Hello

Trying to see if there is an easier way or if is secure.

I have a VPS. I want to use for web services (docker) only accessible internal and not exposed to interent e.g. ZorAxy/ngnix manager.

I don’t want to use Tailscale as the VPS is headscale and feel not secure.

Don’t want to use VPN as I don’t want my device to connect to it, forward my traffic from VPS IP. Also I use android a lot and that uses a commerical VPN.

So I thought ssh tunnel, make tun device on vps, and make docker compose port to the tun ip. Can then use a proxy on android to connect to my internal web servers. As for Linux, I have to make another tunnel and proxy my browser - problem is that everything from the browser goes through my vps, so like a VPN.

Just wondered if there was an easier solution and is this way secure?

Thanks