this post was submitted on 16 May 2024
24 points (90.0% liked)

Selfhosted

40633 readers
318 users here now

A place to share alternatives to popular online services that can be self-hosted without giving up privacy or locking you into a service you don't control.

Rules:

  1. Be civil: we're here to support and learn from one another. Insults won't be tolerated. Flame wars are frowned upon.

  2. No spam posting.

  3. Posts have to be centered around self-hosting. There are other communities for discussing hardware or home computing. If it's not obvious why your post topic revolves around selfhosting, please include details to make it clear.

  4. Don't duplicate the full text of your blog or github here. Just post the link for folks to click.

  5. Submission headline should match the article title (don’t cherry-pick information from the title to fit your agenda).

  6. No trolling.

Resources:

Any issues on the community? Report it using the report flag.

Questions? DM the mods!

founded 2 years ago
MODERATORS
 

I thought I was going to use Authentik for this purpose but it just seems to redirect to an otherwise Internet accessible page. I'm looking for a way to remotely access my home network at a site like remote.mywebsite.com. I have Nginx proxy forwarding with SSL working appropriately, so I need an internal service that receives the traffic, logs me in, and passes me to services I don't want to expose to the Internet.

My issue with Authentik is if I need to access questionable internal websites I have to make an Internet accessible subdomain. I don't want authentik.mywebsite.com to redirect to totallyillegal.mywebsite.com. I want it to redirect to 10.1.1.30:8787.

Is there anything that does that?

you are viewing a single comment's thread
view the rest of the comments
[–] herrfrutti@lemmy.world 5 points 7 months ago (6 children)

You need a wildcard cert for ypur subdoman:

*.legal.example.com

Then point that record to 127.0.0.0. This will not resolve for anyone. But you'll have an internal dns enty (useig pihole/adguard/unbound) that redirects to your reverse proxy.

You could also point to your revers proxy internal address instead of 127.0.0.0.

This video could help you: https://www.youtube.com/watch?v=qlcVx-k-02E

[–] lemmyvore@feddit.nl 2 points 7 months ago (2 children)

The only catch is that some ISP or workplaces filler public DNS entries that point to private IPs because they can be indications of certain attacks.

[–] herrfrutti@lemmy.world 1 points 7 months ago (1 children)

But does this matter if you just want this to be locally accessible and you're running your own dns?

[–] lemmyvore@feddit.nl 1 points 7 months ago

If it's resolved only on a private DNS server then it's ok.

load more comments (3 replies)