I have a PC I have installed Portainer on, with various docker services (home assistant, jellyfin, etc…) with an ISP supplied router fixing various device IP addresses and reaching out to dyndns.

I really want to move everything over to HTTPS connections by supplying certificates, tls termination, etc .
The issue I have is self signed certificates mean I have to manage certificate deployment to everything in the house.

I figure I need to link a domain to the DynDNS entry and arrange certs for the domain. However I can’t make the link function and everywhere wants >£100 to generate a certificate.

How are people solving this issue?

  • Semi-Hemi-Demigod@kbin.social
    link
    fedilink
    arrow-up
    1
    ·
    1 year ago

    I don’t use DynDNS but I do have two HAProxy servers, one locally and the other on a VPS. The VPS has a cron job that renews the certs every three weeks, and my local server rsyncs them to the right place every so often.

    Then, on my pihole I send requests for my services to the local IP but on the same domain. Because the certs are looking at the domain name and not the IP the cert is valid both on my LAN and from the Internet.