this post was submitted on 11 Nov 2023
3 points (100.0% liked)
Self-Hosted Main
515 readers
1 users here now
A place to share alternatives to popular online services that can be self-hosted without giving up privacy or locking you into a service you don't control.
For Example
- Service: Dropbox - Alternative: Nextcloud
- Service: Google Reader - Alternative: Tiny Tiny RSS
- Service: Blogger - Alternative: WordPress
We welcome posts that include suggestions for good self-hosted alternatives to popular online services, how they are better, or how they give back control of your data. Also include hints and tips for less technical readers.
Useful Lists
- Awesome-Selfhosted List of Software
- Awesome-Sysadmin List of Software
founded 1 year ago
MODERATORS
you are viewing a single comment's thread
view the rest of the comments
view the rest of the comments
The informations you enter in the detail panel are the ones you need to access the service.
Say, you have a default installation of Vaultwarden on the port 1234, you can access it directly, in http, with the URL
http://hostname:1234
, and therefore, you will need to configure NPM so that the new proxy host access the service with thehttp
scheme, on thehostname
host, with the port 1234.Now, you change your installation of Vaultwarden, and add all the necessary TSL public and private keys that it requires, then you will need to directly access your instance with the https scheme, on the
https://hostname:1234
URL, so that the TLS handshake can be performed and a secure connection can be made. The NPM configuration then will need to use thehttps
scheme as well to access the service, otherwise, NPM won't be able to properly connect to the service and it will fail.That's for the "internal" part of your configuration. You can still provide a service with TLS certifications, force TLS and everything, that will be for the external part of your service. If you trust your network, the communication inside it, or the device that holds all your services, it's totally fine to use an http scheme to access your service internally. But if you have to access it through a network that you don't trust, say, all the communications are unencrypted, and your NPM host is not the same as your Vaultwarden one, then you should definitely go through the hassle of setting up all the TLS encryption directly inside Vaultwarden first, and access it only with the https scheme.