Is there a reason you’re trying to expose them to the internet? IMO you’re better off not doing that and using Overseer as the only exposed service that talks to everything else. Exposing the whole arr stack is just unwise and unnecessary.
[deleted]
Submitted 3 days ago by sun@slrpnk.net to selfhosted@lemmy.world
Comments
macstainless@discuss.tchncs.de 3 days ago
sun@slrpnk.net 3 days ago
I am using a VPS for it. So I can’t easily access it locally. I thought it might be insecure, but all the seedbox providers do it.
P13@lemmy.dbzer0.com 1 day ago
If you use Cloudflare for DNS there is Zero Trust to protect your services.
It’s also possible to run a cloudflared container next to your arrs to tunnel traffic to ports on your other containers rather than needing a reverse proxy. But that’s more appropriate for something on your local network rather than a VPS.
aksdb@lemmy.world 3 days ago
Are all the *arr services aware that they are expected to have a certain basepath?
sun@slrpnk.net 3 days ago
aksdb@lemmy.world 3 days ago
Does it make a difference, if that setting uses a trailing slash? Might be it redirects you to the path without, which triggers caddy to redirect you again, and so on and so forth.
You could also, instead of redirecting, rewrite it. Then it is handled serverside without sending the client somewhere else.
dethmetaljeff@lemmy.world 1 day ago
Why are you proxying to your VPS external IP? Caddy listens to your external IP and your arr apps listen to ideally localhost, you should be reverse proxying to localhost.