Symfony Profiler

Query Metrics

1 Database Queries

1 Different statements

30.13 ms Query time

0 Invalid entities

0 Cache hits

0 Cache misses

0 Cache puts

Queries

Group similar statements

#▲	Time	Info
1	30.13 ms	INSERT INTO messenger_messages (body, headers, queue_name, created_at, available_at) VALUES(?, ?, ?, ?, ?) Parameters: ["{"payload":"{\"@context\":[\"https:\/\/join-lemmy.org\/context.json\",\"https:\/\/www.w3.org\/ns\/activitystreams\"],\"actor\":\"https:\/\/lemmy.world\/c\/selfhosted\",\"to\":[\"https:\/\/www.w3.org\/ns\/activitystreams#Public\"],\"object\":{\"id\":\"https:\/\/lemmy.zip\/activities\/update\/4c40b933-106f-4c48-a618-fb30e279ffab\",\"actor\":\"https:\/\/lemmy.zip\/u\/TheHobbyist\",\"@context\":[\"https:\/\/join-lemmy.org\/context.json\",\"https:\/\/www.w3.org\/ns\/activitystreams\"],\"to\":[\"https:\/\/www.w3.org\/ns\/activitystreams#Public\"],\"object\":{\"type\":\"Page\",\"id\":\"https:\/\/lemmy.zip\/post\/50308536\",\"attributedTo\":\"https:\/\/lemmy.zip\/u\/TheHobbyist\",\"to\":[\"https:\/\/lemmy.world\/c\/selfhosted\",\"https:\/\/www.w3.org\/ns\/activitystreams#Public\"],\"name\":\"[question] Help me access my local homeserver using a public domain name\",\"cc\":[],\"content\":\"<p>Hi folks,<\/p>\\n<p>TL;DR: my remaining issue seems to be firefox specific, I\u2019ve otherwise made it work on other browsers and other devices, so I\u2019ll consider this issue resolved. Thank you very much for all your replies and help! (Edit, this was also solved now in EDIT-4).<\/p>\\n<p>I\u2019m trying to setup HTTPS for my local services on my home network. I\u2019m gotten a domain name <code>mydomain.tld<\/code> and my homeserver is running at home on let\u2019s say 192.168.10.20. I\u2019ve setup Nginx Proxy Manager and I can access it using its local ip address as I\u2019ve forwarded ports 80 and 443 to it.\\nHence, when I navigate on my computer to <code>http:\/\/192.168.10.20\/<\/code> I am greeted with the NPM default Congratulations screen confirming that it\u2019s reachable. Great!<\/p>\\n<p>Next, I\u2019ve setup an A record on my registrar pointing to <code>192.168.10.20<\/code>. I think I\u2019ve been able to confirm this works because when I check on an online DNS lookup tool like <code>https:\/\/centralops.net\/CO\/Traceroute<\/code> as it says <code>192.168.10.20 is a special address that is not allowed for this tool.<\/code>. Great!<\/p>\\n<p>Now, what I\u2019m having trouble with, is the following: make it such that when I navigate to <code>http:\/\/mydomain.tld\/<\/code> I get to the NPM welcome screen at <code>http:\/\/192.168.10.20\/<\/code>. When I try this, I\u2019m getting the firefox message:<\/p>\\n<pre style=\\\"background-color:#ffffff;\\\">\\n<span style=\\\"color:#323232;\\\">Hmm. We\u2019re having trouble finding that site.\\n<\/span><span style=\\\"color:#323232;\\\">We can\u2019t connect to the server at mydomain.tld.\\n<\/span><\/pre>\\n<p>Strangely, whenever I try to navigate to <code>http:\/\/mydomain.tld\/<\/code> it redirects me to <code>https:\/\/mydomain.tld\/<\/code>, so I\u2019ve tried solving this using a certificate, using the DNS-01 challenge from NPM, and setting up a reverse proxy from <code>https:\/\/mydomain.tld\/<\/code> to <code>http:\/\/192.168.10.20\/<\/code> and with the wildcard certificate from the challenge, but it hasn\u2019t changed anything.<\/p>\\n<p>I\u2019m unsure how to keep debugging from here? Any advice or help? I\u2019m clearly missing something in my understanding of how this works. Thanks!