this post was submitted on 28 Oct 2023
3 points (100.0% liked)
Self-Hosted Main
515 readers
1 users here now
A place to share alternatives to popular online services that can be self-hosted without giving up privacy or locking you into a service you don't control.
For Example
- Service: Dropbox - Alternative: Nextcloud
- Service: Google Reader - Alternative: Tiny Tiny RSS
- Service: Blogger - Alternative: WordPress
We welcome posts that include suggestions for good self-hosted alternatives to popular online services, how they are better, or how they give back control of your data. Also include hints and tips for less technical readers.
Useful Lists
- Awesome-Selfhosted List of Software
- Awesome-Sysadmin List of Software
founded 1 year ago
MODERATORS
you are viewing a single comment's thread
view the rest of the comments
view the rest of the comments
Thank you for sharing, looks great. I wonder how you configured access to the Kubernetes services. You mentioned you leverage WIreguard VPN but is it possible to configure SSL certificates for the VPN services?
I have added an edit but before you posted this so let me answer here (you can check the edit also if you feel like it)
Basically I use traefik and cert manager to retreieve star SSL certs (*.domain.com) for all the domains I own, as those are done via DNS-01 challenges you don't need your server to be accessible via internet.
The VPN is then pointing at adguard for its DNS and adguard points my star domains to traefik which then redirect to each services with the star certificate
EDIT: external services such as the VPN itself is also redirected via Traefik using external services objects so my VPN can sit outside the cluster (in my trueNAS machine) but still have an SSL cert
Thanks, indeed you are right using DNS 01 challenge can be appropriate for this. Btw do you use a VPN for transmission. I mean, for egress traffic, I have been trying to figure out how to set it up without any luck.
I don't require it as it's allowed where I live for personal use ^^
But you would require a sidecar pod from whatever vpn and use a given config by your vpn provider then redirect all pod traffic through your sidecar but I think some images of transmission have it all included.