A place to share alternatives to popular online services that can be self-hosted without giving up privacy or locking you into a service you don't control.
Rules:
Be civil: we're here to support and learn from one another. Insults won't be tolerated. Flame wars are frowned upon.
No spam posting.
Posts have to be centered around self-hosting. There are other communities for discussing hardware or home computing. If it's not obvious why your post topic revolves around selfhosting, please include details to make it clear.
Don't duplicate the full text of your blog or github here. Just post the link for folks to click.
Submission headline should match the article title (don’t cherry-pick information from the title to fit your agenda).
No trolling.
Resources:
Any issues on the community? Report it using the report flag.
Questions? DM the mods!
I've been using Caddy instead of nginx for years now. As long as your port forwarding is already setup, it'll pull TLS certs for every domain in the config automatically and keep it up-to-date forever.
It's also super easy to use as a reverse proxy, so you can run one caddy server for all your sites on the same machine pretty easily.
Acronyms, initialisms, abbreviations, contractions, and other phrases which expand to something larger, that I've seen in this thread:
| Fewer Letters | More Letters |
|---|---|
| HTTP | Hypertext Transfer Protocol, the Web |
| HTTPS | HTTP over SSL |
| SSL | Secure Sockets Layer, for transparent encryption |
| TLS | Transport Layer Security, supersedes SSL |
| nginx | Popular HTTP server |
4 acronyms in this thread; the most compressed thread commented on today has 12 acronyms.
[Thread #22 for this sub, first seen 11th Aug 2023, 03:15] [FAQ] [Full list] [Contact] [Source code]
Good bot
Nginx-proxy-manager makes dealing with certs easier imo. You can either have it setup to double proxy (point to the nginx you already have running) or replace the existing nginx (you'll have to copy the config into nginx-proxy-manager ui).
I like NPM a lot. Nginx on its own was confusing to me. NPM is fast to configure and works really well.
Standalone nginx is confusing because it was designed to be as fast as possible. Developers have sacrificed everything for this goal.
I ended up having better luck with caddy when I needed certs for a vaultwarden container.
You need to get a cert from Let’s Encrypt (using certbot), then look up directions for configuring nginx to use the cert files generated by certbot.
it seems like I simply need to map another volume from local:container for the cert, however when I've mapped certbot/conf/:/etc/nginx/ssl/ and restart all the containers, this doesn't enable HTTPS.
I originally did it this way. You need to modify your nginx config to enable SSL and use the certs.
Eventually I decided that I wanted to host more than one web page, so I ended up going with the reverse proxy approach. With that approach, your docker containers are only using http with no encryption, and your reverse proxy is adding the SSL/TLS to it and making it HTTPS. This made it much easier to manage the certificates, imo.
I'm using a custom docker image for lemmy made by a friend of mine that uses traefik instead of nginx/caddy and it automatically manages certs, but I do know that caddy is quite simple in a similar way as well.
I use Traefik. It's "fine" but Dessalines hates it.