I’m going round in circles on this one.
What I want to do is:
- serve up my self-hosted apps with https (to local clients only - nothing over the open web)
- address them as ‘app.server.lan’ or ‘sever.lan/app’
- preferably host whatever is needed in docker
I think this is achievable with a reverse proxy, some kind of DNS server and self-signed certs. I’m not a complete noob but my knowledge in this area is lacking. I’ve done a fair bit of research but I’m probably not using the right terminology or whatever.
Would anyone have a link to a good guide that covers this?
I’m not sure if this is a complete fit for you, and some people have animosity towards Cloudflare, however check out Cloudflare tunnels. To use Cloudflare tunnels tho, you need a proper domain name. Get one from NamesCheap and switch the NameServers to the ones assigned to you when you sign up for a Cloudflare tunnel account. I bought one for $1.75 USD.
The beauty of using Cloudflare is that you don’t have to ‘punch holes’ in your network defenses. You don’t have to worry about opening ports or having to secure them. You can create subdomains, and Cloudflare handles the certs. For instance, you could have:
When you get everything set up, overlay Tailscale on the server, Jack’s a doughnut, Bob’s your uncle. The free tier Cloudflare Tunnel package is quite generous and has all manner of bells and whistles, most of which I didn’t need, but are there if you do.
I’ve used Caddy before and still do on a couple of test VPS, and derivatives like Pangolin. They are great and do the job quite well. It is a case of 6 of this and half dozen of the other. It seemed to me, tho Cloudflare had a bit of a learning curve, once set in place, it’s a little easier than Caddy. They’re all pretty decent packages.