I have successfully set up swag and heimdall. I have no external access to my network, thus everything is related to the local network only. But I want to use letsencrypt certificates.
all docker containers are on my Synology NAS. They all have the same ip
ports 443 and 80 are used by webstation on the NAS. I cannot disable that package as other packages are using it.
the swag server is responding on a subdomain using HTTPS on port 4433. The certificate works as expected
Heimdall is also working on HTTPS on port 8081
The Heimdall docker container has the path of swag/config mapped as a volume
How can I tell Heimdall to use the swag certificates?
I can see the nginx folder has an ssl.conf file. Also there is a php/php-local.ini file.
I note that I have zero knowledge about webservers.
In that case, can you please help me with the ports. The defaults of the two files are listed below.
Based on my current port setup (see first post), what do I need to specify in these two files?
heimdall.subfolder.conf
…
set $upstream_port 443;
…
You don’t change either file at all. Depending on how you want Heimdall to be reached either rename heimdall.subdomain.conf.sampleorheimdall.subdirectory.conf.sample to remove the .sample then restart the swag container.
thanks.
Does it hurt that I am using a public DNS (Cloudflare)?
I understand that I need a CNAME record for each subdomain and it should point to my domain. See screenshot
As I mentioned in my initial post, port 443 is used by my Synology NAS and not by Swag. I now switched to using the reverse proxy of Synology which is working just fine.
I use a mixture of Cloudflare for DNS for subdomains I want to be available outside my network, and Pi-hole local DNS CNAME entries for subdomains I only want to have access to from inside my network.