<\/p>\\n<p>EDIT: It seems several are confused by my use of internal IP addresses in this way, yes it is entirely possible. There are multiple people reporting to use exactly this kind of setup, <a href=\\\"https:\/\/security.stackexchange.com\/a\/174743\\\" rel=\\\"nofollow\\\">here<\/a> <a href=\\\"https:\/\/security.stackexchange.com\/a\/121187\\\" rel=\\\"nofollow\\\">are<\/a> <a href=\\\"https:\/\/notthebe.ee\/blog\/easy-ssl-in-homelab-dns01\/\\\" rel=\\\"nofollow\\\">some<\/a> <a href=\\\"https:\/\/old.reddit.com\/r\/Traefik\/comments\/n6mk92\/how_do_i_setup_dns_challenge_for_lan_https\/\\\" rel=\\\"nofollow\\\">examples<\/a>.<\/p>\\n<p>EDIT-2: I\u2019ve made progress. It seems I\u2019m having two issues simultaneously. First one was that I was trying to test my NPM instance by attempting to reach the Congratulations page, served on port 80. That in itself was not working as it ended in an infinite-loop resolving loop, so trying to instead expose the admin page, default port 81, seems to work in some cases. And that\u2019s due to the next issue, which is that on some browsers \/ with some DNS, the endpoint can be reached but not on others. For some reason I\u2019m unable to make it work on Firefox, but on Chromium (or even on Vanadium on my phone), it works just fine. I\u2019m still trying to understand what\u2019s preventing it from working on Firefox, I\u2019ve attempted multiple DNS settings, but it seems there\u2019s something else at play as well.<\/p>\\n<p>EDIT-3: While I have not made it work in all situations I wanted, I will consider this \u201csolved\u201d, because I believe the remaining issue is a Firefox-specific one. My errors so far, which I\u2019ve addressed are that I could not attempt at exposing the NPM congratulations page which was shown on port 80, because it lead to a resolution loop. Exposing the actual admin page on port 81 was a more realistic test to verify whether it worked. Then, setting up the forwarding of that page using something like <code>https:\/\/npm.mydomain.tld\/<\/code> and linking that to the internal IP address of my NPM instance, and port 81, while using the wildcard certificate for my public domain was then necessary. Finally, I was testing exclusively on Firefox. While I also made no progress when using <code>dig<\/code>, <code>curl<\/code> or <code>host<\/code>, as suggested in the commends (which are still useful tools in general!) I managed to access my NPM admin page using other browsers and other devices, all from my home network (the only use-case I was interested in). I\u2019ll keep digging to figure out what specific issue remains with my Firefox, I\u2019ve verified multiple things, from changing the DNS on firefox (seems not to work, showing <code>Status: Not active (TRR_BAD_URL)<\/code> in the firefox DNS page (e.g. with base.dns.mullvad.dns). Yet LibreWolf works just fine when changing DNS. Go figure\u2026<\/p>\\n<p>EDIT-4: I have now solved it in firefox too, thanks to @non_burglar@lemmy.world! So it turns out, firefox has setup a validation system for DNS settings, called TRR. You can read more about it here: <a href=\\\"https:\/\/wiki.mozilla.org\/Trusted_Recursive_Resolver\\\">wiki.mozilla.org\/Trusted_Recursive_Resolver<\/a> Firefox has a number of TRR configurations, preventing the complete customization of DNS, but also with specific defaults that prevent my use-case. By opening up the firefox config page at about:config, search for <code>network.trr.allow-rfc1918<\/code> and set it to <code>true<\/code>. This now solved it for me. This allows the resolution of local IP addresses. You can read more about RFC1918 here: <a href=\\\"https:\/\/datatracker.ietf.org\/doc\/html\/rfc1918\\\">datatracker.ietf.org\/doc\/html\/rfc1918<\/a>\\nI\u2019ll probably still look to actually make other DNS usable, such as <code>base.dns.mullvad.net<\/code> which is impossible to use on Firefox by default\u2026<\/p>\\n\",\"mediaType\":\"text\/html\",\"source\":{\"content\":\"Hi folks,\\n\\nTL;DR: my remaining issue seems to be firefox specific, I've otherwise made it work on other browsers and other devices, so I'll consider this issue resolved. Thank you very much for all your replies and help! (Edit, this was also solved now in EDIT-4).