How are people doing HTTPS? (kbin.social)

submitted 1 year ago by stevecrox@kbin.social to c/selfhosted@kbin.social

18 comments fedilink hide all child comments

I have a PC I have installed Portainer on, with various docker services (home assistant, jellyfin, etc..) with an ISP supplied router fixing various device IP addresses and reaching out to dyndns.

I really want to move everything over to HTTPS connections by supplying certificates, tls termination, etc .
The issue I have is self signed certificates mean I have to manage certificate deployment to everything in the house.

I figure I need to link a domain to the DynDNS entry and arrange certs for the domain. However I can't make the link function and everywhere wants >£100 to generate a certificate.

How are people solving this issue?

you are viewing a single comment's thread
view the rest of the comments

[-] yamdwich@kbin.social 1 points 1 year ago* (last edited 1 year ago)

I use pfsense's HAProxy integration and a combination of Cloudflare or Lets Encrypt certificates for external stuff. For internal-only stuff I have a root CA I distributed to my computers that I use to sign certificates. My docker box that serves most of my internal stuff has an nginx-proxy-manager container with a wildcard certificate so that I don't have to sign one for every new subdomain on my docker host, and the various containers with services in it talk to it over a private docker network. Buying a cheap domain and managing it through Cloudflare simplifies a ton of stuff.

this post was submitted on 09 Aug 2023

7 points (100.0% liked)

Selfhosting

2 readers

1 users here now

All things selfhosting and homelab related Resources: - https://github.com/awesome-selfhosted/awesome-selfhosted - https://github.com/awesome-foss/awesome-sysadmin

founded 1 year ago