|
The thing I would recommend using a real subdomain that you own instead of e.g .local for is that you can get a wildcard cert from Letsencrypt and make ssl on local services a lot easier on yourself. I just recently switched to this from a cumbersome self-signed CA setup and it's 
|
#
¿
Nov 24, 2021 18:36
|
|
|
|
| # ¿ May 14, 2024 19:37 |
|
|
bobfather posted:To explain that idea even more, you can set up Nginx Proxy Manager to grab your LetsEncrypt wildcard certs for your domain, create a proxy host that redirects subdomain.yourdomain.com to whatever internal service you are self-hosting, and then set your router to do a DNS host override to redirect traffic from subdomain.yourdomain.com to the host running Nginx Proxy Manager. Voilà - valid LetsEncrypt certs on any internal service you care to run. I guess you could do that yeah. For my part I just have a wildcard cert for *.internal.mydomain.com that I use internally and then I just provision normal LE certs for anything external like https://www.mydomain.com.
|
|
#
¿
Nov 24, 2021 19:56
|
|
|
bobfather posted:I think we’re talking about the same thing. I merely described one way to use a wildcard LE cert to secure services that are only available on the LAN. Sorry yeah. I dist it out with ansible
|
|
#
¿
Nov 24, 2021 20:36
|
|
|
I've selfhosted email for nearly 25 years and honestly it's extremely hands off once it's set up. I know some people run into IP reputation issues and such but I haven't had any.
|
|
#
¿
Jan 20, 2022 08:23
|
|
|
FWIW I use Nextcloud to sync photos and though it has many warts of its own it's fine with what you describe.
|
|
#
¿
Oct 22, 2022 12:32
|
|
|
Yeah they're just files and you can browse them in the app or whatever. You can also two way sync to a pc using the deskop client if needed.
|
|
#
¿
Oct 23, 2022 17:54
|
|
|
Potato Salad posted:rolling your own CA is so fun though Rolling your own CA is actually a nightmare and I recommend against it. So many bothersome issues went away when I changed to a LE wildcard instead.
|
|
#
¿
Jan 24, 2023 21:16
|
|
|
Gandi is good.
|
|
#
¿
Jan 25, 2023 07:36
|
|
|
Potato Salad posted:hey serious question, why use LE wildcard? It seems like one of the added values of using LE is that it's easy to get specific certs for each individual system / pool of systems and have them automatically maintained For me it's partly that it's easier to dist a wildcard cert to various parts of my infrastructure, some of which may not have direct internet access, combined with a desire to not "leak" my hostnames to the world.
|
|
#
¿
Jan 25, 2023 20:55
|
|
|
Aware posted:Don't host your own email. Stop parroting this phrase. You can perfectly well host mail given the right circumstances. But the OP doesn't want to maintain a postfix config so I'm not sure it's for him.
|
|
#
¿
Mar 25, 2023 12:21
|
|
|
Automate it with Ansible? That's what I'd reach for.
|
|
#
¿
Mar 25, 2023 16:20
|
|
|
I’m pretty happy with nextcloud tbqh. Phones upload pics automatically, files are shared, contacts are synced, calendars are calendaring. It all works and has for some years now. Trying out some better frontends for photo browsing/searching but probably will keep the uploading through nc
|
|
#
¿
Oct 13, 2023 08:25
|
|
|
|
| # ¿ May 14, 2024 19:37 |
|
|
I’ve been trying out both photoprism and immich lately and while not fully decided I’m leaning photoprism mainly because immich is more resource hungry, has more moving parts and is slower to index. I also find it less intuitive in some ways, like when trying to rectify errors in face recognition. The wife and I share a common library so the user separation stuff is more in my way than helpful as well.
|
|
#
¿
Nov 3, 2023 20:28
|
|