\\n\\nI'm trying to setup HTTPS for my local services on my home network. I'm gotten a domain name `mydomain.tld` and my homeserver is running at home on let's say 192.168.10.20. I've setup Nginx Proxy Manager and I can access it using its local ip address as I've forwarded ports 80 and 443 to it.\\nHence, when I navigate on my computer to `http:\/\/192.168.10.20\/` I am greeted with the NPM default Congratulations screen confirming that it's reachable. Great!\\n\\nNext, I've setup an A record on my registrar pointing to `192.168.10.20`. I think I've been able to confirm this works because when I check on an online DNS lookup tool like `https:\/\/centralops.net\/CO\/Traceroute` as it says `192.168.10.20 is a special address that is not allowed for this tool.`. Great!\\n\\nNow, what I'm having trouble with, is the following: make it such that when I navigate to `http:\/\/mydomain.tld\/` I get to the NPM welcome screen at `http:\/\/192.168.10.20\/`. When I try this, I'm getting the firefox message:\\n```\\nHmm. We\u2019re having trouble finding that site.\\nWe can\u2019t connect to the server at mydomain.tld.\\n```\\n\\nStrangely, whenever I try to navigate to `http:\/\/mydomain.tld\/` it redirects me to `https:\/\/mydomain.tld\/`, so I've tried solving this using a certificate, using the DNS-01 challenge from NPM, and setting up a reverse proxy from `https:\/\/mydomain.tld\/` to `http:\/\/192.168.10.20\/` and with the wildcard certificate from the challenge, but it hasn't changed anything.\\n\\nI'm unsure how to keep debugging from here? Any advice or help? I'm clearly missing something in my understanding of how this works. Thanks!\\n\\nEDIT: It seems several are confused by my use of internal IP addresses in this way, yes it is entirely possible. There are multiple people reporting to use exactly this kind of setup, [here](https:\/\/security.stackexchange.com\/a\/174743) [are](https:\/\/security.stackexchange.com\/a\/121187) [some](https:\/\/notthebe.ee\/blog\/easy-ssl-in-homelab-dns01\/) [examples](https:\/\/old.reddit.com\/r\/Traefik\/comments\/n6mk92\/how_do_i_setup_dns_challenge_for_lan_https\/).\\n\\nEDIT-2: I've made progress. It seems I'm having two issues simultaneously. First one was that I was trying to test my NPM instance by attempting to reach the Congratulations page, served on port 80. That in itself was not working as it ended in an infinite-loop resolving loop, so trying to instead expose the admin page, default port 81, seems to work in some cases. And that's due to the next issue, which is that on some browsers \/ with some DNS, the endpoint can be reached but not on others. For some reason I'm unable to make it work on Firefox, but on Chromium (or even on Vanadium on my phone), it works just fine. I'm still trying to understand what's preventing it from working on Firefox, I've attempted multiple DNS settings, but it seems there's something else at play as well.