I love my homelab, and the more I tune things the more satisfaction I have. I tolerated the “Your connection is not private” for my self-signed SSL certs on my services for way too long.
I just setup NGINX Proxy Manager as a LXC on my Proxmox Server and pointed a subdomain I own to the server. Now I have custom domains for each service along with valid SSL Certificates. It’s all local without exposing anything to the outside world. It’s very satisfying. I tried explaining what I was doing to my GF but she could care less ¯\_(ツ)_/¯
Followed this video from Wolfgang’s Channel YouTube (great channel btw), the first minute does a better job explaining the setup. I always thought I would have to setup a local CA which is more work than I was interested in, but this approach was much simpler (and free!).
If anyone wants to explain Nginx, reverse proxies and Cloudflare tunnels I’m here for it.
Think of a reverse proxy as a middle man.
Internet comes in to your internet connection and immediately asks “cool story bro…where do I find XYZ service?”
A reverse proxy works by your modem or router saying “ffs bro I have no idea, all I know is you need to go talk to Apache”
So the internet traffic walks over and says “the modem told me to talk to you about getting to XYZ service?”
Apache goes ahead and responds “dude I got you…that service. It lives over here at 192.168.0.12:1234. In fact let me go get it for you so that you don’t have to go anywhere else. Here’s what you are looking for, you can just go through me and I’ll get you the things you want.”
So the internet traffic continuously goes through Apache, Nginx proxy, traefik etc to get the things it wants and Apache Nginx etc just work as a middle man.
I have a lot of not very good YouTube videos explaining how to reverse proxy from Apache to a bunch of services…unifi proxmox esxi and others. As well as videos explaining how to get star certs setup and things like that.
But in a nutshell. That’s what’s going on.
Thank you for this simple yet effective explanation.
I’m gonna get yelled at but… why? What does this do for the network? Does it make it faster? Safer? Just feels like another thing that could break and then the wife breaks me with “it’s not working.”