Highly suggest putting Caddy on a machine, forwarding port 443 and 80 to caddy, and then letting it do your reverse-proxy stuff. Register a domain name, give it your IP address, and then tell caddy that ‘immich.yourdomain.bleh’ goes to port 78789 and plex goes to ‘media.yourdomain.bleh’ port 89898 – Caddy handles all of the TLS stuff, handshaking, you name it - so you can have secure sites with proper certs.
Then make sure those things are isolated from your home network through vlans if your router supports it.
You can get fancier with it using a tailscale and getting some datacenter IP to forward into your network
tofuwabohu@slrpnk.net 4 weeks ago
If you want to have domains assigned to local IP addresses, you can also use Pihole as a local DNS! It’s a very nice tool for adblocking on network level anyways, can only recommend it.
FunkFactory@lemmy.world 4 weeks ago
Awesome thank you, this is what I ended up setting up today. It’s a bit of an awkward solution for now, I would very much like to use it for its ad blocking functionality but I’m unsure if I want to make it my only DNS provider while I’m still migrating services over to the mini PC and messing with the server config. I had set up Pihole years ago and my wife ran into problems using some apps on her phone so I think I’d need to be more proactive about making sure that’s working this time around too.
tofuwabohu@slrpnk.net 4 weeks ago
I get that, I plan to add another pihole ad some point so I can enter 2 nameservers at my router. There are solutions to sync all config between the piholes.