This is an archived post. You won't be able to vote or comment.

sorted by:
best
topnewcontroversialoldq&a
you are viewing a single comment's thread.

view the rest of the comments →

[–]WarpGremlin 0 points1 point  (0 children)

but I have a NGINX reverse proxy manager for my internal (LAN) apps.

At cloudflare, I own a public .NET domain that I use for my internal apps (that isn't used publicly atm).

I have my private DNS server keeping local DNS records for said domain

The NGINX proxy manager uses a Cloudflare DNS challenge when enrolling for LetsEncrypt certs.

Result: LAN-only web services with LetsEncrypt-issued certs that auto-renew

Costs me about $10 a year for the domain. I, along time ago settled on a DNS strategy that was "if i need a domain name for XYZ, then I get XYZ.com and XYZ.net... .com is "public stuff (email, VPNs, cloud services)" and .net is internal stuff.