For instance how can I use my *.domain.com SSL certs and NPM to route containers to a subdomain without exposing them? The main domain is exposed.

  • thumdinger@lemmy.world
    link
    fedilink
    English
    arrow-up
    7
    ·
    4 days ago

    This is what I do as well. I have a public DNS record for my internal reverse proxy IP (no need to expose my public IP and associate it with my domain). I let NPM reach out to the DNS provider to complete verification challenge using an account token, NPM can then get a valid cert from Let’s Encrypt and nothing is exposed. All inbound traffic on 80/443 remains blocked as normal.