SEND_NUKES_PLS

joined 1 year ago
[–] SEND_NUKES_PLS@alien.top 1 points 11 months ago

Cloudflare Access would be the simplest solution imo. You just add their email address to the whitelist and have them access the site, they'll have to enter their email and then they will get a one time code sent to their email which then they could authenticate with.

 

So, I've been self hosting for about a year now, and up until now, I've used Cloudflare Tunnels to expose my services to the internet. Everything has worked just fine with CF tunnels, but being the tinkerer that I am, I've decided to try new things out and hopefully expand my knowledge when it comes to self hosting.

So here I am now running NGINX Proxy Manager and I'm trying to get everything set up properly.

I've got NPM up and running and I can access my services over it. My domain is managed via Cloudflare so I have A records set up in CF pointing it to the public IP of my VPS.

Here are the questions I've got:

In your opinion, should I turn on the DNS proxy on the Cloudflare A record?

Do I need the Let's Encrypt certificates if I turned on the DNS proxy in Cloudflare?

Is it possible to use my own Let's Encrypt certificates while proxying the DNS in Cloudflare? (Would that prevent Cloudflare from seeing the traffic?)

Is there any difference between creating a proxied A record in Cloudflare that points to the public IP of my VPS vs having Cloudflare Tunnels pointing to NPM locally?

If I don't want to use Cloudflare as an additional proxy to NPM, should I install Crowdsec?

Thanks!

 

So, I've been self hosting for about a year now, and up until now, I've used Cloudflare Tunnels to expose my services to the internet. Everything has worked just fine with CF tunnels, but being the tinkerer that I am, I've decided to try new things out and hopefully expand my knowledge when it comes to self hosting.

So here I am now running NGINX Proxy Manager and I'm trying to get everything set up properly.

I've got NPM up and running and I can access my services over it. My domain is managed via Cloudflare so I have A records set up in CF pointing it to the public IP of my VPS.

Here are the questions I've got:

In your opinion, should I turn on the DNS proxy on the Cloudflare A record?

Do I need the Let's Encrypt certificates if I turned on the DNS proxy in Cloudflare?

Is it possible to use my own Let's Encrypt certificates while proxying the DNS in Cloudflare? (Would that prevent Cloudflare from seeing the traffic?)

Is there any difference between creating a proxied A record in Cloudflare that points to the public IP of my VPS vs having Cloudflare Tunnels pointing to NPM locally?

If I don't want to use Cloudflare as an additional proxy to NPM, should I install Crowdsec?

Thanks!

 

I'm running a VPS on Oracle

My domain is managed by Cloudflare

I installed nginx reverse proxy manager in a Docker container with the following ports:

180:80
181:81
1443:443

I port forwarded ports 180 and 1443, and I get the following message when going to PublicIP:180

Congratulations!
You've successfully started the Nginx Proxy Manager.

If you're seeing this site then you're trying to access a host that isn't set up yet.

Log in to the Admin panel to get started.

I installed an nginx server to serve as the test container, and I've added both the NPM and the nginx server to the same network in Docker.

I get the following when accessing the nginx server (http://10.11.0.1:7676) via the said network:

Welcome to nginx!
If you see this page, the nginx web server is successfully installed and working. Further configuration is required.

For online documentation and support please refer to nginx.org.
Commercial support is available at nginx.com.

Thank you for using nginx.

In Cloudflare, I set 2 A records, both of them unproxied:

mydomain.com         to     MyPublicIP
test.mydomain.com    to     MyPublicIP

and I've also tried setting a CNAME for the test.mydomain.com and pointing it to root with no luck.

When I ping mydomain.com, I can see my public IP.

In NPM, I have the following settings:

Domain Name: test.mydomain.com
Scheme: http
Forward Hostname: 10.11.0.1
Forward Port: 7676
Block Common Exploits: True

When I try visiting http://test.mydomain.com from multiple browsers and 2 different networks, I get nothing.

Also, I tried getting an SSL certificate but was met with an error, and now it looks like I've hit the hourly limit on that...so I'm at least trying to get http working while I wait.

This is my first time trying NPM out, what am I missing? Help!

Thanks!