Selfhosted

40029 readers

1145 users here now

A place to share alternatives to popular online services that can be self-hosted without giving up privacy or locking you into a service you don't control.

Rules:

Be civil: we're here to support and learn from one another. Insults won't be tolerated. Flame wars are frowned upon.
No spam posting.
Posts have to be centered around self-hosting. There are other communities for discussing hardware or home computing. If it's not obvious why your post topic revolves around selfhosting, please include details to make it clear.
Don't duplicate the full text of your blog or github here. Just post the link for folks to click.
Submission headline should match the article title (don’t cherry-pick information from the title to fit your agenda).
No trolling.

Resources:

selfh.st Newsletter and index of selfhosted software and apps
awesome-selfhosted software
awesome-sysadmin resources
Self-Hosted Podcast from Jupiter Broadcasting

Any issues on the community? Report it using the report flag.

Questions? DM the mods!

founded 1 year ago

MODERATORS

Easily encrypt your home network services with lets-encrypt (blog.safewebbox.com)

submitted 1 year ago by [email protected] to c/selfhosted

26 comments fedilink hide all child comments

you are viewing a single comment's thread
view the rest of the comments

[–] vividspecter 8 points 1 year ago (4 children)

As a side note, how do people handle HTTPS with private networks (VPN or local) these days? I typically just stick to HTTP, but it would be nice to get rid of the warnings/lock (and I use HTTPS-only mode and firefox seems to require a fresh exception for every port).

[–] [email protected] 4 points 1 year ago (1 children)

DNS challenge, that way you don't have to have anything open to the outside. It needs to be using a domain you own and have registered, though.

Here's a tutorial with (seemingly) all the DNS providers: https://github.com/acmesh-official/acme.sh/wiki/dnsapi

[–] vividspecter 1 points 1 year ago

Nice. I was using an older ddns that didn't support acme, but switched to a different that supports it so I'll look into it.

[–] [email protected] 4 points 1 year ago

I have a public DNS entry pointing to the local IP. And use DNS based verification to get the letsencrypt certificate.

[–] [email protected] 3 points 1 year ago

Doing what the OP (same result, just different software) or I posted and assigning certificates to secure your local services means you can avoid the HTTPS warning that major browsers will pop up on an unsecure (HTTP) connection. Instead of going to an internal dns name without a certificate or direct to the ip....you assign a wildcard certificate to a domain name you've setup on your local dns. You then access that service via the HTTPS protected Domain name, with no warning.

[–] dustojnikhummer 3 points 1 year ago* (last edited 1 year ago)

Self signed certificates and import CA onto all of my devices.

Or, public DNS with cloudflare that points to local IP, but you can't do this with a .local domain