this post was submitted on 24 Nov 2023
2 points (100.0% liked)

Self-Hosted Main

515 readers
1 users here now

A place to share alternatives to popular online services that can be self-hosted without giving up privacy or locking you into a service you don't control.

For Example

We welcome posts that include suggestions for good self-hosted alternatives to popular online services, how they are better, or how they give back control of your data. Also include hints and tips for less technical readers.

Useful Lists

founded 1 year ago
MODERATORS
 

I hope I can explain this properly but I have a domain name that I would like to use to access my dockers hosted on my unraid server but I do not want to open it out to the internet.

Currently I'd be connecting to tailscale and logging in via http://:

But the port numbers are kinda hard to remember and I have a domain name so I was wondering if it's possible to connect via: https://radar.mydomainname.com but only locally via tailscale?

top 6 comments
sorted by: hot top controversial new old
[–] TastelessBuild2@alien.top 2 points 11 months ago (2 children)

You don't need a domain name, use the hostname from tailscale.

[–] nottheengineer@feddit.de 1 points 11 months ago

But you still need to remember the port of the service you're trying to reach, which isn't great.

[–] 5197799@alien.top 1 points 11 months ago

Not OP, but taking this approach doesn't give you tls, the browser will complain the connection is not secure (even though it is because of Tailscale)

[–] Dave@lemmy.nz 1 points 11 months ago

If you are running a Pi-hole you can set the IP to a domain in the local DNS, then add this DNS in the Tailscale settings.

But you'll need a reverse proxy if you want to avoid having to put in ports. The reverse proxy takes the traffic sent to the normal HTTP ports and redirects it to the port of the service based on the domain name. Some common reverse proxies for docker are traefik, caddy, or nginx (web server) set up as a reverse proxy.

[–] Medium-Industry-915@alien.top 1 points 11 months ago

Here's how I do it, it's the simplest way I've found.

Make a directory for your certificates like /etc/nginx/certs Use "tailscale certs YourDomainName.ts.net" Put the certificate in the certificate directory. The nginx config:

server { listen 80; server_name YourDomainName.ts.net;

location / { return 301 https://$host$request_uri; } }

server { listen 443 ssl http2; server_name YourDomainName.ts.net;

ssl_certificate /etc/nginx/certs/YourDomainName.ts.net.crt;
ssl_certificate_key /etc/nginx/certs/YourDomainName.ts.netkey;

location / { proxy_pass http://127.0.0.1:8080; //Change it for the port you want to forward proxy_http_version 1.1; proxy_buffering off; proxy_set_header Host $host; proxy_set_header Upgrade $http_upgrade; proxy_set_header Connection "Upgrade"; proxy_set_header X-Real-IP $remote_addr; proxy_set_header X-Forward-For $proxy_add_x_forwarded_for; } }

[–] tweek011@alien.top 1 points 11 months ago

If you’re only accessing them via tailscale just sync your bookmarks between browsers and use them.

I do this exact same thing with Firefox sync - so anytime I make a change it sends it instantly to all the other devices. Regardless of the OS or if it’s a cell, tablet, laptop, pc, or vm. All browsers have the same bookmarks.

Brave, Chrome, and other browsers offer the same functionality.