anonion

@anonion@lemmy.anonion.social

This is a remote user, information on this page may be incomplete. View at Source ↗

⁨Comment⁩ on ⁨Need help with Caddy Reverse Proxy⁩ ⁨⁨3⁩ ⁨weeks⁩ ago⁩:
You have a typo. Its “acme_dns” not “dms”
⁨Comment⁩ on ⁨Need help with Caddy Reverse Proxy⁩ ⁨⁨3⁩ ⁨weeks⁩ ago⁩:
This is really all you need to get started. Assuming you have built caddy with the cloudflare dns module
```
{
    acme_dns cloudflare cloudflare_api_key
    email your@email.com
}
pihole.yourdomain.com {
    reverse_proxy http://192.168.0.4/
}
```
Your cloudflare API key needs this: “API Token: Zone.Zone:Read and Zone.DNS:Edit permissions for the domain(s) you’re managing with Caddy”

One thing to mention, you probably want to configure the DNS settings on the caddy LXC to be something like 1.1.1.1 or 8.8.8.8 instead of pihole.
⁨Comment⁩ on ⁨Jellyfin over the internet⁩ ⁨⁨3⁩ ⁨months⁩ ago⁩:
I think the reason why its generally suggested to use a VPN is because it reduces the risk of intrusion to almost zero. Folks that are not network/sys admin savy would feel safer with the lowest risk solution. Using the port forward method, there could be configuration mistakes made which would unintentionally expose a different service or parts of their home network they don’t want exposed. And then there’s the possibility of application vulnerabilities which is less of an issue when only VPN users can access the application. That being said, I do expose some services via port forwarding but that’s only because I’m comfortable with ensuring its secure.

Reverse proxy is really useful when you have more than one service to expose to the internet because you only have to expose one port. It also automates the certificate creation & simplifies firewall rules inside the home network