aesir

I like it, it was released a couple of days ago so something might require a bit more polishing but overall it looks better to me.

I have heard of several cloud screw-ups as well, leading to charges of several thousands.

On one side this can happen if you experiment something outside of the free machine(s), on the other side you have all the reporting and notification tools to avoid surprises.

Nonetheless, I still see your point, reason why I prefer to use an almost dry revolut prepaid for all the cloud accounts instead of my main credit card.

As you wish, indeed the only free offer without credit cards is the one of azure for students. In any case you are not anonymous.

Considering the small audience and purpose, I would not have any problem using the always free offerings of either Oracle or Google (the latter especially if located in the US).

I don't know, wouldn't the Hypervisor be able to track resources usage by itself without anything else?

If postmarket os works on that device maybe you can go full Linux (alpine), there will be no systemd which might be a problem and I am not even sure about docker compatibility. You can look it up though.

Relays have become a pro feature in the last release. I tested them on netmaker.io SaaS version and they work but it defeats the purpose of selfhosting my VPN manager. You also need to have a good relay, for instance among GCP, Azure, Oracle and Vultr only the latter works because their VPS are not behind a NAT.

Netbird first of all is extremely resource hungry. In some occurrences completely hanged a 1 GB RAM VPS when I was testing. Even without trashing I had issues connecting many of my peers. It has to be said that it was surely my fault in some ways as netbird.io SaaS worked fine.

Tailscale just works, I recently tried netbird and netmaker. I did not manage much with the first but netmaker instead seemed even easier to manage than tailscale, being faster at the same time. Unfortunately it failed with peers behin my corporate NATwhich tailscale can bypass with its own relays. But for others it can work very well.

ssh -p 12345 would leave your boxes accessible from anywhere too. Other blocks of IPs receive 10 times or more requests, as scanners can focus on blocks of ips from major providers.