schklom

joined 11 months ago
sorted by: new top controversial old
2
Newbie in DNS records (alien.top)
 

I have my domain mydomain.com, rented from OVH. I use HAProxy on PfSense to redirect mydomain.com and *.mydomain.com, and PfSense manages the DNS challenge certificate.

I would like the root mydomain.com to redirect to aa.mydomain.com (TLS certificate will be served by a third-party website e.g. GitHub to host my CV), but keep the wildcard certificate for all other subdomains on my PfSense.

Currently, the certificates for *.mydomain.com and mydomain.com are on my PfSense. All I have managed to do is serve the certificate for www.mydomain.com on the 3rd-party website and add a DNS record for that subdomain.

How are so many sites OK with using cloudflare when they are basically a MITM? in c/main@selfhosted.forum
[–] schklom@alien.top 1 points 10 months ago

Even if the data is passing through cloudflare cdn uses the cloudflare certificates my data is encrypted first using my own certificates from the Proxyserver

This is false, connect to your website, check the certificate, it will be Cloudlfare's. I assume either you have not checked, or are a Business customer paying quite some money yearly to Cloudflare.

Cloudflare decrypts inbound traffic, then re-encrypts it before sending it to you, unless you pay a decent amount of money so that they serve your certificate.

Ways to access a server behind CGNAT safely? in c/main@selfhosted.forum
[–] schklom@alien.top 1 points 10 months ago

Oracle gives free VPS, permanently free. Have a backup of these VPSes though, Oracle sometimes (haven't experienced it myself, but some people here did) kills these VPSes.

Anything interesting I could do with spare Android phones? in c/main@selfhosted.forum
[–] schklom@alien.top 1 points 11 months ago

No need to expose to the Internet. You can e.g. expose them to Home-Assistant/openHAB only, or VPN to your LAN then connect to them.

Any ideas of what to run next? Just looking for some inspiration in c/main@selfhosted.forum
[–] schklom@alien.top 1 points 11 months ago

PfSense can do that