this post was submitted on 14 Jun 2023
18 points (100.0% liked)

Selfhosted

573 readers
1 users here now

A place to share alternatives to popular online services that can be self-hosted without giving up privacy or locking you into a service you don't control.

Resources:

> Any issues on the community? Report it using the report flag.

> Questions? DM the mods!

founded 1 year ago
MODERATORS
 

So, I have a few services (Jellyfin, Home Assistant, etc) that I am running, and have been acessing via their IP's and port numbers.

Recently, I started using NGINX so that I could setup entries in my Pi Hole, and access my services via some made up hostname (jellyfin.home, homeassistant.home, etc).

This is working great, but I also own a few domains, and thought of adding an SSL cert to them as well, which I have seen several tutorials on and it seems straight forward.

My questions:

  • Will there be any issues running SSL certs if all of my internal service are inward facing, with no WAN access? My understanding is that when I try to go to jellyfin.mydomainname.com, it will do the DNS lookup, which will point to a local address for NGINX on my network, which the requesting device will then point to and get the IP of the actual server.

  • Are there risks of anything being exposed externally if I use an actual CA for my cert? My main goal is to keep my home setup off of the internet.

you are viewing a single comment's thread
view the rest of the comments
[–] DrJenkem@lemmy.blugatch.tube 3 points 1 year ago

You can use a wildcard cert to avoid leaking subdomains.