(Updated Video In Description) How To Setup ACME, Let's Encrypt, and HAProxy HTTPS on pfsense

Видео о том, как сложным способом делать простые вещи.

Where can I find a tutorial for this but with cloudflare and without exposing to public internet?

3 years later and this is still great! Thanks a lot!

Just making sure, can this be used to provide a let's encrypt certificate to an internal PBX server such as FreePBX?

I purchased a domain at Namecheap and then tried to activate the api to do the items described in your video. It let me use test in a sandbox but when I tried to go live it said my account was too small to use the api. Any suggestions for a free/super cheap registrar and dns host for a home/lab user? - Thanks.

I've just setup Nginx Proxy Manager (NPM) in a docker container, have it all working, and am in the process of copying the hosts from my HAProxy config (provided by pfsense) to NPM. I'm finding NPM a lot faster to add and manage the configuration. Hopefully I don't find issues or loss in functionality (I'll run the concurrently at least for a while).

why exactly is it a bad idea to expose your NAS? wouldn't this be one of the applications as it lets me access my files from anywhere? and since the NAS has its own login, there shouldn't be any way to access data if you aren't authorized right?

Can I set reverse proxy but only for local use not open to internet with haproxy ?

I wasn't able to get through the entire video yet. Is there any mention of how to stop people from outside your network accessing certain proxies? Basically, I don't want to let people outside my local network access TrueNAS.

How are you able to passthrough your public IP to the WAN interface? What I see on the front end is the same public IP that you set in Digital Ocean. For me I only see the IP assigned by my cable modem. Is there an option to set that or pass it through?

... hi hi.
I have my pfSense setup current to work with CloudFlare and using a lets encrypt cert.
due to various reasons I need to change my domain. I already bought the new domain from Google and already created/added it to my CF profile and updated the domain on google's side to use the CF NS's.
know this is prob a bit of the beaten track, but any chance you can do a video... showing whats additional to be added or changed to accommodate this use case.

If you are using cloudflair you need to make sure you set Your SSL/TLS encryption mode to "Full". this is under Domian > SSL/TLS > Overview

great video, head still spinning a little. slick as snot when it gets up and runs. thank you again for taking the time to make your videos. learned so much.

love the hl2 reference with nova prospekt

PLEASE make a video how to setup pfsense with haproxy and synology behind with all the services working.

Hi Tom i hope you are having a great Saturday. The question i have is do you have have to do port forwarding to the backend server or just added to the proxy backend?

what that all domain is private network ? or public

what that all domain is private network ? or public

I Have followed the video but I am having one problem whenever I try to access the sites I get redirected to the HAProxy stats page on all the domains

This video provided that "ah-ha" moment that I needed for my wildcard cert to work in haproxy. Now I can move away from my other load balancer / reverse proxy tool that I have been using and centralize on pfSense.

Thank you!