Selfhosted

50550 readers

396 users here now

A place to share alternatives to popular online services that can be self-hosted without giving up privacy or locking you into a service you don't control.

Rules:

Be civil: we're here to support and learn from one another. Insults won't be tolerated. Flame wars are frowned upon.
No spam posting.
Posts have to be centered around self-hosting. There are other communities for discussing hardware or home computing. If it's not obvious why your post topic revolves around selfhosting, please include details to make it clear.
Don't duplicate the full text of your blog or github here. Just post the link for folks to click.
Submission headline should match the article title (don’t cherry-pick information from the title to fit your agenda).
No trolling.

Resources:

selfh.st Newsletter and index of selfhosted software and apps
awesome-selfhosted software
awesome-sysadmin resources
Self-Hosted Podcast from Jupiter Broadcasting

Any issues on the community? Report it using the report flag.

Questions? DM the mods!

founded 2 years ago

MODERATORS

HybridSarcasm@lemmy.world

HybridSarcasm@lemmy.hybridsarcasm.xyz

NGINX Introduces Native Support for ACME Protocol (blog.nginx.org)

submitted 2 days ago by BlackEco@lemmy.blackeco.com to c/selfhosted@lemmy.world

10 comments fedilink hide all child comments

you are viewing a single comment's thread
view the rest of the comments

[–] theit8514@lemmy.world 13 points 2 days ago (1 children)

No wildcard support sigh

[–] missphant@lemmy.blahaj.zone 9 points 2 days ago* (last edited 2 days ago) (2 children)

I believe Let's Encrypt only allows wildcard certs for DNS challenges so it's not really in the scope of Nginx; but I haven't used other web servers, do they implement that?

Edit: Looked into Caddy, it seems to have a plugin system for DNS providers, that's pretty slick. I can't see that ever happening for Nginx they seem very opinionated in wanting to be unopinionated unfortunately. I'm still sad they rejected the PR to implement prefers-color-scheme for default error pages.

[–] tux7350@lemmy.world 2 points 2 days ago

You can setup wild card certs with a DNS challenge using traefik. No plug-ins needed, works right out the box.

Personally, I quite prefer traefik. Its harder to use than Caddy but offers more features. Also, it uses yaml or docker labels for config. I'm not a fan of the nginx .conf format.

[–] Darkassassin07@lemmy.ca 1 points 2 days ago

DNS-01 is in the pipeline at least, so hopefully we'll see that bring wildcard certs along with it.

It's nice to see this being integrated into nginx. I've been using ACME.sh for around a decade instead. It just triggers through a script on a crontab schedule grabbing a new cert via DNS-01 if necessary, then refreshing nginx to recognize the new file.