\\n\\nEDIT-3: While I have not made it work in all situations I wanted, I will consider this \\\"solved\\\", because I believe the remaining issue is a Firefox-specific one. My errors so far, which I've addressed are that I could not attempt at exposing the NPM congratulations page which was shown on port 80, because it lead to a resolution loop. Exposing the actual admin page on port 81 was a more realistic test to verify whether it worked. Then, setting up the forwarding of that page using something like `https:\/\/npm.mydomain.tld\/` and linking that to the internal IP address of my NPM instance, and port 81, while using the wildcard certificate for my public domain was then necessary. Finally, I was testing exclusively on Firefox. While I also made no progress when using `dig`, `curl` or `host`, as suggested in the commends (which are still useful tools in general!) I managed to access my NPM admin page using other browsers and other devices, all from my home network (the only use-case I was interested in). I'll keep digging to figure out what specific issue remains with my Firefox, I've verified multiple things, from changing the DNS on firefox (seems not to work, showing `Status: Not active (TRR_BAD_URL)` in the firefox DNS page (e.g. with base.dns.mullvad.dns). Yet LibreWolf works just fine when changing DNS. Go figure...\\n\\nEDIT-4: I have now solved it in firefox too, thanks to @non_burglar@lemmy.world! So it turns out, firefox has setup a validation system for DNS settings, called TRR. You can read more about it here: https:\/\/wiki.mozilla.org\/Trusted_Recursive_Resolver Firefox has a number of TRR configurations, preventing the complete customization of DNS, but also with specific defaults that prevent my use-case. By opening up the firefox config page at about:config, search for `network.trr.allow-rfc1918` and set it to `true`. This now solved it for me. This allows the resolution of local IP addresses. You can read more about RFC1918 here: https:\/\/datatracker.ietf.org\/doc\/html\/rfc1918\\nI'll probably still look to actually make other DNS usable, such as `base.dns.mullvad.net` which is impossible to use on Firefox by default...\",\"mediaType\":\"text\/markdown\"},\"attachment\":[],\"sensitive\":false,\"published\":\"2025-10-05T10:13:48.849177Z\",\"updated\":\"2025-10-05T16:37:08.878457Z\",\"language\":{\"identifier\":\"en\",\"name\":\"English\"},\"audience\":\"https:\/\/lemmy.world\/c\/selfhosted\",\"tag\":[{\"href\":\"https:\/\/lemmy.zip\/post\/50308536\",\"name\":\"#selfhosted\",\"type\":\"Hashtag\"}]},\"cc\":[\"https:\/\/lemmy.world\/c\/selfhosted\"],\"type\":\"Update\",\"audience\":\"https:\/\/lemmy.world\/c\/selfhosted\"},\"cc\":[\"https:\/\/lemmy.world\/c\/selfhosted\/followers\"],\"type\":\"Announce\",\"id\":\"https:\/\/lemmy.world\/activities\/announce\/update\/8a857aa9-bf47-4f18-a23e-bdd59147bf90\"}","request":{"host":"kbin.spritesserver.nl","method":"POST","uri":"\/f\/inbox","client_ip":"135.181.143.221"},"headers":{"content-type":["application\/activity+json"],"host":["kbin.spritesserver.nl"],"date":["Sun, 05 Oct 2025 16:37:39 GMT"],"digest":["SHA-256=8Mp5PR8p\/+E3QOOhdV3QRywB1Umm6uoxXttgiPYL0po="],"signature":["keyId=\"https:\/\/lemmy.world\/c\/selfhosted#main-key\",algorithm=\"hs2019\",headers=\"(request-target) content-type date digest host\",signature=\"LYBDICbkSHHM0ALxTSAYWhjUfIVKsMjxqoQDYpjSK2O2S4nqMfyVJv+91NH0T1LZ8oW\/Q6XdybZRDktkRhyU0RPW6foQDeZYsKvnzoq5GwhLynUvu7tF8cepZ6UptQSECJa+YVu4VsTrCm1ZMH1v1dUHT8v2TS9aL+k792oac7vO\/7z8nMfZbwRM7+dP89frkw8fY3IM8GiXMAb4w6n8C8gQids9rlCnaJPa\/MatFGboSH\/Kk38B656IleWONfr6Id3ibEN0tp4QjjjVGpOFFr3RDeUdAx09dv3IJQzDNLhu0e2IFH55c0mJfgbwH1TSnlwj0ZPU7d7k7dBbu1OjyA==\""],"traceparent":["00-012b7c0c37ce9fa5644a2dd789ec7ee5-875008e5e21d7f32-01"],"tracestate":[""],"accept":["\/"],"user-agent":["Lemmy\/0.19.12-4-gd8445881a; +https:\/\/lemmy.world"],"accept-encoding":["gzip"],"content-length":["12675"],"x-php-ob-level":["1"]}}" "{"type":"App\\Message\\ActivityPub\\Inbox\\ActivityMessage","X-Message-Stamp-Symfony\\Component\\Messenger\\Stamp\\BusNameStamp":"[{\"busName\":\"messenger.bus.default\"}]","Content-Type":"application\/json"}" "default" "2025-10-05 16:37:39" "2025-10-05 16:37:39"] View formatted