this post was submitted on 19 Dec 2024
36 points (95.0% liked)

Selfhosted

60542 readers
580 users here now

A place to share alternatives to popular online services that can be self-hosted without giving up privacy or locking you into a service you don't control.

Rules:

Detailed Rules Post

  1. Be civil.

  2. No spam.

  3. Posts are to be related to self-hosting.

  4. Don't duplicate the full text of your blog or readme if you're providing a link.

  5. Submission headline should match the article title.

  6. No trolling.

  7. Promotion posts require active participation, with an account that is at least 30 days old. F/LOSS without a paywall has exceptions, with requirements. See the rules link for details. Tags [CBH] or [AIP] are required, see the link in Rule 8 for details.

  8. AI-related discussions and AI-involved promotional posts have additional requirements for tagging, as noted in Rule 7 and the AI & Promotional Post Expanded Rules post. )

Resources:

Any issues on the community? Report it using the report flag.

Questions? DM the mods!

founded 3 years ago
MODERATORS
 

For instance how can I use my *.domain.com SSL certs and NPM to route containers to a subdomain without exposing them? The main domain is exposed.

you are viewing a single comment's thread
view the rest of the comments
[–] ag10n@lemmy.world 6 points 2 years ago (1 children)
[–] wildbus8979@sh.itjust.works 1 points 2 years ago (2 children)

OP is asking for cases where you don't want to allow the service (or reverse proxy) to be accessible via the web.

[–] NeoNachtwaechter@lemmy.world 2 points 2 years ago

As I understand it, OP just wants to hide (=remove) the subdomains from the public URLs.

[–] ag10n@lemmy.world 1 points 2 years ago (1 children)

public domain for internal services

I guess they need a CA then

https://smallstep.com/docs/step-ca/

[–] wildbus8979@sh.itjust.works 0 points 2 years ago (1 children)

They do not. See my other reply about DNS verification.

[–] ag10n@lemmy.world 2 points 2 years ago* (last edited 2 years ago) (1 children)

Your response clearly states publicly accessible DNS. A CA does not require anything public for local SSL and can work in conjunction with whatever service they want for that which is public.

[–] wildbus8979@sh.itjust.works 1 points 2 years ago

Fair, I don't know why I read OPs post as asking for let's encrypt certs. Internal CA is indeed an option.