I have a vServer rented that i want to use as a tool server for my private projects. I have installed wireguard (Wireguard should be the only service reachable from the outsite) and set up ufw (Blocking everything except Wireguard). I have installed k3s with prebuild Traefik. My idea is that this Traefik is only reachable through the Wireguard VPN.
What I've tried so far:
- UFW rules (Does not work because it collides with K3S automatic iptable configurations. Those rules are also very confusing to me...)
- Traefik entrypoint address: Traefik does not work with the IP from the wireguard interface
- Reconfigure service loadbalancer for traefik: When i reconfigure the loadbalancer service for Traefik (Currently listening on the public IP) the changes are not saved.
Does anybody has a hint what could be the solution? I am going nuts ...
Cheers
