this post was submitted on 29 Jul 2024
42 points (92.0% liked)

Selfhosted

40183 readers
850 users here now

A place to share alternatives to popular online services that can be self-hosted without giving up privacy or locking you into a service you don't control.

Rules:

  1. Be civil: we're here to support and learn from one another. Insults won't be tolerated. Flame wars are frowned upon.

  2. No spam posting.

  3. Posts have to be centered around self-hosting. There are other communities for discussing hardware or home computing. If it's not obvious why your post topic revolves around selfhosting, please include details to make it clear.

  4. Don't duplicate the full text of your blog or github here. Just post the link for folks to click.

  5. Submission headline should match the article title (don’t cherry-pick information from the title to fit your agenda).

  6. No trolling.

Resources:

Any issues on the community? Report it using the report flag.

Questions? DM the mods!

founded 1 year ago
MODERATORS
 

Hello all,

I have started experimenting again with a local server and I am facing a few issues, here is my case.

I run Debian o an old HP prebuilt without GUI. I do everything with ssh from my laptop (basic connection ssh user@addr)

I have installed docker. I have installed a few containers. I also installed portainer for easier management.

All good so far because everything is local.

I have purchased a domain with cloudflare and set up a tunnel as to avoid exposing any ports and having an easier time managing and deploying stuff.

I have set up jellyfin and vaultwarden but when I tried to install nextcloud AIO it was advised to add a local reverse proxy as to avoid many problems.

My questions are:

Is the tunnel solution appropriate for jellyfin?

I suppose it's OK for vaultwarden as there isnt much data being transfered?

Would it be better to run nginx proxy manager for everything or can I run both of the solutions?

Any general recommendations on the above and in general are appreciated!

you are viewing a single comment's thread
view the rest of the comments
[–] OminousOrange@lemmy.ca 11 points 3 months ago (2 children)

I'm definitely not a network pro, but it sounds like you're looking to do something similar to what I have.

I've got nginx proxy manager as my reverse proxy with pi-hole for local DNS. All traffic goes through the pi-hole and anything going to mydomain.com has DNS entries pointing to nginx. I've set nginx up so service.lan.mydomain.com is for anything local and just service.mydomain.com for anything external with wildcard SSL certs for both (*.domain doesn't seem to cover *.lan.domain so add certs for both - probably because it's a sub-subdomain).

The Cloudflare tunnel can then just get directed to service.mydomain.com instead of the IP of the service.

[–] piracysails@lemm.ee 1 points 3 months ago (1 children)

I have read all comments and most of them provide useful information but I think this is what I need indeed.

Do you have any sources / guides on how to proceed with these configurations? :)

[–] OminousOrange@lemmy.ca 1 points 3 months ago

Unfortunately there isn't really an all-in-one guide. TechnoTim has info on the Pi-hole config side and wildcard certificates, but I think he uses it with traefik.

NPM is pretty straightforward. If you find a site isn't working, try turning on Web Socket support.

I'd say just search for guides on each part individually:

  1. Get all the services installed and up and running
  2. Get SSL certificates from Cloudflare for your domain.
  3. Set up NPM for the services you want to reverse proxy with your Cloudflare SSL certs (they wont work until the next step is done)
  4. Set up pi-hole to be your local DNS (there's also adblock lists to add) and configure it to send all service(.lan).mydomain.com to the ip of NPM.
  5. Set up the Cloudflare tunnel.

I can try to help if you run into any issues.