I have started experimenting again with a local server and I am facing a few issues, here is my case.
I run Debian o an old HP prebuilt without GUI.
I do everything with ssh from my laptop (basic connection ssh user@addr)
I have installed docker.
I have installed a few containers.
I also installed portainer for easier management.
All good so far because everything is local.
I have purchased a domain with cloudflare and set up a tunnel as to avoid exposing any ports and having an easier time managing and deploying stuff.
I have set up jellyfin and vaultwarden but when I tried to install nextcloud AIO it was advised to add a local reverse proxy as to avoid many problems.
My questions are:
Is the tunnel solution appropriate for jellyfin?
I suppose it’s OK for vaultwarden as there isnt much data being transfered?
Would it be better to run nginx proxy manager for everything or can I run both of the solutions?
Any general recommendations on the above and in general are appreciated!
I’m definitely not a network pro, but it sounds like you’re looking to do something similar to what I have.
I’ve got nginx proxy manager as my reverse proxy with pi-hole for local DNS. All traffic goes through the pi-hole and anything going to mydomain.com has DNS entries pointing to nginx. I’ve set nginx up so service.lan.mydomain.com is for anything local and just service.mydomain.com for anything external with wildcard SSL certs for both (*.domain doesn’t seem to cover *.lan.domain so add certs for both - probably because it’s a sub-subdomain).
The Cloudflare tunnel can then just get directed to service.mydomain.com instead of the IP of the service.
Unfortunately there isn’t really an all-in-one guide. TechnoTim has info on the Pi-hole config side and wildcard certificates, but I think he uses it with traefik.
NPM is pretty straightforward. If you find a site isn’t working, try turning on Web Socket support.
I’d say just search for guides on each part individually:
Get all the services installed and up and running
Get SSL certificates from Cloudflare for your domain.
Set up NPM for the services you want to reverse proxy with your Cloudflare SSL certs (they wont work until the next step is done)
Set up pi-hole to be your local DNS (there’s also adblock lists to add) and configure it to send all service(.lan).mydomain.com to the ip of NPM.
You are not logged in. However you can subscribe from another Fediverse account, for example Lemmy or Mastodon. To do this, paste the following into the search field of your instance: !selfhosted@lemmy.world
A place to share alternatives to popular online services that can be self-hosted without giving up privacy or locking you into a service you don’t control.
Rules:
Be civil: we’re here to support and learn from one another. Insults won’t be tolerated. Flame wars are frowned upon.
No spam posting.
Posts have to be centered around self-hosting. There are other communities for discussing hardware or home computing. If it’s not obvious why your post topic revolves around selfhosting, please include details to make it clear.
Don’t duplicate the full text of your blog or github here. Just post the link for folks to click.
Submission headline should match the article title (don’t cherry-pick information from the title to fit your agenda).
No trolling.
Resources:
selfh.st Newsletter and index of selfhosted software and apps
I’m definitely not a network pro, but it sounds like you’re looking to do something similar to what I have.
I’ve got nginx proxy manager as my reverse proxy with pi-hole for local DNS. All traffic goes through the pi-hole and anything going to mydomain.com has DNS entries pointing to nginx. I’ve set nginx up so service.lan.mydomain.com is for anything local and just service.mydomain.com for anything external with wildcard SSL certs for both (*.domain doesn’t seem to cover *.lan.domain so add certs for both - probably because it’s a sub-subdomain).
The Cloudflare tunnel can then just get directed to service.mydomain.com instead of the IP of the service.
I have read all comments and most of them provide useful information but I think this is what I need indeed.
Do you have any sources / guides on how to proceed with these configurations? :)
Unfortunately there isn’t really an all-in-one guide. TechnoTim has info on the Pi-hole config side and wildcard certificates, but I think he uses it with traefik.
NPM is pretty straightforward. If you find a site isn’t working, try turning on Web Socket support.
I’d say just search for guides on each part individually:
I can try to help if you run into any issues.