Securely Accessing Self-Hosted Apps

hi all!

I’m going to be building a machine for self-hosting soon and I’m trying to work out how the various apps will be accessed. I have my own domain and ideally I’d be able to start up an app from a docker image, assign it a custom domain, and then access the app through the custom domain with an https connection. I’m also curious about optionally setting a single shared password for granting access.

Perhaps nginx is sufficient for this? I’m not too familiar with nginx. I’ve also come across zerotier and tailscale, though I’m not certain that those are the right fit.

Just looking to be pointed in the right direction thanks!!

nginx digest auth or basic auth with a strong password is fine for a lot of cases, but configuring nginx is a bit error-prone.

A word of caution: if you want to use phone apps with your web services they won’t always be compatible with those modes of authentication. Pubsub-type things will also break.

A lot of the applications I run are written by hobbyists in PHP, so making certain they can’t be accessed without going through nginx first gives me peace of mind.

Just a general tip: never create an auth system from scratch. It’s never worth it hahah ^^