query View runnable query Explain query INSERT INTO messenger_messages ( body, headers, queue_name, created_at, available_at ) VALUES (?, ?, ?, ?, ?) INSERT INTO messenger_messages (body, headers, queue_name, created_at, available_at) VALUES('{\"payload\":\"{\\\"@context\\\":[\\\"https:\\/\\/join-lemmy.org\\/context.json\\\",\\\"https:\\/\\/www.w3.org\\/ns\\/activitystreams\\\"],\\\"actor\\\":\\\"https:\\/\\/lemmy.world\\/c\\/selfhosted\\\",\\\"to\\\":[\\\"https:\\/\\/www.w3.org\\/ns\\/activitystreams#Public\\\"],\\\"object\\\":{\\\"id\\\":\\\"https:\\/\\/lemmy.zip\\/activities\\/update\\/4c40b933-106f-4c48-a618-fb30e279ffab\\\",\\\"actor\\\":\\\"https:\\/\\/lemmy.zip\\/u\\/TheHobbyist\\\",\\\"@context\\\":[\\\"https:\\/\\/join-lemmy.org\\/context.json\\\",\\\"https:\\/\\/www.w3.org\\/ns\\/activitystreams\\\"],\\\"to\\\":[\\\"https:\\/\\/www.w3.org\\/ns\\/activitystreams#Public\\\"],\\\"object\\\":{\\\"type\\\":\\\"Page\\\",\\\"id\\\":\\\"https:\\/\\/lemmy.zip\\/post\\/50308536\\\",\\\"attributedTo\\\":\\\"https:\\/\\/lemmy.zip\\/u\\/TheHobbyist\\\",\\\"to\\\":[\\\"https:\\/\\/lemmy.world\\/c\\/selfhosted\\\",\\\"https:\\/\\/www.w3.org\\/ns\\/activitystreams#Public\\\"],\\\"name\\\":\\\"[question] Help me access my local homeserver using a public domain name\\\",\\\"cc\\\":[],\\\"content\\\":\\\"<p>Hi folks,<\\/p>\\\\n<p>TL;DR: my remaining issue seems to be firefox specific, I\\u2019ve otherwise made it work on other browsers and other devices, so I\\u2019ll consider this issue resolved. Thank you very much for all your replies and help! (Edit, this was also solved now in EDIT-4).<\\/p>\\\\n<p>I\\u2019m trying to setup HTTPS for my local services on my home network. I\\u2019m gotten a domain name <code>mydomain.tld<\\/code> and my homeserver is running at home on let\\u2019s say 192.168.10.20. I\\u2019ve setup Nginx Proxy Manager and I can access it using its local ip address as I\\u2019ve forwarded ports 80 and 443 to it.\\\\nHence, when I navigate on my computer to <code>http:\\/\\/192.168.10.20\\/<\\/code> I am greeted with the NPM default Congratulations screen confirming that it\\u2019s reachable. Great!<\\/p>\\\\n<p>Next, I\\u2019ve setup an A record on my registrar pointing to <code>192.168.10.20<\\/code>. I think I\\u2019ve been able to confirm this works because when I check on an online DNS lookup tool like <code>https:\\/\\/centralops.net\\/CO\\/Traceroute<\\/code> as it says <code>192.168.10.20 is a special address that is not allowed for this tool.<\\/code>. Great!<\\/p>\\\\n<p>Now, what I\\u2019m having trouble with, is the following: make it such that when I navigate to <code>http:\\/\\/mydomain.tld\\/<\\/code> I get to the NPM welcome screen at <code>http:\\/\\/192.168.10.20\\/<\\/code>. When I try this, I\\u2019m getting the firefox message:<\\/p>\\\\n<pre style=\\\\\\\"background-color:#ffffff;\\\\\\\">\\\\n<span style=\\\\\\\"color:#323232;\\\\\\\">Hmm. We\\u2019re having trouble finding that site.\\\\n<\\/span><span style=\\\\\\\"color:#323232;\\\\\\\">We can\\u2019t connect to the server at mydomain.tld.\\\\n<\\/span><\\/pre>\\\\n<p>Strangely, whenever I try to navigate to <code>http:\\/\\/mydomain.tld\\/<\\/code> it redirects me to <code>https:\\/\\/mydomain.tld\\/<\\/code>, so I\\u2019ve tried solving this using a certificate, using the DNS-01 challenge from NPM, and setting up a reverse proxy from <code>https:\\/\\/mydomain.tld\\/<\\/code> to <code>http:\\/\\/192.168.10.20\\/<\\/code> and with the wildcard certificate from the challenge, but it hasn\\u2019t changed anything.<\\/p>\\\\n<p>I\\u2019m unsure how to keep debugging from here? Any advice or help? I\\u2019m clearly missing something in my understanding of how this works. Thanks!