[-] watchdog_timer@alien.top 2 points 11 months ago

Yes, there are many different ways you can accomplish this.

[-] watchdog_timer@alien.top 1 points 11 months ago

I would be more interested in an smtp relay service like ghettosmtp which could tunnel through CGNAT.

[-] watchdog_timer@alien.top 1 points 1 year ago

I don't think so. (I've asked about this on Cloudflare's forum in the past.) You can host a mail server at home, but not through a Cloudflare tunnel. A domain's MX record for its mail server must point to an A or AAAA record, but a Cloudflare tunnel can only be specified using a CNAME record.

[-] watchdog_timer@alien.top 1 points 1 year ago

I haven't tried it, but there's a Nextcloud app called Skyprint

[-] watchdog_timer@alien.top 1 points 1 year ago

Has anyone tried Sentora or CloudPanel?

[-] watchdog_timer@alien.top 1 points 1 year ago

Are you connecting to NPM over a Cloudflare tunnel, or is Cloudflare only handling your DNS?

[-] watchdog_timer@alien.top 1 points 1 year ago

What error messages are you getting in your tunnel's error logs? You can view the live logs by going to Zero Trust -> Access -> Tunnels on your Cloudflare dashboard. Click on your tunnel's name, then the connector ID, then "begin log stream".

Or, from the command line, you can add the flag --logging DEBUG to your cloudflared application at start.

After enabling logging using either of these methods, try to load your site in your browser and see what error you're getting.

Are you wanting to enable this setting in NPM so https addresses will work on your local network? I ask because the tunnel already encrypts the traffic outside your network. Changing your tunnel's forwarding address from http://nginx:80 to https:nginx:443 only encrypts the traffic between the cloudflared and NPM daemons running on your computer. It really isn't necessary since it's internal to your server.

If that's the reason why, did you install a certificate in NPM that's specific for your domain?

[-] watchdog_timer@alien.top 1 points 1 year ago

i haven't used prosody, but it appears you can create your own client certificate using Cloudflare then manually install it in prosody

[-] watchdog_timer@alien.top 1 points 1 year ago

I self-host incoming mail and send outgoing mail using Mailjet's free plan to ensure deliverability. I've used them for several years and found them very reliable. Occasionally our outgoing mail is routed to spam despite having our DKIM and SPF records set per Mailjet's instructions. I'm not sure anyone else would be consistently better based on emailtooltester.com's annual deliverability reports. Their maximum attachment size is 15 MB, but they don't recommend anything over 5 MB, as some providers block anything larger than that (which I've found to be true).

[-] watchdog_timer@alien.top 1 points 1 year ago

How is their system currently set up? Do they print to a network printer? What outputs the PCL file, and what happens to it?

[-] watchdog_timer@alien.top 1 points 1 year ago

linuxserver.io has a reverse proxy container called SWAG that integrates fail2ban with an Nginx reverse proxy. You could set that container up as a proxy to your other containers, then point your Cloudflare tunnel to the reverse proxy. I'm in the middle of setting this up on my own homelab, so feel free to reach out if you have any questions.

[-] watchdog_timer@alien.top 1 points 1 year ago

In addition to the proxy method @matinfgar suggested (which I agree is probably the best option), you can also route by port in the tunnel's ‘config.yml‘ file. '

view more: next ›

watchdog_timer

joined 1 year ago