Totally local web server on HTTPS.

This page summarizes the projects mentioned and recommended in the original post on /r/selfhosted

Our great sponsors
  • WorkOS - The modern identity platform for B2B SaaS
  • InfluxDB - Power Real-Time Data Analytics at Scale
  • SaaSHub - Software Alternatives and Reviews
  • mkcert

    A simple zero-config tool to make locally trusted development certificates with any names you'd like.

    I would suggest mkcert, https://github.com/FiloSottile/mkcert This tool can even install the root CA onto your system and into your web browser. https should "just work" after you run the tool, install the root ca, and configure your http server to use the cert+key (and maybe the intermediate chain if needed, I cant remember)

  • lego

    Let's Encrypt/ACME client and library written in Go

    When you say “no internet dependence”, do you mean just not allowing inbound HTTP access, or no outbound internet connections at all? If the former, you can utilise DNS challenges via Let’s Encrypt, then use a local DNS server to point the corresponding full domain to the internal IP address of your web server. If your domain registrar has a DNS API, this can be automated using ACME clients like Lego. Cloudflare and Gandi are two good options.

  • WorkOS

    The modern identity platform for B2B SaaS. The APIs are flexible and easy-to-use, supporting authentication, user identity, and complex enterprise features like SSO and SCIM provisioning.

  • nginx-proxy

    Automated nginx proxy for Docker containers using docker-gen

    I (FINALLY) just configured my LAN server to host HTTPS using a duckdns.org dns name without opening ports to the outside world. The trick was to use my opnsense route to do the dynamic dns updates and acme cert registration/auto-renewal. The opnsense plugin has an automation that copies renewed certs via SFTP to my internal webserver. It may sound weird but think of it as faux load balancer; LAN traffic is port forward to the server's NAT ip, WAN traffic is denied. I am now using nginx-proxy to update all of my containers to resolve to path based routes and if I can stop pulling out what little hair I have left, some sort of SSO through Organizr

  • Organizr

    HTPC/Homelab Services Organizer - Written in PHP

    I (FINALLY) just configured my LAN server to host HTTPS using a duckdns.org dns name without opening ports to the outside world. The trick was to use my opnsense route to do the dynamic dns updates and acme cert registration/auto-renewal. The opnsense plugin has an automation that copies renewed certs via SFTP to my internal webserver. It may sound weird but think of it as faux load balancer; LAN traffic is port forward to the server's NAT ip, WAN traffic is denied. I am now using nginx-proxy to update all of my containers to resolve to path based routes and if I can stop pulling out what little hair I have left, some sort of SSO through Organizr

  • easy-rsa

    easy-rsa - Simple shell based CA utility

    If you can add CAs to the hosts that will access this server, you can be your own certificate authority. mkcert is good, as mentioned elsewhere, or you can go all out: https://github.com/OpenVPN/easy-rsa

  • InfluxDB

    Power Real-Time Data Analytics at Scale. Get real-time insights from all types of time series data with InfluxDB. Ingest, query, and analyze billions of data points in real-time with unbounded cardinality.

NOTE: The number of mentions on this list indicates mentions on common posts plus user suggested alternatives. Hence, a higher number means a more popular project.

Suggest a related project

Related posts