Hello!
To expose servers running on my local network, I created [tunwg](https://github.com/ntnj/tunwg). Unlike similar solutions (ngrok, cloudflare tunnels etc.), tunwg doesn't decrypt HTTPS traffic and forwards it directly to your local client based on SNI. It generates persistent subdomains across restarts, and can be used with your own custom domain, without requiring any account.
You can self host the server too. The server is stateless and adding new clients doesn't require any server configuration. The default server is bandwidth limited.
Tunwg client and server run wireguard interface on gvisor's userspace network stack, so it doesn't require or interfere with your OS wireguard. On startup, client exchanges wireguard public key with server, and outputs a custom subdomain derived from client's wireguard key. The server gets the subdomain from SNI and forwards the TCP stream to the relevant client's gvisor stack.
