this post was submitted on 15 Mar 2024
31 points (91.9% liked)

Selfhosted

40246 readers
725 users here now

A place to share alternatives to popular online services that can be self-hosted without giving up privacy or locking you into a service you don't control.

Rules:

  1. Be civil: we're here to support and learn from one another. Insults won't be tolerated. Flame wars are frowned upon.

  2. No spam posting.

  3. Posts have to be centered around self-hosting. There are other communities for discussing hardware or home computing. If it's not obvious why your post topic revolves around selfhosting, please include details to make it clear.

  4. Don't duplicate the full text of your blog or github here. Just post the link for folks to click.

  5. Submission headline should match the article title (don’t cherry-pick information from the title to fit your agenda).

  6. No trolling.

Resources:

Any issues on the community? Report it using the report flag.

Questions? DM the mods!

founded 1 year ago
MODERATORS
 

I'm using Heimdall to easily access my self hosted stuff ATM. I would like for my family to use them too if they're so inclined, but there's no way they will be able to remember the IP addresses, I know I can't!

Is it a DNS I'm looking for? If so, I'm already hosting a couple of instances of Adguard, can I just set it so that Plex is 192.xxx.x.47 and snapdrop is 192.xxx.x.53 and use that to resolve the request so my 13 year old can just type Plex into his browser and find it?

Or do I need something like Caddy or Nginx or something in between?

Thanks for any advice.

you are viewing a single comment's thread
view the rest of the comments
[–] mlfh@lemmy.ml 30 points 8 months ago* (last edited 8 months ago) (1 children)

DNS is what you're looking for. To keep it simple and in one place (your adguard instance), you can add local dns entries under Filters > DNS Rewrites in the format below:

192.xxx.x.47 plex.yourdomain.xyz
192.xxx.x.53 snapdrop.yourdomain.xyz
[–] Lifebandit666@feddit.uk 5 points 8 months ago (1 children)

Excellent news, at least I know where to start now. I wanna play with all the network things and learn, but I also wanna just have it sorted in 5 minutes of hacking

[–] rambos@lemm.ee 4 points 8 months ago (1 children)

Its that simple to use different IPs just with DNS server:

DNS server

192.xxx.x.47 -> plex.yourdomain.xyz
192.xxx.x.53 -> snapdrop.yourdomain.xyz

But dont you have your services on the same IP and different ports? If thats the case you will also need reverse proxy like nginx. So DNS server will point your domain name (you can just make a name for local use) to your server IP. Then reverse proxy can point each name to a specific IP and port.

Reverse proxy

192.xxx.x.47:32400 -> plex.yourdomain.xyz
192.xxx.x.47:8080 -> snapdrop.yourdomain.xyz
[–] Lifebandit666@feddit.uk 2 points 8 months ago (1 children)

I don't know why you were downvoted for this, you're right and I figured this out for myself last night when I decided to try figure it out at 1.30am after 3 beers.

I managed to get all my port 80 stuff sorted but my Arr stack for example needs something more, probably the dreaded nginx...

I'm having a look at Caddy now because I've never used it before, Nginx I didn't like when I used it and I've recently heard the original developer has left the project and started a new one.

[–] Rehwyn@lemmy.world 3 points 8 months ago* (last edited 8 months ago) (1 children)

Nginx is a lot less painful if you use Nginx Proxy Manager. You get a nice GUI and can easily get SSL certificates with Let's Encrypt, including wildcard certs. I'm running it in front of a docker swarm and 3 other servers, and in most cases, it takes me about 30 seconds to add a new proxy host and set it up with https using my *.domain.com wildcard cert. I also use it with Authentik as a forward proxy auth for SSO (since many containers out there don't have the best security).

[–] 7Sea_Sailor@lemmy.dbzer0.com 1 points 8 months ago* (last edited 8 months ago) (1 children)

If you dont fear using a little bit of terminal, caddy imo is the better choice. It makes SSL even more brainless (since its 100% automatic), is very easy to configure (especially for reverse proxying) yet very powerful if you need it, has a wonderful documentation and an extensive extension library, doesnt require a mysql database that eats 200 MB RAM and does not have unnecessary limitations due to UI abstractions. There are many more advantages to caddy over NPM. I have not looked back since I switched.

An example caddyfile for reverse proxying to a docker container from a hostname, with automatic SSL certificates, automatic websockets and all the other typical bells and whistles:

https://yourdomain.com {
  reverse_proxy radarr:7878
}
[–] Rehwyn@lemmy.world 1 points 8 months ago (1 children)

I'll check it out. I suspect configuration would likely be a little bit more complicated in my case because I'm using Authentik for proxy forward authentication and had also been using access control groups in NPM (both a LAN group and a WAN group containing Cloudflare proxy IP addresses, since currently all my publicly accessible domains proxy through Cloudflare).

[–] 7Sea_Sailor@lemmy.dbzer0.com 1 points 8 months ago

Caddy and Authentik play very nicely together thanks to caddy forward_auth directive. Regarding acls, you'll have to read some documentation, but it shouldnt be difficult to figure out whatsoever. The documentation and forum are great sources of info.