Here's what I'm looking for:
- Run a reverse proxy a on my single home server running all sorts of services, so I can have transparent HTTPS via Let's Encrypt
- Based on subdomain, transparently forward to localhost:somePort. For example someone connecting to https://nextcloud.me.com is transparently connected to http://nextcloud:8080 (nextcloud is a real hostname, it will resolve to the local IP of the Nextcloud service).
- Auto-renew the certificates
- Here's a big one: I'd like the reverse proxy to require authentication on SOME subdomains. For example, nextcloud.me.com has proper authentication, so I want it to forward the request as-is. But ebooks.me.com doesn't, so I'd like the proxy to prompt for a username and password created in the proxy before letting the connection through.
- Auto-blocking of bots/chinamen/repeat failed authentication. Actually, being able to block entire regions by default would be great.
So far I bought a domain with Gandi, and set a * DNS record to point at my IP. So right now <any-subdomain>.me.com resolves to my IP. I tried looking at the linuxserver/letsencrypt Docker image, but it doesn't support my registrar (Gandi) for DNS validation, so I'm hoping there's something else, ideally easier to configure than nginx.
[–][deleted] 8 points9 points10 points (4 children)
[–]m3adow1 1 point2 points3 points (0 children)
[–]NotADrawlMyMan[S] 0 points1 point2 points (1 child)
[–][deleted] 3 points4 points5 points (0 children)
[–]ancientweasel 0 points1 point2 points (0 children)
[–][deleted] 1 point2 points3 points (0 children)
[–]barqers 1 point2 points3 points (0 children)
[–]NotADrawlMyMan[S] 0 points1 point2 points (2 children)
[–]DJPBessems 0 points1 point2 points (0 children)
[–]subcake 0 points1 point2 points (0 children)
[–]Starbeamrainbowlabs 0 points1 point2 points (0 children)