Like the other commenter said, they’re expiring regularly. Host keys expire ~monthly and there’s a cronjob to reach out to the certificate authority server to renew them. User certs expire ~daily and the first time I ssh on any given day I have to authenticate with the CA. Recently tied it to PocketID for SSO.
I moved over to certificates a while ago.
Iirc vaultwarden itself won’t load if you don’t run https.
I was half done when I picked this back up, now I’m a quarter of the way done. Progress!
ignoring for the Winter season
You’re vastly underestimating my ability to not finish a project.
I haven’t used immich in a while, but ente felt like the more mature product when I was evaluating the two.
Is essentially a self hosted slack.
fail to receive SMS or calls, suddenly getting them delivered in a rush when I disconnect from tailscale.
I think that’s a known issue, but the last time I looked there didn’t seem to be a known cause or a fix.
I suspect there are a number of people who self host at least in part because they’ve been burned by proprietary software and enshittification, so it’s not a surprise that there’s strong opposition to those solutions.
Like docker directly on proxmox? Docker on proxmox isn’t going to be any better than docker on anything else.
VMs and LXC are where proxmox has its best integration.
Docker in a VM on proxmox, while maybe not the recommended way of doing things, works quite well though.
I think you misread OP’s intent.
You what?
Ha, I completely ignored the picture because it’s a self post. So there is an instance of caddy running on port 80.
When you say you’re trying to reverse proxy, are you starting up another instance of it instead of restarting the already running service with a new config?
I’m no expert on caddy, so we’re rapidly reaching the limits of my ability to offer anything useful.
If you visit http://<caddy address> what do you see?
There are a few implementations of wormhole that might work.
If you’re ok with exposing a server to the internet, I’ve had good luck with sharry. https://eikek.github.io/sharry/
I’ve also had good luck running a Nextcloud instance to share with friends and family. But that is probably overkill here.
I’ve bought from them several times and it’s always been a good experience.
My concern when it forked was that forgejo would last a few months and then fizzle out.
That doesn’t seem to be the case.
It’s easy to use and takes away some of the hassle.
If you don’t like cloudflare you could find a VPS you do like and run Pangolin on it to get the same service but maybe not the same level of protection.
I use Oracle’s free tier to host it. They’re probably worse than cloudflare as far as evil corporations go though.
I mean, the CA is also self hosted so I’m not sure what you think the extra attack vector is here.