this post was submitted on 14 Aug 2023
24 points (100.0% liked)

Selfhosted

40329 readers
389 users here now

A place to share alternatives to popular online services that can be self-hosted without giving up privacy or locking you into a service you don't control.

Rules:

  1. Be civil: we're here to support and learn from one another. Insults won't be tolerated. Flame wars are frowned upon.

  2. No spam posting.

  3. Posts have to be centered around self-hosting. There are other communities for discussing hardware or home computing. If it's not obvious why your post topic revolves around selfhosting, please include details to make it clear.

  4. Don't duplicate the full text of your blog or github here. Just post the link for folks to click.

  5. Submission headline should match the article title (don’t cherry-pick information from the title to fit your agenda).

  6. No trolling.

Resources:

Any issues on the community? Report it using the report flag.

Questions? DM the mods!

founded 1 year ago
MODERATORS
 

Does anyone have a guide to Traefik for an absolute idiot (myself)?

I was able to get a freshrss server running using dockercompose and was able to connect to it on my local network, but all the guides I read said I NEED to have a reverse proxy before I access it remotely.

This is probably my sign I need to actually learn how to use docker instead of being lazy as hell and copy/pasting code, but I thought I'd ask.

you are viewing a single comment's thread
view the rest of the comments
[–] SheeEttin@lemmy.world 6 points 1 year ago* (last edited 1 year ago) (1 children)

No, you don't need a reverse proxy. If you're accessing anything remotely, I highly recommend just setting up a VPN instead of exposing a bunch of different services to the Internet.

That said, traefik is dead simple. There's an example for docker-compose here: https://doc.traefik.io/traefik/user-guides/docker-compose/basic-example/

It's not completely secure, but I only use it so that I can access my services by name and over HTTPS. I don't have anything exposed to the Internet.

[–] biscuits@lemmy.sdfeu.org 13 points 1 year ago (1 children)

In my setup I still use reverse proxy even though all of my services are inside a VPN. IMO it is just more convenient to have services accesible as subdomains or subdirectory than as different ports.

[–] lupec@lemm.ee 2 points 1 year ago* (last edited 1 year ago) (1 children)

+1 for this, add Tailscale DNS or similar on top plus a local redirect and you have easy access to it all through the same unified FQDN no matter if local, remote through an exposed Caddy, or remote through your VPN.

[–] synapse1278@lemmy.world 2 points 1 year ago (1 children)

Do you have some guides to share regarding local redirect ? I have some troubles accessing my services from my phone when I am at home and it forces me to turn on the VPN, I couldn't fine a solution so far...

[–] lupec@lemm.ee 2 points 1 year ago* (last edited 1 year ago) (1 children)

I don't have a guide at hand but I basically just set a wildcard DNS rewrite on AdGuard Home so that *.my.domain redirects to the IP running my reverse proxy. Since AdGuard is set up at the router level, everything goes through it so the proxy handles everything from there.
I can share specifics after I get home in a few hours if you need a hand, feel free to reach out.

[–] synapse1278@lemmy.world 2 points 1 year ago* (last edited 1 year ago) (1 children)

Oh, I see. I have Pihole setup as a local DNS, but this works only partially, because my ISP router sucks and I have no control over it... basically, it works perfectly for wired connections, buy devices connected via WiFi will more often than not bypass Pihole and get a DNS server directly from the router (via IPv6).

[–] lupec@lemm.ee 2 points 1 year ago (1 children)

Right, that's a bummer. I'm guessing you don't have enough access to turn off your router's DHCP server so pihole can take over properly? If that's the case, I guess you'd have to get another router and make your own subnet off the ISP one or something along those lines so you have more control, that's kinda what my setup looks like at the moment.

[–] synapse1278@lemmy.world 2 points 1 year ago (1 children)

Yes, that's right. My ISP offers another router providing more complete control, for more money of course.

[–] lupec@lemm.ee 1 points 1 year ago

Gotta love ISPs. I ended up getting myself a good router on my own and having it piggyback off the ISP provided one so I could actually change settings around. Not ideal but it's something. As a bonus, my subnet always looks the same and whatnot, a godsend for self-hosting.