<\\/p>\\\\n<p>EDIT: It seems several are confused by my use of internal IP addresses in this way, yes it is entirely possible. There are multiple people reporting to use exactly this kind of setup, <a href=\\\\\\\"https:\\/\\/security.stackexchange.com\\/a\\/174743\\\\\\\" rel=\\\\\\\"nofollow\\\\\\\">here<\\/a> <a href=\\\\\\\"https:\\/\\/security.stackexchange.com\\/a\\/121187\\\\\\\" rel=\\\\\\\"nofollow\\\\\\\">are<\\/a> <a href=\\\\\\\"https:\\/\\/notthebe.ee\\/blog\\/easy-ssl-in-homelab-dns01\\/\\\\\\\" rel=\\\\\\\"nofollow\\\\\\\">some<\\/a> <a href=\\\\\\\"https:\\/\\/old.reddit.com\\/r\\/Traefik\\/comments\\/n6mk92\\/how_do_i_setup_dns_challenge_for_lan_https\\/\\\\\\\" rel=\\\\\\\"nofollow\\\\\\\">examples<\\/a>.<\\/p>\\\\n<p>EDIT-2: I\\u2019ve made progress. It seems I\\u2019m having two issues simultaneously. First one was that I was trying to test my NPM instance by attempting to reach the Congratulations page, served on port 80. That in itself was not working as it ended in an infinite-loop resolving loop, so trying to instead expose the admin page, default port 81, seems to work in some cases. And that\\u2019s due to the next issue, which is that on some browsers \\/ with some DNS, the endpoint can be reached but not on others. For some reason I\\u2019m unable to make it work on Firefox, but on Chromium (or even on Vanadium on my phone), it works just fine. I\\u2019m still trying to understand what\\u2019s preventing it from working on Firefox, I\\u2019ve attempted multiple DNS settings, but it seems there\\u2019s something else at play as well.<\\/p>\\\\n<p>EDIT-3: While I have not made it work in all situations I wanted, I will consider this \\u201csolved\\u201d, because I believe the remaining issue is a Firefox-specific one. My errors so far, which I\\u2019ve addressed are that I could not attempt at exposing the NPM congratulations page which was shown on port 80, because it lead to a resolution loop. Exposing the actual admin page on port 81 was a more realistic test to verify whether it worked. Then, setting up the forwarding of that page using something like <code>https:\\/\\/npm.mydomain.tld\\/<\\/code> and linking that to the internal IP address of my NPM instance, and port 81, while using the wildcard certificate for my public domain was then necessary. Finally, I was testing exclusively on Firefox. While I also made no progress when using <code>dig<\\/code>, <code>curl<\\/code> or <code>host<\\/code>, as suggested in the commends (which are still useful tools in general!) I managed to access my NPM admin page using other browsers and other devices, all from my home network (the only use-case I was interested in). I\\u2019ll keep digging to figure out what specific issue remains with my Firefox, I\\u2019ve verified multiple things, from changing the DNS on firefox (seems not to work, showing <code>Status: Not active (TRR_BAD_URL)<\\/code> in the firefox DNS page (e.g. with base.dns.mullvad.dns). Yet LibreWolf works just fine when changing DNS. Go figure\\u2026<\\/p>\\\\n<p>EDIT-4: I have now solved it in firefox too, thanks to @non_burglar@lemmy.world! So it turns out, firefox has setup a validation system for DNS settings, called TRR. You can read more about it here: <a href=\\\\\\\"https:\\/\\/wiki.mozilla.org\\/Trusted_Recursive_Resolver\\\\\\\">wiki.mozilla.org\\/Trusted_Recursive_Resolver<\\/a> Firefox has a number of TRR configurations, preventing the complete customization of DNS, but also with specific defaults that prevent my use-case. By opening up the firefox config page at about:config, search for <code>network.trr.allow-rfc1918<\\/code> and set it to <code>true<\\/code>. This now solved it for me. This allows the resolution of local IP addresses. You