Hacker Newsnew | past | comments | ask | show | jobs | submitlogin

Personally I'm using haproxy for this purpose, with Lego to generate wildcard SSL certs using DNS validation on a public domain, then running coredns configured in the tailnet DNS resolvers to serve A records for internal names on a subdomain of the public one.

I've found this to work quite well, and the SSL whilst somewhat meaningless from a security pov since the traffic was already encrypted by wire guard, makes the web browser happy so still worthwhile.



Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: