I’m reading through and planning to setup boringproxy.
However I was wondering if there is way to restrict access to services to certain devices.
I’m thinking of setting up local wireguard and connect to local wireguard through boringproxy.
I’m trying not to worry much about setting up security for all services I’m running on LAN.
Later versions of boringproxy allow you to create tokens scoped to specific boringproxy clients, but overall access control is pretty rudimentary. It sounds like maybe what you’re looking for is something more like Tailscale (or selfhosting Headscale)?
Yes was searching around and seems like tailscale+headscale OR maybe rathole would fit better.