Currently, I use dockerproxy + swag and Cloudflare for externally-facing services. I really like that I don’t have to open any ports on my router for this to work, and I don’t need to create any routes for new services. When a new service is started, I simply include a label to call swag and the subdomain & TLS cert are registered with Cloudflare. About the only complaint I have is Cloudflare’s 100MG upload limit, but I can easily work around that, and it’s not a limit I see myself hitting too often.

What’s not clear to me is what I’m missing by not using Traefik or Caddy. Currently, the only thing I don’t have in my setup is central authentication. I’m leaning towards Authentik for that, and I might look at putting it on a VPS, but that’s the only thing I have planned. Other than that, almost everything’s running on a single Beelink S12. If I had to, I could probably stand up a failover pretty quickly, though.

  • hendrik
    link
    fedilink
    English
    2715 days ago

    Well, not using Cloudflare would make us all rely a bit less on a single company that already dominates the internet. And it’d make them unable to theoretically mess with your traffic and snoop on your data. Other than that… I don’t think you’re missing out on features.

    • @theRealBassist
      link
      English
      315 days ago

      What would you recommend as an alternative? Right now I’m just using them for DNS.

      • hendrik
        link
        fedilink
        English
        415 days ago

        I really don’t know what to recommend to other people. I use opennic.org for DNS. And I don’t use any tunnels, I just do port forwarding on my router. I have an internet connection that allows that.

        • @theRealBassist
          link
          English
          011 days ago

          That actually seems like a solid option. Do you happen to know how well it integrates with Traefik and the like for setting up reverse proxies?

          • @[email protected]
            link
            fedilink
            English
            111 days ago

            If you use caddy it works like a charm out of the box with their desec module. If you run caddy with via docker compose you can integrate the respective module pretty easily, check the ”Adding custom Caddy modules" section on their docker hub page.

      • Zelaf
        link
        fedilink
        English
        214 days ago

        1984.hosting has a freely available to use DNS service for domains. They’re a good company that does what Njalla say they do but without the bullshit of stealing peoples domains.

        • @keepee
          link
          English
          214 days ago

          How is cloudflare stealing domains?

          • Zelaf
            link
            fedilink
            English
            213 days ago

            No, Njalla is. They have a history of stealing domains and banning users without explaining why and absolutely refuse to look into why a user got banned in the first place. On top of that generally terrible customer support.

            I’ve had the complete opposite experience with 1984.hosting, support has been great and they even support GPG keys to one of their emails if you want to keep your inquires encrypted.

            • @keepee
              link
              English
              213 days ago

              Interesting. I hadn’t even heard of Njalla, but now I know to avoid them, thanks.