diff --git a/timestamped/2026-06-07_17-40-12.md b/timestamped/2026-06-07_17-40-12.md new file mode 100644 index 0000000..d11256c --- /dev/null +++ b/timestamped/2026-06-07_17-40-12.md @@ -0,0 +1,123 @@ +--- +id: 2026-06-07T17:40:12-0400 +title: 2026-06-07 17:40:12 +tags: [] +daily: "[[2026-06-07]]" +--- +# 2026-06-07 17:40:12 + +It is trivial to get home media server apps running and LAN accessible, +and not so much harder to get them accessible from outside either +if you have no reservations about using IP directly +(i.e. `http://81.168.249.237:8096`), +but mobile receiver apps don't usually play nice +without certified HTTPS anyway. + +### Setting Up DNS + +#### Buy a Domain + +This step is one of the easiest +and, at the risk of [[drinking-ones-own-kool-aid]], +I recommend most people do it soon +even if they don't have plans for a home network yet. +For the time being, +if you have a reasonably unique name +a domain is one of the cheapest things +you could spend money on. + +> `nick-decarlo.com` for example: \$10.46 per _year_ + +For that same price +I get to send emails from `gmail@zanemeyers.com` +and confuse the hell out of people. + +#### Add DNS Records + +For each service +create a Type A record with the name of the service +pointing at your _public_ IP, +which you can find with +`curl ifconfig.me` +or at [WhatIsMyIp.com](https://www.whatismyip.com/). + +#### Configure Encryption Mode + +Without this step redirection will not work with Cloudflare's proxy. + +``` +SSL/TLS > Overview > Configure +``` + +Set to "Full (Strict)" and Save. + +At this point the domain is configured +and it shouldn't need to be touched again. + +### Setting Up the Reverse Proxy Server + +I decided to use a decade-and-change-old laptop +for a reverse proxy server + +> It is probably possible to forgo the server entirely +> and just run Caddy on [WSL](https://en.wikipedia.org/wiki/Windows_Subsystem_for_Linux) + +I'm assuming we've already booted [Ubuntu Server](https://ubuntu.com/download/server) +and done the initial setup, +if for no other reason +than because I did that years ago +so I can't remember all that entailed. + +#### Set Up a Reverse Proxy + +A reverse proxy will let us map requests for `.zanemeyers.com` +to internal IP's and ports. + +There are a few options, +but I used [Caddy](https://caddyserver.com/) +because it automatically issues and renews SSL certificates. + +##### Install Caddy + +```bash +sudo apt update +sudo apt install -y debian-keyring debian-archive-keyring apt-transport-https +curl -1sLf 'https://dl.cloudsmith.io/public/caddy/stable/gpg.key' | sudo gpg --dearmor -o /usr/share/keyrings/caddy-stable-archive-keyring.gpg +curl -1sLf 'https://dl.cloudsmith.io/public/caddy/stable/debian.deb.txt' | sudo tee /etc/apt/sources.list.d/caddy-stable.list +sudo apt update +sudo apt install caddy +``` + +##### Configure Caddy + +open Caddy's configuration with your favorite text editor + +```bash +sudo vim /etc/caddy/Caddyfile +``` + +and create entries for each app. +For example using [Jellyfin](https://jellyfin.org/): + +```caddy +jellyfin.zanemeyers.com { + # : + reverse_proxy 192.168.1.20:8096 +} +``` + +After saving the new config, +reload the service to apply the changes. + +```bash +sudo systemctl reload caddy +``` + +### Setting Up + +In your router settings. +forward TCP 80 (HTTP) and 443 (HTTPS) +to your reverse proxy server. + +That was the last step. +I don't know how to end this note.