You can. I recommend making sure you have logging in place so you know what's going on. This could include not just service logs but firewall logs as well. You might want to rate limit the connection attempts for SSH and WireGuard and consider Fail2Ban or something similar.
sainth
joined 2 years ago
Yes, that's one way to do it. Another way is to pick some amount you can afford to save and buy bitcoin every month or so. Hold it for a few years and always spend your oldest coins first. For example $20 from 2020 buys $200 worth of stuff now.
What does running pfsense in a virtual machine really give you? Consider setting up the ubuntu server as a router directly. The most important part is making sure you configure the firewall correctly (iptables or nftables). dnsmasq can handle dhcp requests and hostapd can provide wireless. Be careful that all services are listening only on appropriate network interfaces before you connect it to the internet.
Most VPNs don't allow port forwarding, and if they do it's a random port that changes frequently. So you'd need a method to tell people the new port. Also, you typically want to use SSL so you'll have to use self signed certs. Though interestingly LetsEncrypt recently started testing certs for IP addresses:
https://letsencrypt.org/2025/07/01/issuing-our-first-ip-address-certificate