Comment

Comment on Selfhosting Sunday - What's up to date, selfhosters?

I use Traefik as reverse proxy for local only services with let’s encrypt certificates. Just needed to a) register the subdomains and b) expose port 80 for the challenges without anything being served on that port.

Wireguard into my network and local DNS via Pihole to ensure proper local IPs. Works like a charm.

source

Sort:hotnew top

tofu@lemmy.nocturnal.garden ⁨17⁩ ⁨hours⁩ ago
I need to check what exactly I need to expose. I had 80 and 443 exposed but limited the access to local IPs in nginx like this:

allow 192.168.x.0/24; # Allow FritzBox subnet allow 10.0.0.0/24; # Allow OpnSense subnet deny all; # Deny all other IPs

I still have some services I want to expose so generally I’ll keep the ports open.
source