I’ve bought myself my first domain name and all I really want to be able to do is to make it simply for the less tech savvy folks around me, to access various service such as Plex and Vaultwarden. Rather than having to direct the to something like 192.168.0.25:32400, I want to tell them to just go to plex.mydomain.com
… or better yet, dashboard.mydomain.com
which would have links that redirect to the likes of plex.mydomain.com
or vaultwarden.mydomain.com
.
As my family have no really use for said service outside of our LAN, I also wanted to make the varius subdomains only accessible to LAN. So in preperation, I’ve done the following…
- Bought domain name via Namecheap
- Signed up to Cloudflare
- On pfSense / Cloudflare, I have setup Drynamic DNS.
- Set A Records for the root domain, and for each subdomain I plan to use. All of which are currently proxied by Cloudflare.
- Install HAProxy on pfSense
Then I’ve tried following Tom’s videos on HAProxy multiple times… I’ve tried following various different guides multiple times… I want to use Vaultwarden, so I’ve tried following the Vaultwarden wiki’s pfsense+HAProxy numerous times…
I’ve checked and rechecked all the HAProxy settings the various videos and tutorials show, and I’ve tried adding, chancing, and unproxying A Records on Cloudflare. I’ve tried NAT Port Forwards for port 80, 443, and the various service specific ports (in Vaultwarden’s case, 8000), I’ve also messed around with adding Outbound NAT rules but I’m really starting to spin my wheels and I can no longer think straight… I’m just not knowledgable enough about routing to understand everything I’m trying or where the problem might be,
The only modicum of success I’ve had so far is that when I installed TurkeyLinux’s DokuWiki image in another LXC container on my Proxmox host, and then configured it to use my domain via the DokuWiki admin page. When I entered mydomain.com
into Firefox (screw Chrome), the DokuWiki frontpage came up, complete with HTTPS connection using my Let’s Encrypt cert… then I mananged to break it somehow.
So I either need some help or a nice soft pillow to place on my desk so that slamming my head against it in frustration doesn’t hurt quite so much.
Currently, I find myself having once again follewed the “HAproxy inside PfSense (by [@RichardMawdsley]” here (inlcuding the required “HTTP>HTTPS Redirection” which I had to find on the Wayback Machine), and again… it’s not working!!!
My plan of action now is to delete the HAProxy frontends and backends, and the various NAT entries, and start from scratch. I’m going to follow Tom’s video to the letter, and when it still doesn’t work… hopefully then some of you kind people might please help a sore headed newbie out?
In the meantime, I’d be really grateful if any of you could offer suggestions as to where else this noob might be going wrong?