Our great sponsors
-
docker-swag
Nginx webserver and reverse proxy with php support and a built-in Certbot (Let's Encrypt) client. It also contains fail2ban for intrusion prevention.
-
minica
minica is a small, simple CA intended for use in situations where the CA operator also operates each host where a certificate will be used.
-
InfluxDB
Power Real-Time Data Analytics at Scale. Get real-time insights from all types of time series data with InfluxDB. Ingest, query, and analyze billions of data points in real-time with unbounded cardinality.
Op please take a look at linuxserver io SWAG it is a reverse proxy with a cert bot. They have really good documentation here: https://docs.linuxserver.io/general/swag
If you’re just hosting locally and don’t feel like figuring out OpenSSL, easyRSA, etc etc, you can use minica to generate a wildcard cert signed by your own certificate authority. Then just add the root cert to all your devices and add the wildcard cert to any of the reverse proxies suggested on this post.
Caddy is more of a general purpose web server, more similar to Apache/Nginx. It has a file server, fastcgi, and can proxy, among many other things (has a plugin system so it can do whatever). You generally write a config like a Caddyfile to tell Caddy what to do, but there's also a JSON config API if you need scripted config changes. There's also https://github.com/lucaslorentz/caddy-docker-proxy which can generate a Caddyfile config based on Docker labels (this is similar to how Traefik is often configured).