Lets-Encrypt

Running Caddy Server: The Zero-Config HTTPS Reverse Proxy You’re running a dozen Docker containers. Each one listens on a different port. You’re tired of remembering 192.168.1.50:8096 for Jellyfin and :3000 for Gitea. You want jellyfin.yourdomain.com with HTTPS — and you don’t want to wrestle with Nginx config files or manually renew Let’s Encrypt certificates. Caddy does all of this automatically. Point a domain at it, tell it where your service lives, and it handles HTTPS certificates, renewal, and reverse proxying with almost zero configuration. ...

If you’re running multiple Docker services and juggling Nginx configs every time you add a container, Traefik will change your life. It watches Docker for new containers and automatically configures routing — no config file edits, no reloads, no downtime. What is Traefik? Traefik is a modern reverse proxy and load balancer designed for microservices and containers. Version 3 brought HTTP/3 support, WASM plugins, and a cleaner configuration model. It sits in front of all your services, handles SSL termination, and routes traffic based on Docker labels. ...

Running multiple self-hosted services on one server creates a problem: they all need different ports. Nextcloud on 8080, Jellyfin on 8096, Grafana on 3000 — and you’re expected to remember all of them. Worse, none of them have SSL unless you set it up manually. Nginx Proxy Manager (NPM) fixes this by giving you a clean web UI to manage reverse proxy hosts, automatically provision SSL certificates from Let’s Encrypt, and control access — all without touching a single Nginx config file. ...

SSL Certificates for Self-Hosted Services: Complete Guide to HTTPS Running self-hosted services over plain HTTP is risky. Passwords, session cookies, and personal data travel in cleartext, vulnerable to interception. HTTPS encrypts everything. With free SSL certificates from Let’s Encrypt, there’s no excuse to skip it. This guide covers three ways to get SSL certificates for your home server: Nginx Proxy Manager - Easiest, GUI-based Caddy - Automatic HTTPS, zero config Certbot - Manual, maximum control Why SSL Certificates Matter Without HTTPS Passwords visible - Anyone on your network sees login credentials Session hijacking - Attackers steal cookies, impersonate you MITM attacks - Traffic can be intercepted and modified Browser warnings - “Not Secure” labels scare users Modern features broken - Service workers, webcam access, etc. require HTTPS With HTTPS End-to-end encryption - Data scrambled between browser and server Authentication - Certificate proves you’re talking to the right server Trust indicators - Green padlock in browser Full feature support - PWAs, geolocation, notifications work Compliance - Required for many services (OAuth, payment processing) Prerequisites 1. Domain Name You need a domain pointing to your server. Let’s Encrypt validates domain ownership. ...