Selfhosted
A place to share alternatives to popular online services that can be self-hosted without giving up privacy or locking you into a service you don't control.
Rules:
-
Be civil: we're here to support and learn from one another. Insults won't be tolerated. Flame wars are frowned upon.
-
No spam posting.
-
Posts have to be centered around self-hosting. There are other communities for discussing hardware or home computing. If it's not obvious why your post topic revolves around selfhosting, please include details to make it clear.
-
Don't duplicate the full text of your blog or github here. Just post the link for folks to click.
-
Submission headline should match the article title (don’t cherry-pick information from the title to fit your agenda).
-
No trolling.
Resources:
- selfh.st Newsletter and index of selfhosted software and apps
- awesome-selfhosted software
- awesome-sysadmin resources
- Self-Hosted Podcast from Jupiter Broadcasting
Any issues on the community? Report it using the report flag.
Questions? DM the mods!
view the rest of the comments
Try a reverse proxy (like the nginx-proxy-manager)
Why don’t you use LetsEncrypt? You shouldn’t be self signing certs these days
If you own a domain name you can use DNS challenge for obtaining the ssl cert, no need to open ports to get a cert issued. Nginx proxy manager has this feature built in and has support for many DNS name registrars.
This is exactly what I do to issue certs to my internal domains. It works great, and I eventually ported it over for my external ones as well.
Like the peer comment mentioned. just drop nginx in front and let it so the TLS handoff. always recommend to put nginx in front of any open source docker project as you can finetune many of the security controls there.
Do those restrictions cause issues with getting certs from Let's Encrypt?
Getting certs from Let's Encrypt should work fine with any provider, even if you can't open any ports, since they do support DNS challenge.
It definitely does. I have some internal-only sites that use Let's Encrypt certificates. I use acme-dns and Certbot.