ArunLearned how to install #Tailscale's certs on my #pihole lighttpd today. Onto learning #nginx tomorrow as there are a bunch of #Docker containers that can benefit with these certs.
Decided to go with #caddy instead of #nginx. Some progress. Learned how to write Caddyfile rules, bind service to ports, and dived deep into multiple Caddy docs. My Whoogle instance has #LetsEncrypt certs now. 🎉
Onto figuring out how to get it for #pihole and #libreddit tomorrow. There must be a way to serve #Docker containers on a subdirectory each. This is crucial for me because #Tailscale certs are only for the node/domain it's used for. I cannot use it for subdomains.
More progress with #caddy. Learned how to build a custom binary with #xcaddy, install the "replace-response" module and use that to output each Docker container's response to a specific subfolder on my #Tailscale node domain. So now:
https://mew.tailnet-b593.ts.net serves #libreddit.
https://mew.tailnet-b593.ts.net/google serves a #whoogle instance.
Happy how this worked out!
http://mew/admin serves #pihole admin. I wanted to serve that on HTTPS too, but if that takes the root domain, libreddit has to move to another subfolder. When I try that, CSS from libreddit breaks. 😕 Something to figure out another day.
Wrote about the full setup/process here: https://arun.be/2021/09/27/tailscale-tls-certificates-for-my-home-lab/