It’s something I am looking for since years without luck. If your resources are just spaces and desks you might take a look at https://seatsurfing.app/

I always hoped to find something more complex, with per user and per resource limits and custom rules, but I found only a few closed source Saas solutions in this sense.

Use docker on arch. It is perfectly fine for one server. The need for release based distributions strictly comes only when managing many servers where updates should be unattended.

I tried netmaker, nebula, and ended up using netbird. My issue with all the others was traversing my corporate network. Netmaker and Nebula UDP hole punching failed while Netbird just did it without issues by relying on coturn.

I did not test headscale, which could have worked by using DERP relays, because user space wireguard on Linux clients and registry editing to make the client work on Windows are a setback for me. Also, access control is far less user friendly with respect to what netmaker and netbird developed.

The only thing to know before selfhosting netbird is that it requires an identity provider, zitadel as installed by default or any other selfhostable solutions take a lot of resources so if running on a base VPS one should look instead for a managed IDP.