I’m trying to set up a domain to more easily access my services on my home network, using a vanity URL instead of IP:port. With my current setup, my browser is not able to see the server (‘we can’t connect to the server’ at e.g. plex.mydomain.xyz).
I registered the domain through Cloudflare. In Cloudflare, I set up my DNS records (A - mydomain.xyz - content = 192.168.x.x; A - www; CNAME - *), and got my API token. Nginx is running in Docker (as are the services I am trying to access), using the jc21 container and their docker compose template. I used the API token to generate an SSL certificate in NPM with *.mydomain.xyz as the domain, then added a proxy host using the URL mentioned above as the Domain Name, the IP of the server that’s running all my containers for the forward hostname/IP, and the appropriate port for forward port. Then in the SSL tab told it to force SSL and HTTP/2.
I’m not sure what I’m doing incorrectly, the only thing I have running that might interfere with the network service is a PiHole, and it appears to be sending the request on. Also tried using localhost (127.0.0.1) to no avail. I’ve seen some others say they had to restart NPM a few times, so I’ve tried that as well. Thanks for any help!
Lyra_Lycan@lemmy.blahaj.zone 17 hours ago
Hi, Cloudflare DNS needs to point to the external IP address, aka 201.172.48.922. 192.168.x is internal and only used by the router. Changing this, and port forwarding 80 and 443 to the NPM host, will allow everything to work remotely.
That said, in a comment you said you’re only aiming for local access. The only requirement for this is setting your Plex client to the internal IP of the server, 192.168.x. Only when setting up external access do you need a cert, domain and DNS records.
Finally, if you can set your router’s DNS servers, set one to the NPM server. That may allow local devices to find the internal IP by querying the FQDN (domain).
pirateMonkey@lemmy.world 16 hours ago
Part of the idea here is to get comfortable with what’s happening here in a safe/unexposed environment before trying something that I would expose to the internet, and I’m of the understanding that you can do it this way (pass it to the internet, which will then return that internal IP that Nginx should route appropriately.