Thing is, you grew up in the pioneering age of computing, and in that time you needed to do everything yourself. This gave you a bunch of skills for free, that are hard to do today, because most of the hard stuff is automated away and snuck behind a gui and/or containers.

Syslog is what you are looking for.

Even if you can get the appZTNA stuff to work (which I doubt), how is your infra going to absorb multi Tbit traffic without customer impact?

Some script that parses blocklists into unbound local-data statements, combined with cron and unbound-control

If you want to forward an ssh connection over an existing ssh connection, ProxyJump is the way to go.

This. You need to tune the zfs memory, esp if the box is shared with other applications.

They have some pointers in their documentation: https://webmin.com/faq/

you need to reconfigure webmin to serve you a wss:// url towards that websocket. The second S in wss stands for securitah! :)

Definetely! In your case I would get a vps from somewhere and host from there. Cloudflare is not going to work around your power issues. Some caching CDN might, but that would make the service read-only

Mja, business decisions are up to you and your clients. This sub is about selfhosting, so you can expect answers that are about, well, selfhosting ;-)

Objectively you reduce your attack surface if you actually self-host wireguard, since you dont control 3rd party products, and cannot give any guarantees wrt their security.

Unpopular opinion, yes, but security > convenience ;-)

My life became less stressfull since I started to depend less on technology. I do need a playground to keep my skills sharp tho.