My setup exists of one local server that basically hosts Jellyfin and an arr stack. I only access this server locally with PC, TV and phone, however I might setup a Wireguard based remote access in the future.
Should I use a reverse proxy like Caddy so I can access the different containers with a local domain name like jellyfin.myserver.local?
I am also interested in hosting Adguard home but how can this work together with Caddy, won’t they both conflict as a DNS server?
I appreciate any possible advice on these topics.
Thank you.
Whatever floats your boat. If you don’t need it, you don’t need it. I have some services exposed to the outside on the standard port and I need a reverse proxy to make that possible. It also does the https with letsencrypt certificates. It’s a bit more comfortable managing them all in the reverse proxy. But I also have some webinterfaces of other less important software that is fine running on some IP on port 5102 and I don’t worry configuring something to change that. I don’t think there is a “should” unless you need to encrypt the traffic or expose that service to somewhere. And it’s also not wrong to do it.
Somewhat related rant: I recently tried to set up a reverse proxy on a Synology NAS, my god was it convoluted.
I’m curious what made it that complicated. Was the Synology OS (DSM they call it right?) fighting you along every step or something? As far as I know it’s a custom Linux OS but I have no idea what it’s based on, or if it’s even based on a specific distribution… I could definitely see it being a challenge depending on the answers haha.
If you’re not hosting any publicly available services, then no. A reverse proxy would be unnecessary. You can just just set static records in your DNS server that tell it which internal hostname goes with what IP and it will relay that info to any device on your local network that requests it. Even with a Wireguard connection, you can tell it to use the DNS server from your local network.
Personal preference.
Unless something has changed, Caddy isn’t a dns server. It’s a web server and reverse proxy. If you might expose something to the public internet, you will want it behind the reverse proxy.
If you want to access local network services (private vpn counts) via a domain name all you need is a DNS server and for you clients setup to query that dns server. I use PiHole for this. From what I understand Adguard may be similar to PiHole but I’ve never looked a it.
One thing to be wary of, there are no reserved private network domains. Depending on how you set things up your local network dns queries may go out onto the public internet. It’s best to go ahead and register a domain name that you want to use so that you can control it routing if that happens. They can be had cheap as $11 USD each.
For sure.
At some point, your services could easily warrent it. If you learn it early, it makes it much easier to organize your services and share them with others if you decide to.
Also, if you do decide to use a domain name, you probably won’t be able to use it internally to your network. If you use Adguard, you can use DNS rewrite to only direct your traffic to your server when you’re in your network.
Also, personally, I use nginx, but I’m more than happy to give you any advice on setup or reverse proxy.
