This is what I do. There is actually an nginx proxy manager plugin for home assistant that I used and helped make it really trivial.
Comment on what's the simple way to map services to subdomains instead of specifying the port number?
moonpiedumplings@programming.dev 3 days ago
You want a reverse proxy. A reverse proxy reads requests to subdomains and then forwards them to ports and back.
The easiest GUI one is: nginxproxymanager.com
But there is also just straight nginx, or you can use Caddy or traefik or anything else.
BingBong@sh.itjust.works 3 days ago
myrmidex@belgae.social 2 days ago
One benefit of Caddy over NPM: local certificates.
The latest selfh.st newsletter linked to a relevant video:
www.youtube.com/watch?v=EVnwnFY7C1w&ref=selfh.st
moonpiedumplings@programming.dev 2 days ago
You can use local certs with nginx proxy manager as well. You can upload certs via the web ui.
Rather than local certs though, I would recommend buying a domain and using it locally, with https. The problem with the local cert approach outlined in the video, is that importing a root cert opens up a big security hole to MITM attacks. If an attacker gets the root certificate, they can now MITM everything else your browser is accessing. You turn the browser from one of the most secure components of a modern OS, into only as secure as the server hosting the root certificates.
The approach I would prefer, is to buy a domain, and use it locally, using DNS-01 challenges to get letsencrypt signed certificates even from within an internal network. Both Caddy and NPM have support for DNS-01 challenges.
myrmidex@belgae.social 2 days ago
Thanks for the explanation, something I need to look into!