can read more about RFC1918 here: <a href=\\\\\\\"https:\\/\\/datatracker.ietf.org\\/doc\\/html\\/rfc1918\\\\\\\">datatracker.ietf.org\\/doc\\/html\\/rfc1918<\\/a>\\\\nI\\u2019ll probably still look to actually make other DNS usable, such as <code>base.dns.mullvad.net<\\/code> which is impossible to use on Firefox by default\\u2026<\\/p>\\\\n\\\",\\\"mediaType\\\":\\\"text\\/html\\\",\\\"source\\\":{\\\"content\\\":\\\"Hi folks,\\\\n\\\\nTL;DR: my remaining issue seems to be firefox specific, I\'ve otherwise made it work on other browsers and other devices, so I\'ll consider this issue resolved. Thank you very much for all your replies and help! (Edit, this was also solved now in EDIT-4).\\\\n\\\\nI\'m trying to setup HTTPS for my local services on my home network. I\'m gotten a domain name `mydomain.tld` and my homeserver is running at home on let\'s say 192.168.10.20. I\'ve setup Nginx Proxy Manager and I can access it using its local ip address as I\'ve forwarded ports 80 and 443 to it.\\\\nHence, when I navigate on my computer to `http:\\/\\/192.168.10.20\\/` I am greeted with the NPM default Congratulations screen confirming that it\'s reachable. Great!\\\\n\\\\nNext, I\'ve setup an A record on my registrar pointing to `192.168.10.20`. I think I\'ve been able to confirm this works because when I check on an online DNS lookup tool like `https:\\/\\/centralops.net\\/CO\\/Traceroute` as it says `192.168.10.20 is a special address that is not allowed for this tool.`. Great!\\\\n\\\\nNow, what I\'m having trouble with, is the following: make it such that when I navigate to `http:\\/\\/mydomain.tld\\/` I get to the NPM welcome screen at `http:\\/\\/192.168.10.20\\/`. When I try this, I\'m getting the firefox message:\\\\n```\\\\nHmm. We\\u2019re having trouble finding that site.\\\\nWe can\\u2019t connect to the server at mydomain.tld.\\\\n```\\\\n\\\\nStrangely, whenever I try to navigate to `http:\\/\\/mydomain.tld\\/` it redirects me to `https:\\/\\/mydomain.tld\\/`, so I\'ve tried solving this using a certificate, using the DNS-01 challenge from NPM, and setting up a reverse proxy from `https:\\/\\/mydomain.tld\\/` to `http:\\/\\/192.168.10.20\\/` and with the wildcard certificate from the challenge, but it hasn\'t changed anything.\\\\n\\\\nI\'m unsure how to keep debugging from here? Any advice or help? I\'m clearly missing something in my understanding of how this works. Thanks!\\\\n\\\\nEDIT: It seems several are confused by my use of internal IP addresses in this way, yes it is entirely possible. There are multiple people reporting to use exactly this kind of setup, [here](https:\\/\\/security.stackexchange.com\\/a\\/174743) [are](https:\\/\\/security.stackexchange.com\\/a\\/121187) [some](https:\\/\\/notthebe.ee\\/blog\\/easy-ssl-in-homelab-dns01\\/) [examples](https:\\/\\/old.reddit.com\\/r\\/Traefik\\/comments\\/n6mk92\\/how_do_i_setup_dns_challenge_for_lan_https\\/).\\\\n\\\\nEDIT-2: I\'ve made progress. It seems I\'m having two issues simultaneously. First one was that I was trying to test my NPM instance by attempting to reach the Congratulations page, served on port 80. That in itself was not working as it ended in an infinite-loop resolving loop, so trying to instead expose the admin page, default port 81, seems to work in some cases. And that\'s due to the next issue, which is that on some browsers \\/ with some DNS, the endpoint can be reached but not on others. For some reason I\'m unable to make it work on Firefox, but on Chromium (or even on Vanadium on my phone), it works just fine. I\'m still trying to understand what\'s preventing it from working on Firefox, I\'ve attempted multiple DNS settings, but it seems there\'s something else at play as well.