You do need to be able to reach your public IP to be able to VPN back in. I have a static IP, so no real concerns there. But, even if I didn't, I have a Python script that updates a Route53 DNS record for me in my own domain - a self-hosted dynamic DNS really.
You certainly can run Wireguard server in a docker container - the good folks over at Linuxserver have just the repo for you.
The problem there, as we're already seeing, is arsehole councils taking action against people on private properties, where the people either own the property, or have the property owner's permission, and live in tents or caravans there.
Every layer of government has their fair share of blame to wear for this, from the snouts at the trough in the local city councils, to the fat wankers in suits in Canberra. Not one single government has done anything remotely positive to improve the future of housing in this country in the past 20 or so years.
Instead, they've encouraged and rewarded foreign ownership and rich landlords that own dozens of properties. Our monetary policy is tied to a broken measure of financial health, where the snake eats its own tail: higher rent contributes to higher inflation, which contributes to higher interest rates, which contributes to higher rent.
All our governments have done is create the perfect conditions for a massively bloated housing market that's almost impossible for anyone to get into without already being in the middle-to-upper earning brackets.
Councils have to start thinking along humanitarian grounds, and enable people to live self-sufficiently, rather than punishing them for it. It's not hard to see a future where a pensioner dies on a park bench in the middle of winter, because they couldn't afford to rent or pay their mortgage, got permission to live in a van on someone's rural block, and some cunt of a councilor decided a bullshit zoning law was more important than human dignity.
This may take us down a bit of a rabbit hole but, generally speaking, it comes down to how you route traffic.
My firewall has an always-on VPN connected to Mullvad. When certain servers (that I specify) connect to the outside, I use routing rules to ensure those connections go via the VPN tunnel. Those routes are only for connectivity to outside (non-LAN) addresses.
At the same time, I host a server inside that accepts incoming Wireguard client VPN connections. Once I'm connected (with my phone) to that server, my phone appears as an internal client. So the routing rules for Mullvad don't apply - the servers are simply responding back to a LAN address.
I hope that explains it a bit better - I'm not aware of your level of networking knowledge, so I'm trying not to over-complicate just yet.
Yeah, this is why I jumped ship to Immich last year. I was donating to PP, with the understanding that donating users would get access to multi-user features when they happened.
Then they put them behind a paid recurring subscription. For self-hosted users. That move broke all the trust with me.
Mullvad is great for outbound VPN, but inbound is a PITA without port forwarding (as you've said). I just host a Wireguard container for inbound connectivity now, and it works flawlessly.
Actually, Nintendo Switch, mainly because I can take it anywhere. I just don’t find myself with heaps of time to sit down for proper gaming sessions any more.
The tyranny of getting older, and having family responsibilities.
The first time was because I was sick of paying the "Australia tax" for new releases that took longer to reach us than most of the rest of the world. The second time was due to subscription fee hikes with associated reduction in quality & range of content.
It's a fucking travesty what's happening to him. He shone a light on some pretty sordid shit, shit that was definitely in the public interest to be reported, and he's been made into the villain.
Our government should be fucking ashamed of themselves.
I've been thinking about exactly the same problem.
We want to give our near-10yo daughter her first phone, but she's not allowed to have it at school. She's also getting to the point where she can be trusted at home for an hour or so before one of us gets home from work, so I also need a presence detection method that doesn't use a mobile phone.
My best theoretical solutions are like those already suggested here: an ESP32 BT proxy detecting a homebrew BLE beacon in her school bag, or detect activity on her iPad/the TV. But neither of those are reliable for all scenarios - she obviously doesn't take her school bag to her friend's house, and doesn't always use her iPad or the TV.
The only other thing I'm pondering is if I could setup facial recognition using our video doorbell. I use Frigate with a Coral TPU, so hoping there's a project out there that could possibly do that.
Don't be a dick, mate. Engage just a little bit of critical thinking before calling people names like that.
By law where I am, our kids aren't allowed to have their phones at school. My daughter's school's policy, then, is that phones are left at the school office.
We want to give our soon-to-be 10yo daughter her first phone later this year (times with a planned family trip, so it can be her new camera as well). But if she takes it to school and has to leave it at the office, I can guarantee she'll absolutely forget on more than one occasion to pick it up before coming home.
So, her phone will have to stay home. But we're also getting to the point where she can be trusted to let herself in and wait for one of us to get home (like OP, maybe an hour or so). So a presence detection option can't be based on whether the phone has moved into the geo zone in HA.
This is a legitimate question for modern parents. Denigrating OP without knowing or understanding all the facts certainly does shine a light on ignorance at play here. Just not OP's ignorance.
And paying more and more as time goes on. The thing that shits me the most is the increased prices but decreased range/quality of content. That's clearly not a business model aimed at customer satisfaction.
sigh Chester.... Him and Chris Cornell. There's always gonna be a hole in my music-loving heart when I hear either of these guys sing.