Investigate mesh VPN / service mesh

[FedericoCeratto]

Backend hosts (and developer workstations) connect to each other and authenticate using a mixture of iptables rules, postgresql credentials, SSH credentials, HTTPS + basic auth, SSH port forwarding. Investigate if a mesh VPN or service mesh could help simplify the auth methods, ensure encryption is always used, prevent exposing services to the whole Internet,.

[hellais]

This is relevant to the issue we were having with the API host too.