Comment on How do I access my services from outside?
iggy@lemmy.world 4 days ago
I went a different path than the VPN route that seems popular in the other comments…
I use a reverse proxy (caddy) with wildcard SSL (so all my hostnames aren’t in the public cert registry) plus port knocking. So normally no outside IPs are allowed to access my internal services, but I can knock and then access anything for a while. Working well so far.
Cyber@feddit.uk 4 days ago
How’d you setup the port knocking? Is that something caddy does?
I’m using haproxy and was thinking of trying the same thing… not sure if haproxy supports it though, or whether I have to do something else …?
iggy@lemmy.world 2 days ago
I do the port knocking at the firewall level (it’s a pretty simple nft chain setup). Caddy isn’t involved at all. I was thinking about integrating that into my caddy config using something akin to an operator, but I haven’t needed any extra functionality yet.