Yes your description is just right and is the heart of my question. To use your terminology:

Currently:

• Away from home: Phone -> VM -> Home Server
• At home: Phone -> VM -> Home Server (inefficient!)

Ideally:

• Away from home: Phone -> VM -> Home Server
• At home: Phone -> Home Server

In the ideal case, I would never have to change anything about the wireguard config/status on the Phone, nor would I have to change the domain name used to reach the resource on the Home Server.

Oh hm I didn’t think about your last point, maybe it’s not really an issue at all. I think I’m not 100% on how the wireguard networking works.

Suppose I tunnel all of my traffic through wireguard on the remote server. Say that while I am home, I request foo.local, which on the remote server DNS maps to a wireguard address corresponding to my home machine. The remote will return to me the wireguard address corresponding to the home machine, and then I will try and go to that wireguard address. Will the home router recognize that that wireguard address is local and not send it out to the remote server?

Yes that would work, but it feels a bit cumbersome to have 2 fqdns per service, which I would have to switch between using depending on on whether I’m local or not.

Right but I want to be connected to wireguard always, I just want the DNS/routing to be different based on home vs foreign network.

And so when away do you just directly connect to the external IP and do port forwarding?

So you have a public DNS record pointing to your home IP?

I think tailscale would work, though I’d ideally want to use something like headscale instead, but that’s a bit of a logistical hastle for my setup. Do you know if pangolin can handle this as well?

That sounds roughly correct, though I don’t see the connection with the article? Unless you’re saying that “products” (like Signal) will always exist, which is probably true but is orthogonal to whether or not other models will succeed.

As for email, I think posteo does a pretty good job, but you’re right options are few and far between. But self hosting email is just as viable as ever? Perhaps less so since e.g. gmail will instantly flag your incoming mail as spam if you’re sending it from randomsite.tld, but honestly that issue hasn’t gotten that bad (yet). Yes, whenever there’s a protocol like email or xmpp, companies will create gmails and signals and turn them into walled gardens, but that doesn’t spoil the protocol for everyone else. It just causes frustration that companies build closed products on top of open technologies, but not much to be done about that.