this post was submitted on 19 Jun 2023
26 points (100.0% liked)

Selfhosted

40359 readers
340 users here now

A place to share alternatives to popular online services that can be self-hosted without giving up privacy or locking you into a service you don't control.

Rules:

  1. Be civil: we're here to support and learn from one another. Insults won't be tolerated. Flame wars are frowned upon.

  2. No spam posting.

  3. Posts have to be centered around self-hosting. There are other communities for discussing hardware or home computing. If it's not obvious why your post topic revolves around selfhosting, please include details to make it clear.

  4. Don't duplicate the full text of your blog or github here. Just post the link for folks to click.

  5. Submission headline should match the article title (don’t cherry-pick information from the title to fit your agenda).

  6. No trolling.

Resources:

Any issues on the community? Report it using the report flag.

Questions? DM the mods!

founded 1 year ago
MODERATORS
you are viewing a single comment's thread
view the rest of the comments
[–] [email protected] 1 points 1 year ago (3 children)

As a side note, how do people handle HTTPS with private networks (VPN or local) these days? I typically just stick to HTTP, but it would be nice to get rid of the warnings/lock (and I use HTTPS-only mode and firefox seems to require a fresh exception for every port).

[–] [email protected] 2 points 1 year ago

Doing what the OP (same result, just different software) or I posted and assigning certificates to secure your local services means you can avoid the HTTPS warning that major browsers will pop up on an unsecure (HTTP) connection. Instead of going to an internal dns name without a certificate or direct to the ip....you assign a wildcard certificate to a domain name you've setup on your local dns. You then access that service via the HTTPS protected Domain name, with no warning.

[–] [email protected] 1 points 1 year ago* (last edited 1 year ago)

Self signed certificates and import CA onto all of my devices.

Or, public DNS with cloudflare that points to local IP, but you can't do this with a .local domain

[–] [email protected] 1 points 1 year ago

DNS challenge, that way you don't have to have anything open to the outside. It needs to be using a domain you own and have registered, though.

Here's a tutorial with (seemingly) all the DNS providers: https://github.com/acmesh-official/acme.sh/wiki/dnsapi