Just posted my setup

So, this took way longer than I thought it would, mostly because I needed the time to sit down and actually type this up.

Full credit, I followed the instructions in this video from Wolfgang’s Channel

Prerequisites (this is based on my setup, the api key requirement will vary based on your domain registrar/service):

• Docker & Docker Compose
• NGINX Proxy Manager running via Docker
• A registered domain to use for your lan
• An API key from your domain registrar/service

I’m running NGINX Proxy Manager, using this docker-compose.yml, which I got straight from the NGINX Proxy manager website.

version: '3.8'
services:
  app:
    image: 'jc21/nginx-proxy-manager:latest'
    restart: unless-stopped
    ports:
      - '80:80'
      - '81:81'
      - '443:443'
    volumes:
      - ./data:/data
      - ./letsencrypt:/etc/letsencrypt

I’ve got my domain managed by Cloudflare (yes, I know they’re evil, what company isn’t?), so these instructions will show setup using that, but NGINX Proxy Manager supports a whole bunch of domain services for the HTTP-01 challenge.

With all prerequisites in place, here are the steps:

• Log in to your NGINX Proxy Mananger (you can access the service and login at port 81 of the machine hosting it)
• In the top menu, click the SSL Certificates tab
• Click the Add SSL Certificate button
• Choose Let’s Encrypt for the certificate type
• In the Add Let’s Encrypt Certificate dialog, input the following
  • Domain Names: Input the domain root, as well as a wildcard subdomain. You’re entering both domains into the same field. After entering each domain, press the enter/return key on your keyboard to confirm the domain. For example, if you domain is abcde.com, input:
    • abcde.com *.abcde.com
• Email Address for Let’s Encrypt: Any valid email address you’d like to use
• Toggle the Use a DNS Challenge option on (when you toggle this on, a new set of options will appear)
  • DNS Provider: Choose yours. I chose Cloudflare
  • Credentials File Content: Delete the prepopulated dummy api key and paste in your actual api key
• Propagation Seconds: I put in 120 to give it two minutes. You can try leaving it blank, but if the DNS records haven’t propagated, you may get an error (I did when I tried leaving it blank during setup).
• Toggle on the I Agree to the Let’s Encrypt Terms of Service option - Click Save

Once you get a success message, you can start creating proxies with NGINX Proxy Manager for your internal domain. To do that you will need the ip address and port you are forwarding the domain to for your lan service. If you are using Docker containers, you’ll need the Docker ip, which you can get from the command line with:

ip addr show | grep docker0

You should get an ip address like 172.17.0.1

Otherwise you’ll just need the ip address of the machine you’re running the service on.

To set up a proxy redirect:

• In NGINX Proxy Manager click the Hosts tab/button and then choose Proxy Hosts.
• Towards the upper right click the Add Proxy Host button
• In the New Proxy Host dialog box, input the following:
  • Domain Names: input the domain address (subdomain or tld) you wish to use for the service. For example. homepage.abcde.com, then press enter to confirm the domain
  • Scheme: leave set to http
  • Forward Hostname/IP: Input either the host machine ip, or the docker ip
  • Forward Port: Input the appropriate port for the service
  • Cache Assets: Toggle on
  • Block Common Exploits: Toggle on
  • Websockets Support: Toggle on if the service needs websockets
  • Click the SSL tab of the New Proxy Host dialog box to set up the ssl certificate
  • In the SSL tab, input the following:
    • Click the None under SSL Certificate and select your local domain + wildcard subdomain certificate
    • Toggle on the Force SSL, HTTP/2 Support, HSTS Enabled, and HSTS Subdomains options
    • Click Save

Once the save is complete you should be able to input the new domain for you lan services and get a secure connection.*

*Bear in mind some services require you to specify a valid domain for the service within the config/settings. Double check any services you may be running for this if you plan to use a reverse proxy with them.

Haven’t forgotten. Just haven’t had time. I’ll get a write up ASAP

That’s totally fair. Wordpress can accomplish what you want, but also can be a giant nightmare. I ran a membership based Wordpress site for around a decade (self hosted and maintained), and it was mostly okay, but also many times a giant headache. I fully understand wanting to avoid Wordpress.

I can. I’ll report back with details tomorrow when I have time.

This is exactly how I have mine set up and I really like it.

I’ve got an internal and external domain with a wildcard cert so if it’s a local only service I can easily create a newservice.localurl.com, and if it’s external I can just as easily set up newservice.externalurl.com

I’m not entirely sure what you mean by userbase, but based on your description it sounds like you could set up a Wordpress docker container with some plugins to handle what you want and then use the Wordpress api for the calls. If you’re looking for like a paid membership situation for the site, there are free and pay plugins that can accomplish the payments and subscription integrations.

Awesome! Glad I could help.

At the terminal, go to the directory that contains the mount point for the disk (so if the mount point is /mnt/disk go to /mnt.

Run ls -l. This should list everything in /mnt with the owners and permissions. If your mount point (in this example disk) is owned by user and group root, then you just need to change ownership of the mount point and the disk attached.

With the disk attached, run sudo chown -R user:user disk

Replace each instance ofuser with your system username (if you’re not sure what you’re username is run whoami and it will tell you), and replace disk with your mount point directory.

Here’s what this does:

• sudo: escalates your privileges to run the chown command
• chown: the utility that allows you to change ownership of files and directories
• -R: tells chown to change ownership recursively
• user:user specifies the user and group that will own the files/directories you are modifying.
• disk: specifies the file(s)/directories you want to change ownership for.

You do need to be careful, but you can check for errors after editing /etc/fstab by running the command sudo mount -a. With the drive attached but not mounted. (Also good practice to use the UUID of the drive in the fstab entry)

That command runs through etc/fstab and attempts to mount everything it is instructed to mount if it is not already mounted. And if there is an error it will let you know.

If you run sudo mount -a and you get no output in the terminal, then there are no errors, your drive should now be mounted, and you should be fine for reboots and it should mount on startup as expected.

deleted by creator

Instead of using the gui for this, have you tried. creating a mount point and adding an entry to /etc/fstab?

Edit: fixed stupid autocorrect

Can someone eli5 what real time kernel is?

Edit: nvm. Found a good explainer.

I’m currently using Baserow, and so far it suits my needs well enough. I’m not a very demanding user, but part of what I love is how nicely Baserow documents the api. It made it very easy for me to implement some automations I wanted to use to record data.

Edit: fix stupid autocorrect errors

If you’re just doing a vanilla Linux install, ext4 is the way to go.

Oh dang. How fun. I never even considered thematically making my machines! Mine are super mundane.

• machine - main server
• osmc - Kodi media box for tv
• kmac - old iMac running kde neon
• tunnelpi - raspberry pi 4 wireguard tunnel access point
• mini- Mac mini my wife uses for day to day use.

Now I’m going to have to find a theme and start renaming machines! I might go with Magic the Gathering as my theme.

Edit: formatting, and added MtG as potential theme

Edit 2: fixed stupid autocorrect error (theatrically to thematically)

This is great. Thank you for sharing!! I was just thinking about how I wanted this and knew it had to exist in the settings but hadn’t gotten around to looking up how to accomplish it.

Currently running Navidrome on my server and using substreamer on mobile, with the webui on desktop.

+1 for mealie. Been running it for maybe six months now and it’s great.

I miss BASIC and that ready prompt.