My setup exists of one local server that basically hosts Jellyfin and an arr stack. I only access this server locally with PC, TV and phone, however I might setup a Wireguard based remote access in the future.
Should I use a reverse proxy like Caddy so I can access the different containers with a local domain name like jellyfin.myserver.local?
I am also interested in hosting Adguard home but how can this work together with Caddy, won’t they both conflict as a DNS server?
I appreciate any possible advice on these topics.
Thank you.
I like the workflow of having a DNS record on my network for *.mydomain.com pointing to Nginx Proxy Manager, and just needing to plug in a subdomain, IP, and port whenever I spin up something new for super easy SSL. All you need is one let’s encrypt wildcard cert for your domain and you’re all set.
This is exactly how I have mine set up and I really like it.
I’ve got an internal and external domain with a wildcard cert so if it’s a local only service I can easily create a newservice.localurl.com, and if it’s external I can just as easily set up newservice.externalurl.com
Can show us how you configured the internal part?
I can. I’ll report back with details tomorrow when I have time.
A reverse proxy makes setup a lot easier and more versatile, and can manage SSL certs for you.
I would say if locally. No. But the moment you open up to the web. Yes. Nginx proxy manager is also very good for this.
Don’t use jellyfin.server.local
.local is reserved for mdns, which doesn’t support more than one dot. (Though it may still sometimes work).
In any case, to make that work you need either a DNS server on your network or something like duckdns (which supports wildcard entries).
It’s nice not to deal with HTTPS warnings etc and as you said it’s more convenient to access by domain name rather than remembering port numbers. You should be able to technically achieve the latter in another way by using docker and configuring it to assign a real IP for each service (a bridge network presumably), then setting each service to use port 80 externally. But that’s probably as much work as just setting up a reverse proxy.
And if you’re concerned about exposing ports, you can use DNS challenge which doesn’t require opening port 80 on your router.