Hi all :)

I’ve got a media server set up running Navidrome, Calibre-Web, and Immich along with some other services, and want to get access to them from outside the house now. I’ve read that Caddy is good for securing things by making it easier to set up encryption, but I’m not sure I understand that side of things.

I’ve set up a Cloudflare tunnel for a Minecraft server, and I’ve got Tailscale installed but not set up with an exit server yet, but understand that Caddy would be better. I ideally want to set up apps on my wife’s phone so that she can access the libraries too.

Is it just a case of installing Caddy and setting up the services I want to share through it? That seems too easy, like I’ve missed something.

If it makes any difference, I’ve got a standard UK ISP router with a few ports forwarded, and I’m going to add an access point and then a LevelOne GEP-5070 managed switch to learn about things like VLANs. The link to the switch is here:

https://mayflex.com/shop/product/GEP-5070

I feel like I’m missing something, but can’t think what, so I’d be grateful for any help :)

  • irmadlad@lemmy.worldEnglish
    21·
    18 hours ago

    You’ve got Cloudflare tunnels/Zero Trust and Tailscale. You’ve got it wrapped up. Honest Question: What makes you think Caddy would be better? I think adding Caddy would be adding more complexity to a system that is already got everything it needs to operate correctly. I’m not even sure what Caddy would bring to the table in this scenario.

    • Tippon@lemmy.dbzer0.comOPEnglish
      2·
      6 hours ago

      I just replied to your other comment before I saw this one, but I’ll post the reply here too for anyone who’s following the thread :)

      The main thing I’m still not sure of is Tailscale. I don’t know if I can just put my services behind an URL for my wife to add to her devices, as she’s unlikely to remember to run Tailscale before she listens to her music, for example.

      Sorry, I’ve just replied to another comment before I saw yours. I didn’t realise that Cloudflare could deal with encryption on its own, I thought you needed something like Caddy to get certificates. I found out after seeing the other comment that one of my services running through the Cloudflare tunnel is encrypted, but I couldn’t get it to work in the past. I’m not sure what’s changed, but I’m going to give it a proper look once I’ve had some sleep.

      There’s something about the networking side of things that just throws me, and I struggle to get my head around it. If I can get things running through Cloudflare, I’ll be very happy :)

      • irmadlad@lemmy.worldEnglish
        1·
        3 hours ago

        I do appologize for not getting back sooner.

        through the Cloudflare tunnel is encrypted,

        Yes indeed

        I thought you needed something like Caddy to get certificates

        You can, and Caddy works well. It just didn’t make sense in this scenario. No worries, mate.

        but I’m going to give it a proper look once I’ve had some sleep.

        Well. I do have some notes tjat might help put the pieces together, if you get stuck.

        The main thing I’m still not sure of is Tailscale

        I use tailscale on the server as a overlay protective overlay, which could be accessed as well if needed,