this post was submitted on 28 Oct 2023
1 points (100.0% liked)

Homelab

827 readers
1 users here now

Rules

founded 2 years ago
MODERATORS
communick@selfhosted.forum
rglullis@communick.news
1
Finally using SSL certs on my local services, no more HTTPS warnings. Someone appreciate because my GF could care less (alien.top)
submitted 2 years ago by -my_reddit_username-@alien.top to c/homelab@selfhosted.forum
47 comments fedilink hide all child comments
 

I love my homelab, and the more I tune things the more satisfaction I have. I tolerated the "Your connection is not private" for my self-signed SSL certs on my services for way too long.

I just setup NGINX Proxy Manager as a LXC on my Proxmox Server and pointed a subdomain I own to the server. Now I have custom domains for each service along with valid SSL Certificates. It's all local without exposing anything to the outside world. It's very satisfying. I tried explaining what I was doing to my GF but she could care less ¯\_(ツ)_/¯

Followed this video from Wolfgang's Channel YouTube (great channel btw), the first minute does a better job explaining the setup. I always thought I would have to setup a local CA which is more work than I was interested in, but this approach was much simpler (and free!).

you are viewing a single comment's thread
view the rest of the comments
[–] jaredearle@alien.top 0 points 2 years ago (1 children)

I use HAProxy on pfSense with wildcard LetsEncrypt certs and a firewall rule only to allow connections from the WAN IP Address.

It’s really easy and requires no certificates on the target servers.

[–] CodeTheStars@alien.top 1 points 2 years ago

My setups are similar. HAProxy as an SSL terminator for all domains. Unencrypted proxy to the services after that. Nginx can use v2 proxy which is nice.

I have a bunch of scripts that collect all the domains and then generate / renew the certs with acme.sh . HAProxy can reload certs with no downtime as well.