this post was submitted on 29 Jun 2023
0 points (NaN% liked)

Selfhosted

40183 readers
964 users here now

A place to share alternatives to popular online services that can be self-hosted without giving up privacy or locking you into a service you don't control.

Rules:

  1. Be civil: we're here to support and learn from one another. Insults won't be tolerated. Flame wars are frowned upon.

  2. No spam posting.

  3. Posts have to be centered around self-hosting. There are other communities for discussing hardware or home computing. If it's not obvious why your post topic revolves around selfhosting, please include details to make it clear.

  4. Don't duplicate the full text of your blog or github here. Just post the link for folks to click.

  5. Submission headline should match the article title (don’t cherry-pick information from the title to fit your agenda).

  6. No trolling.

Resources:

Any issues on the community? Report it using the report flag.

Questions? DM the mods!

founded 1 year ago
MODERATORS
 

I have a noob question but seem overwhelmed with all the information I get about it. Basically, why do I need a reverse proxy if all my services are not public? Every guide or video for self hosting there’s always talk of a reverse proxy, have been doing it wrong?

Here’s my setup: I have proxmox running with LXC containers and VM’s for different services some have docker. I have HAProxy on PfSense with a wildcard cert. and the built-in dns resolver, and I vpn home every time I need something.

Have I be going about this the wrong way? Would I benefit from Nginx or traefik? Or is HAProxy enough? Sorry for the stupid question, I’m like a kid with a new toy and overwhelming myself.

top 1 comments
sorted by: hot top controversial new old
[–] [email protected] -1 points 1 year ago

I did avoid them for a long time. Once I started to figure out how to self certify for https NPM became very helpful. DNS challenge does not require you to open any ports. you need a domain that supports dns challenge, though. Pointing cname to local ip of reverse proxy. And some routers may require rebind protection entry for that domain. Afterward: https and nice names for all my local only services.