Reverse Proxy

[jawhett1]

My ISP blocks port 80 but not 443. I would like to use my duckdns url, in combination with caddy to reverse proxy the https connection. 443 is what uses https so I shoudln't *need* 80 right? 
Or is my understanding mistaken?

I currently use nordvpn's meshnet to access remotly but frankly its a bit slow and meshnet messes up my group messeges so I would prefer a more robust solution.

I followed the guides:
https://jellyfin.org/docs/general/quick-start/windows/
&
https://jellyfin.org/docs/general/networking/caddy

So I have some background, but I dont know how to exactly set this up. Guidance would be appreciated.

[TheDreadPirate]

You would need to get certs from LetsEncrypt. The process is fairly simple.

https://caddyserver.com/docs/automatic-https
https://jellyfin.org/docs/general/networ...tsencrypt/

[jawhett1]

Caddy automatically gets the certs from letsEncrypt using Acme, right?

Also this wording makes it seem like both 80 and 443 have to be open.

"For public domain names:

These are common requirements for any basic production website, not just Caddy. The main difference is to set your DNS records properly before running Caddy so it can provision certificates.

If your domain's A/AAAA records point to your server,
**ports 80 and 443 are open externally**,
Caddy can bind to those ports (or those ports are forwarded to Caddy),
your data directory is writeable and persistent,
and your domain name appears somewhere relevant in the config"

This makes it seem that they both have to be open no?

[TheDreadPirate]

You know what. You are correct. Port 80 has to be open for the process.

If you have a friend or family member with a different, and not dumb, ISP you could complete the process there. Change your DDNS address temporarily, complete the process, change your DDNS again.

But you would need to do that every 3 months...hmmm. Mobile hotspot?

[uglytruck]

I was always under the impression that if you were using a reverse proxy with a certification, the proxy is the one using 443.  I'm using nginx with letsencrypt and don't have any issues connecting at work (IT will not allow any http connections). Here's a video showing how to setup nginx & DuckDNS with Jellyfin, it's short and works.  https://www.youtube.com/watch?v=qlcVx-k-02E&t=648s

[TheDreadPirate]

A small portion of the process is http.  Has to be port 80.

   

[d03j]

A small portion of the process is http.  Has to be port 80.

I think you can do a TLS-ALPN-01 challenge with certbot.

Also, if you're using docker, traefik might be a better reverse proxy option and it ca manage duck DNS certs automatically for you (https://doc.traefik.io/traefik/https/acme/)

[AdamMeshnet]

My ISP blocks port 80 but not 443. I would like to use my duckdns url, in combination with caddy to reverse proxy the https connection. 443 is what uses https so I shoudln't *need* 80 right? 
Or is my understanding mistaken?

I currently use nordvpn's meshnet to access remotly but frankly its a bit slow and meshnet messes up my group messeges so I would prefer a more robust solution.

I followed the guides:
https://jellyfin.org/docs/general/quick-start/windows/
&
https://jellyfin.org/docs/general/networking/caddy

So I have some background, but I dont know how to exactly set this up. Guidance would be appreciated.

Hi, jawhett1. Dropping by to ask a couple of questions about your Meshnet use. 

You mention that it's a bit slow - I've been using it to access my Jellyfin server remotely for some time and can't really complain about the speeds. I know that I can get speeds up to 400MB with Meshnet. What exactly do yo mean by slow?

As for the messaging app - what devices are you using with your Meshnet and what kind of messaging app? I have yet to come across such complain regarding Meshnet.