Selfhosted

46677 readers

1035 users here now

A place to share alternatives to popular online services that can be self-hosted without giving up privacy or locking you into a service you don't control.

Rules:

Be civil: we're here to support and learn from one another. Insults won't be tolerated. Flame wars are frowned upon.
No spam posting.
Posts have to be centered around self-hosting. There are other communities for discussing hardware or home computing. If it's not obvious why your post topic revolves around selfhosting, please include details to make it clear.
Don't duplicate the full text of your blog or github here. Just post the link for folks to click.
Submission headline should match the article title (don’t cherry-pick information from the title to fit your agenda).
No trolling.

Resources:

selfh.st Newsletter and index of selfhosted software and apps
awesome-selfhosted software
awesome-sysadmin resources
Self-Hosted Podcast from Jupiter Broadcasting

Any issues on the community? Report it using the report flag.

Questions? DM the mods!

founded 2 years ago

MODERATORS

[email protected]

390

Let’s Encrypt Begins Supporting IP Address Certificates (linuxiac.com)

submitted 1 day ago by [email protected] to c/[email protected]

49 comments fedilink hide all child comments

Who benefits from this? Even though Let’s Encrypt stresses that most site operators will do fine sticking with ordinary domain certificates, there are still scenarios where a numeric identifier is the only practical choice:

Infrastructure services such as DNS-over-HTTPS (DoH) – where clients may pin a literal IP address for performance or censorship-evasion reasons.
IoT and home-lab devices – think network-attached storage boxes, for example, living behind static WAN addresses.
Ephemeral cloud workloads – short-lived back-end servers that spin up with public IPs faster than DNS records can propagate.

you are viewing a single comment's thread
view the rest of the comments

[–] [email protected] 7 points 9 hours ago (7 children)

F I N A L L Y

Now tell me it supports IPv6 and I'll be the happiest man alive

[–] [email protected] 2 points 3 hours ago* (last edited 3 hours ago) (2 children)

Maybe I'm not understanding it but I can't see what I would use this for due to the 6 day issue period. Bringing a NAS up to copy data for a couple days is the only real use case I find for home users.

Because even if you pay for a static external IP from your ISP, this doesn't support using such for longer than that period right?

[–] [email protected] 2 points 1 hour ago (1 children)

Let's Encrypt is meant yo be used with automated certificate renewal using the ACME protocol. There are many clients for this. Both standalone and built into e.g. Caddy, Traefik and other software that does SSL termination.

So this specific concern doesn't really make sense. But that doesn't mean I really see a use case for it either, since it usually makes more sense to access resources via a host name.

[–] [email protected] 1 points 1 hour ago

Thanks! I'll look into that, this could be useful for me then after all. This is why it's always good to ask questions

[–] [email protected] 1 points 2 hours ago (1 children)

Can't it automatically be renewed?

[–] [email protected] 1 points 1 hour ago* (last edited 1 hour ago) (2 children)

Not sure, I just saw the 6 day thing in the article, that would be nice though

Edit: vorpal says you should be able to using ACME https://programming.dev/comment/17987211

[–] [email protected] 2 points 1 hour ago

Yay!

[–] [email protected] 1 points 1 hour ago

Yay!

load more comments (4 replies)