You'd receive traffic on IP:PORT, that's segregation right there. Slap on a DNS name for convenience.
I might have my MetalLB config lying around somewhere (it's super easy, I copied most of it from their website), I can probably paste it here if you'd like.
Exposing services publicly on the Internet is a L3-L4/L7 networking problem, unfortunately I don't know enough about your situation to comment.
Edit: the latter end of your post is correct. You could route to different end-points that way
I used tmux extensively at home with a pimped out config. But then I started using it on servers at work which don't let me configure it, so I'm just using default keybindings now.
TBH something like ratpoison would be more of my thing if I ever switched to WMs except it's no longer maintained (sucks). I don't want to spend too much time configuring it though so bspwm is probably out of the running already. Do you think I'll like i3? I've heard people calling it bloat. Well I suppose if you're not using dwm/ratpoison you're OK with so called bloat anyway
You don't need to. It connects over TOR and has no back-end servers that it relies on. Briar and Simplex have forward secrecy and are the only two I would personally use
TrueNAS is just better QoL for people who don't want to deal with the cli all the time. I don't care so I don't need it. I have a separate k8s cluster anyway so it's pretty much pointless for me other than specific things like the ACLs which the GUI is good at
Ingress controllers like Traefik come across as LB services to IPAM modules like MetalLB (I've never used Kube-VIP but I suppose it's the same story). These plug-ins assign IP addresses to these LB services.
You can assign a specific IP to an instance of an "outward-facing route" with labels. I don't remember technical terms relevant to Ingresses because I've been messing with the Gateway API recently.
MetalLB + map new external IP to sub-domain == profit.
Read some of the other comments: it's not about your control plane. All you need is multiple external IPs which an IPAM module/plug-in can provide (MetalLB, Cilium and maybe Kube-VIP: I've never used it).
Do I give a shit? I'll pirate everything I can till the end of time and if I'm feeling generous I'll donate to the artists on band camp or something. Nobody but the smaller artists need my money anyway
Needs to be compatible with said tablet, not always the case