• 0 Posts
  • 11 Comments
Joined 1 year ago
cake
Cake day: July 24th, 2023

help-circle

  • When selfhosting stuff, it’s just incredibly difficult to properly set this up while maintaining compatibility with http for other stuff. Usually you’ll have one reverse proxy (eg. nginx) handling http/https encryption and forwarding to a socket (or in case of docker, one of a dozen open ports on one of a hundred interfaces, fuck you docker), over http. The APIs themselves almost never have direct https support, and even if I wanted to manage them directly, certbot only supports reverse proxies directly. So you need to differentiate between api and non-api in the reverse proxy.