This video: https://www.youtube.com/watch?v=qlcVx-k-02E or this video: https://www.youtube.com/watch?v=jx6T6lqX-QM That is all you need to know to successfully set it up. They are really good. Good luck! 😊
this post was submitted on 19 May 2025
89 points (95.9% liked)
Selfhosted
46672 readers
732 users here now
A place to share alternatives to popular online services that can be self-hosted without giving up privacy or locking you into a service you don't control.
Rules:
-
Be civil: we're here to support and learn from one another. Insults won't be tolerated. Flame wars are frowned upon.
-
No spam posting.
-
Posts have to be centered around self-hosting. There are other communities for discussing hardware or home computing. If it's not obvious why your post topic revolves around selfhosting, please include details to make it clear.
-
Don't duplicate the full text of your blog or github here. Just post the link for folks to click.
-
Submission headline should match the article title (don’t cherry-pick information from the title to fit your agenda).
-
No trolling.
Resources:
- selfh.st Newsletter and index of selfhosted software and apps
- awesome-selfhosted software
- awesome-sysadmin resources
- Self-Hosted Podcast from Jupiter Broadcasting
Any issues on the community? Report it using the report flag.
Questions? DM the mods!
founded 2 years ago
MODERATORS
I know this is beyond the scope of your question but you are at a very similar place like i was over a year ago.
For the reverse proxy you want ingnx manager and it will handle all of your reverse proxies just fine.
But what i really want to recommend is to change up that debian into proxmox,
Proxmox is a debian based efficient server OS. Basically every service you run now can Easily be run as its own isolated container with very little overhang.
Best of all there is a community for Helper script that will install entire services including Nginx but even nextcloud from a single command.
https://community-scripts.github.io/ProxmoxVE/scripts?id=nginxproxymanager
Thx I appreciate the input. I have already a lot of things set up on the server and switching now would be painful and time consuming. I also use docker in conjunction with kvm-qemu and had I known about proxmox a month ago I would not have construct it at such but alas. I will however in the future get another hardware which I will use as a home server and I will definitely give proxmox a shot.
Unrealted but Alpine Linux is based af!
There's Nginx proxy manager if you want to set it up. But I'd rather go with Tailscale instead.
tailscale is not the same as nginx or any reverse proxy, though. I don't expose anything publicly, but I still wouldn't stop using a reverse proxy
Ok, fair enough.
Caddy
It’s three lines of configuration
jellyfin.example.com {
reverse_proxy http://localhost:8083/
}
Automatic https with let’sencrypt, simplicity of a single binary, downgrade is as simple as replace binary & restart service.
Fucking hell why do I use Apache 😂
Because you love the pain that comes with pulling your own hair out, one fistful at a time.
Wow
How does my DNS know where to look for this?
if you don't want to rent a domain, but you run a local DNS server (pihole, technitium) for filtering or other reasons, you can register your own domain names in there, for free. but don't use common TLDs to avoid conflicts, and leave ".local" alone too because that's used by mdns/avahi. You may use .home, .lan, or a few others I don't know without looking them up
-
you rent a domain
-
in the config (provided by the service where you rented the domain) you set it to point to the IP of the device where you run caddy
-
the service tells the relevant global DNS servers your setting
-
your DNS does a DNS lookup and a DNS server returns the IP you configured it to point to
Depending on the DNS you use, you can manually add entries to do 1-3 differently, but that will only work for devices that use your DNS and is hard.
load more comments
(11 replies)
I use Nginx Proxy Manager running as a docker container. Its a gui that makes administration more straight forward. It points at all my services (docker and otherwise) and handles the SSL for me. Because I don't want to have any ports open I use DNS challenge ACME and NPM has built in support for a number APIs from large public DNS providers to automate that.
i have nginx proxy manager set up all as well, but haven’t worked out the SSL part yet, so all my internal docker services are still on http
out of interest, how did you set up https with npm?
First set up your certificate in the SSL tab of NPM. You can either upload a traditional certificate or set up LetsEncrypt. Be aware that starting next spring the maximum length of a certificate will drop to 9 months and continue to decrease over the next few years until its 47 days.
I have mine set up so LetsEncrypt gets a wildcard cert for my domain (via DNS challenge). Some people go with per subdomain certs.
Once you have the cert, go you each of your hosts and switch to its SSL tab. Then select your cert. Then I usually turn on "Force SSL"
does a wild card cert essentially mean i have use one cert which will cover all my subdomains as well as the primary domain?
This plus technitium DNS is exactly my approach.
Since your a beginner, youll find nginx proxy manager easiest, it has a nice ui, and at this stage you are probably less intrested in the 10/10 fastest lighweight setup and more intrested in getting stuff working.
Did traefik become uncool? I only read about caddy/nginx/ha here.
my last experience with it was a half empty documentation, and a config structure that signaled to me that they dropped a lot of features for v2 release that they initially wanted to have, which has additionally made understanding their config structure harder. and that hasn't improved for years.
I think it's still one of the best solutions.
I prefer doing nginx on the host (vs a container), & have different configs for each service. You can have multiple services on the same port, it can be controlled via DNS instead (i.e.: access Jellyfin.domain.com & bitwarden.domain.com, both of 443).
Ive tried Caddy once or twice but couldn’t get it working, so i just stick with nginx & cert or to automatically get certificates from my internal CA
load more comments
(7 replies)
Reverse proxying was tricky for me, I started with Nginx Proxy Manager and it started out fine, was able to reverse proxy my services in the staging phase however, once I tried to get production SSL/TLS certificates it kept running into errors (this was a while ago I can’t remember exactly) so that pushed me to SWAG and swag worked great! Reverse proxying was straight forward, SSL/TLS certificates worked well however, overall it felt slow, so now I’m using Traefik and so far have no complaints.
It’s honestly whatever works for you and what you prefer having.
Nginx Proxy Manager was easy to learn as a beginner. I'd recommend it as a learning tool, if nothing else, and if you want to switch to other solutions later you can.
IMO, look into the linuxserver.io fork of NGINX, called SWAG.
It comes preloaded with a bunch of fantastic addons for security.
Quite easy to get set up, if you've got an idea about how it works.
I recommend Caddy. It's very easy to deploy, and configuring it is a snap. This tutorial helped me out a bunch. There is a Docker version of Caddy, tho I have never used it. I figured, Caddy would do better installed on bare metal. I use Caddy in conjunction with Duckdns.org. Caddy also takes care of renewing your certs when it's time.
view more: next ›