Comment on Set up Tailscale with NGINX Proxy Manager
dan@upvote.au 3 months ago
For DNS challenges, I personally prefer using acme-dns. It’s a separate DNS server that only serves ACME DNS challenges. I felt a bit uneasy using an access token for my actual DNS host since it grants full read/write access to every record.
Let’s Encrypt follows CNAMEs and supports IPv6-only DNS servers, so you could just run acme-dns on a spare IPv6 address (assuming your internet provider has a static IPv6 range, or you have a VPS with IPv6).
castlepeak@lemmy.world 1 week ago
What steps would you substitute in the above guide if you want to use acme-dns? That’d be helpful for people following the above guide but want to use this option
dan@upvote.au 1 week ago
I haven’t tested it, but in the “select your DNS provider” step, see if acme-dns is in the dropdown list.