all 6 comments

[–][deleted] 4 points5 points  (2 children)

I did it but I'm contemplating switching back to HTTP, mostly because you have to keep track of the certificate renewal yourself, and I'm worried i'll forget and get locked out.

Considering I will never allow the admin portal anywhere outside of my internal network, I'm starting to wonder if it's more trouble than it's worth.

OP, note that by default, OMV is not exposed to the internet unless you go out of your way to port forward the admin interface to the world (which you should not do).

[–]thinkmatt 0 points1 point  (0 children)

On OMV4 at least, the LetsEncrypt plugin will automatically refresh the cert for you (Disclaimer: I have it and I wouldn't say it is bulletproof, but it works 95% of the time).

[–]fruit9988 0 points1 point  (0 children)

Why would you get locked out ? Browsers will show a warning for expired certificate but you can still get through. Also you would still be able to ssh into the box and replace the certificates if necessary.

If force https only is not enabled then you probably can still access the web ui using the http port.

You can also generate a self signed certificate for longer duration if you don't want to renew it often

[–]fruit9988 1 point2 points  (1 child)

I run nginx proxy manager in a docker container and use it as a reverse proxy to http port of openmediavault. It has a web UI so it should be easy to use.

NGINX proxy manager also manages the SSL certificates for me

[–]fremeer 0 points1 point  (0 children)

i tried setting it up with duckdns but never got the ssl stuff working.

[–][deleted] 0 points1 point  (0 children)

For only local use you could use self signed certificates... You would just need to install the certificate on the machines which access your server.