I personallly would just use a DNS challenge to get certificates
Comment on what's the simple way to map services to subdomains instead of specifying the port number?
stratself@lemdro.id 1 day ago
Use Caddy on each device, with tls turned off. Basically
http://service1.devicename.lan/ { tls off reverse_proxy localhost:8000 } http://service2.devicename.lan/ { tls off reverse_proxy localhost:8096 }
possiblylinux127@lemmy.zip 1 day ago
WhyJiffie@sh.itjust.works 20 hours ago
you need to subscribe for a domain name for that
A lot of people are recommending caddy.
When you say “on each device” you mean this configuration would refer to the services running on that device right? Not that every client device needs to have this set up?
All my web services use apache or lighttd. Do I use caddy just for this or do I have to figure out how to move each of them to use this web server?
Also does it work for non-web services, like ssh or samba? (Which wasn’t in my original question, I only thought of it now.)
kossa@feddit.org 1 day ago
No, your services stay basically untouched. They still need to deliver their content via a webserver. But instead of delivering it straight to your browser, they now pass it to your reverse proxy (caddy), which delivers it to you.
stratself@lemdro.id 1 day ago
The device that runs multiple services will set that up, yes. Not the client.
Apache and lighttpd can both do the same thing that Caddy does (multiplex many services via subdomain names on port 80). Caddy is just simpler and hence recommended.
You can move all services to use Caddy, takes some learning but overall better. Alternatively, if you already set up apache/lighttpd for each of your services, you can put Caddy in front and do something like
No. Also, those should be running on their dedicated ports anyways