med-mastodon.com is one of the many independent Mastodon servers you can use to participate in the fediverse.
Medical community on Mastodon

Administered by:

Server stats:

361
active users

#NginxProxyManager

0 posts0 participants0 posts today
Continued thread

Alors finalement j'ai mis TrueNas qui est apparemment moins flexible mais beaucoup mieux "intégré" (aka moins de fichiers de configuration à la main, plus de webui)

Mes fichiers se copient doucement sur le nouveau raid, j'ai configuré le DDNS et Nginx Proxy Manager avec certificat SSL assez facilement 👌

My transition from #nginxProxyManager to #caddy is complete. I created 2 LXC Caddy instances: one for public services (with #UFW) and another for my private ones. This setup limits exposure to potential unwanted visitors.

Now, my #Proxmox cluster is available with load balancing for both IPv4 & IPv6.

Globally, the transition is easy. I only have some trouble blocking the outside traffic on Headscale Admin, with the reverse proxy of Pi-hole Admi/API, and of course, IPv6.

🌐 In the past three days, I've switched my #homelab to a new #ReverseProxy! After using #NginxProxyManager and #Zoraxy, I've now moved to #Pangolin.

Pangolin allows me to provide my #selfhosted services from my home lab without needing to open a port in my #firewall. 🔒

Essentially, it's a self-hosted alternative to #CloudflareTunnels, running on a #VPS. Due to the current political situation in the #USA, I preferred not to use Cloudflare.

Pangolin is based on #WireGuard and #Newt, enabling a #certificate-based direct connection after installing a client on the home server. 🔗

I'm extremely satisfied with it and now have no open ports in my private #network! 🎉

github.com/fosrl/pangolin

Tunneled Reverse Proxy Server with Identity and Access Control and Dashboard UI - fosrl/pangolin
GitHubGitHub - fosrl/pangolin: Tunneled Reverse Proxy Server with Identity and Access Control and Dashboard UITunneled Reverse Proxy Server with Identity and Access Control and Dashboard UI - fosrl/pangolin
Replied in thread

@rockhhock Welcome to the world of the #homelab!

I’m using multiple system to avoir to remember ip and port for each service:

1. Use #nginxProxyManager to associate a subdomain for each service (like nodered.xx.xx)
2. Add an Local DNS Records entry in my Pihole for each host (like hassio=x.x.x.x)
3. Add the IP to the Proxmox note for each VM/LXC
4. Create alias bash for ssh to each host (like sshd=‘ssh root@docker’
5. Create a home page for easy access (I’m using gethomepage.dev)

gethomepage.devHome - HomepageA modern, fully static, fast, secure, fully proxied, highly customizable application dashboard with integrations for over 100 services and translations into multiple languages.
Continued thread

I updated my #Headscale and #Tailscale blog post with additional information about the Nginx Proxy Manager section (PiHole with wildcard DNS) and an improved ACL diagram that I believe is clearer and more accurate.

English: lucasjanin.com/2025/01/03/head

Français: lucasjanin.com/2025/01/03/head

#VPN#Headplane#ACL
Continued thread

Mon explortation avec #Headscale et #Tailscale est documenté sur mon blog. J'y discute des différences entre un serveur #VPN et Tailscale, Headscale, la configuration de Docker Compose, l'interface #Headplane, le contrôle d'accès via #ACL, l'intégration avec #NginxProxyManager, les nœuds de sortie, les routes et l'installation sur macOS, iOS, Linux, Debian, Proxmox LXC, #Synology NAS et #HomeAssistant.

#selfhosted #selfhosting
lucasjanin.com/2025/01/03/head

Ok so I’ve set up SSL via #NginxProxyManager and I’m using #Authelia to protect my self-hosted apps on my home server… it works well, it’s apparently very secure… is there any reason not to expose them to the internet now? 🤔

It’s more for my convenience; right now I use a VPN to connect to my home network but that’s a pain sometimes, it would be so much easier to just make them publicly available so I can access them from any browser…

So it seems that the #HomeAssistant addon #NginxProxyManager will not allow me to upload a file into it so I can serve a custom favicon.ico to my new #snac instance. Snac itself does not yet allow placing a custom favicon.ico into the data directory like you would a style.css file. So it looks like I may have to look into setting up another jail on my #FreeBSD server to run as a #Nginx reverse proxy with Let's Encrypt support that automatically updates.

🇵🇱 Tak jak obiecałem, opublikowałem dzisiaj wpis na blogu o tym jak na #VPS od #Oracle uruchomić @nextcloud i zrobić z niego swoją własną chmurę na pliki o pojemności do ok. 200GB. Użyłem do tego #Docker, #Portainer i #NGINXProxyManager. Trochę się napracowałem przy jego pisaniu, więc mam nadzieję, że komuś się przyda 😉 Jakby ktoś miał ochotę to na blogu jest info jak można mnie wesprzeć. Miłego wieczoru!

blog.tomaszdunia.pl/darmowa-ch

🇬🇧 As promised, I published a blog post today about how to run @nextcloud on a #VPS from #Oracle and make it your own cloud for files with capacity of up to about 200GB. All this absolutely for FREE. I used #Docker, #Portainer and #NGINXProxyManager for this. I worked a little bit on writing it, so I hope it will be useful to someone 😉 As if anyone would like it, there is info on the blog on how you can support me. Have a great evening!

blog.tomaszdunia.pl/darmowa-ch

Replied in thread

@jana
#homeassistant
#pihole
#immich
#portainer
#radicale
#baikal
#frigate
#casaos
#docker
#NginxProxyManager
#debian
#forgejo
#keycloak
#memos
#dockge
#nextcloud

And a few other various ones I'm playing with. When my 2.5gb nics arrive, I'll also be setting up #opnsense for firewalling/routing.

Oh, I also wanna try out #raspap and see how that does with a few of these sprinkled around the house when I get more next month, as they have WiFi.

They are perfect for #k3s or #kubernetes.

Let's say you have #Crowdsec setup on your #NginxProxyManager setup and you want to know if it works.

Well, you could `cscli metrics show acquisition` and see lots of things.

Or, you could just find a "Wordpress Vulnerability Scanner" online and plug your domain in there.

`cscli decisions show` will let you know if it was successful within a few seconds.

Replied in thread

@neuroexception I’m starting to play with #headscale in my #homelab. It looks very well matching my needs.

Unfortunately, I had trouble with my #nginxproxymanager, some of my services aren’t accessible but sometimes it works. So tailscale itself has trouble connecting to my headscale server.
I think it may be related to my #PiHole because my phone connects without trouble when I’m connected outside of my wifi.

Sometimes the #homelab journey can be bumpy

Replied in thread