caddy + Cloudflare DNS challenge
- Reverse proxy routing
- Runs core services:
- Portainer
- Glance
- Authentik
- Caddy
🌐 Firewall Rules¶
Only selected IPs are allowed:
- My home public IP (admin access)
- Cloudflare (for DNS challenge + proxy validation)
Ports exposed:
- 80 → HTTP redirect / ACME
- 443 → HTTPS traffic
🔁 Tailscale Integration¶
The VPS is part of the Tailscale network:
- Connects directly to Proxmox cluster
- Routes traffic securely to internal services