I’m going round in circles on this one.

What I want to do is:

  • serve up my self-hosted apps with https (to local clients only - nothing over the open web)
  • address them as ‘app.server.lan’ or ‘sever.lan/app’
  • preferably host whatever is needed in docker

I think this is achievable with a reverse proxy, some kind of DNS server and self-signed certs. I’m not a complete noob but my knowledge in this area is lacking. I’ve done a fair bit of research but I’m probably not using the right terminology or whatever.

Would anyone have a link to a good guide that covers this?

  • Willdrick@lemmy.worldEnglish
    4·
    10 hours ago

    You say that, but I’ve seen so many dodgy iot devices… Specially deploying PiHole you start to see so much random traffic from stupid stuff like a smartplug or a TV box

    • non_burglar@lemmy.worldEnglish
      1·
      9 hours ago

      If you’re on the same subnet, no amount of reverse proxy will help with dodgy apps. It’s more appropriate to put the dodgy iot in a DMZ to control what they can do.

      Putting https on these is fine, but it’s not a solution to isolating bad clients.