Hosting local https with trusted cert from Cloudflare with NPM¶
This is really just a helluva lot easier than what you need to do with Caddy.
Configure Cloudlfare DNS¶
Go to your DNS records in cloudflare and create an A record with a wild card to take care of all apps. Something like *.local. Determine the local IP address of your server. You can use ifconfig, or look at your router settings to find what the local IP is for that particular device. For Proxy status just do DNS only.
Cloudlfare API Key¶
In the search, type API, go to User Api Tokens and create a new token. Use the Edit zone DNS template. Now choose the specific zone. Get the token and copy it.
Nginx Proxy Manager¶
Add a new proxy host. Add the domain you want to use, i.e. immich.local.mydomain.com. Select http, the server IP address, and port. Select Block common exploits and websockets support.
For SSL, choose request a new SSL certificate.
Select Force SSL, and select Use a DNS Challenge. Choose your DNS provider (Cloudflare), then paste in your api key.
Boom! You're done!
Using domain that only works when using Tailscale.¶
Follow the same steps but also install tailscale on the server and get the tail node IP address and use that in your A record instead.