\\\\n\\\\nEDIT-3: While I have not made it work in all situations I wanted, I will consider this \\\\\\\"solved\\\\\\\", because I believe the remaining issue is a Firefox-specific one. My errors so far, which I\'ve addressed are that I could not attempt at exposing the NPM congratulations page which was shown on port 80, because it lead to a resolution loop. Exposing the actual admin page on port 81 was a more realistic test to verify whether it worked. Then, setting up the forwarding of that page using something like `https:\\/\\/npm.mydomain.tld\\/` and linking that to the internal IP address of my NPM instance, and port 81, while using the wildcard certificate for my public domain was then necessary. Finally, I was testing exclusively on Firefox. While I also made no progress when using `dig`, `curl` or `host`, as suggested in the commends (which are still useful tools in general!) I managed to access my NPM admin page using other browsers and other devices, all from my home network (the only use-case I was interested in). I\'ll keep digging to figure out what specific issue remains with my Firefox, I\'ve verified multiple things, from changing the DNS on firefox (seems not to work, showing `Status: Not active (TRR_BAD_URL)` in the firefox DNS page (e.g. with base.dns.mullvad.dns). Yet LibreWolf works just fine when changing DNS. Go figure...\\\\n\\\\nEDIT-4: I have now solved it in firefox too, thanks to @non_burglar@lemmy.world! So it turns out, firefox has setup a validation system for DNS settings, called TRR. You can read more about it here: https:\\/\\/wiki.mozilla.org\\/Trusted_Recursive_Resolver Firefox has a number of TRR configurations, preventing the complete customization of DNS, but also with specific defaults that prevent my use-case. By opening up the firefox config page at about:config, search for `network.trr.allow-rfc1918` and set it to `true`. This now solved it for me. This allows the resolution of local IP addresses. You can read more about RFC1918 here: https:\\/\\/datatracker.ietf.org\\/doc\\/html\\/rfc1918\\\\nI\'ll probably still look to actually make other DNS usable, such as `base.dns.mullvad.net` which is impossible to use on Firefox by default...\\\",\\\"mediaType\\\":\\\"text\\/markdown\\\"},\\\"attachment\\\":[],\\\"sensitive\\\":false,\\\"published\\\":\\\"2025-10-05T10:13:48.849177Z\\\",\\\"updated\\\":\\\"2025-10-05T16:37:08.878457Z\\\",\\\"language\\\":{\\\"identifier\\\":\\\"en\\\",\\\"name\\\":\\\"English\\\"},\\\"audience\\\":\\\"https:\\/\\/lemmy.world\\/c\\/selfhosted\\\",\\\"tag\\\":[{\\\"href\\\":\\\"https:\\/\\/lemmy.zip\\/post\\/50308536\\\",\\\"name\\\":\\\"#selfhosted\\\",\\\"type\\\":\\\"Hashtag\\\"}]},\\\"cc\\\":[\\\"https:\\/\\/lemmy.world\\/c\\/selfhosted\\\"],\\\"type\\\":\\\"Update\\\",\\\"audience\\\":\\\"https:\\/\\/lemmy.world\\/c\\/selfhosted\\\"},\\\"cc\\\":[\\\"https:\\/\\/lemmy.world\\/c\\/selfhosted\\/followers\\\"],\\\"type\\\":\\\"Announce\\\",\\\"id\\\":\\\"https:\\/\\/lemmy.world\\/activities\\/announce\\/update\\/8a857aa9-bf47-4f18-a23e-bdd59147bf90\\\"}\",\"request\":{\"host\":\"kbin.spritesserver.nl\",\"method\":\"POST\",\"uri\":\"\\/f\\/inbox\",\"client_ip\":\"135.181.143.221\"},\"headers\":{\"content-type\":[\"application\\/activity+json\"],\"host\":[\"kbin.spritesserver.nl\"],\"date\":[\"Sun, 05 Oct 2025 16:37:39 GMT\"],\"digest\":[\"SHA-256=8Mp5PR8p\\/+E3QOOhdV3QRywB1Umm6uoxXttgiPYL0po=\"],\"signature\":[\"keyId=\\\"https:\\/\\/lemmy.world\\/c\\/selfhosted#main-key\\\",algorithm=\\\"hs2019\\\",headers=\\\"(request-target) content-type date digest host\\\",signature=\\\"LYBDICbkSHHM0ALxTSAYWhjUfIVKsMjxqoQDYpjSK2O2S4nqMfyVJv+91NH0T1LZ8oW\\/Q6XdybZRDktkRhyU0RPW6foQDeZYsKvnzoq5GwhLynUvu7tF8cepZ6UptQSECJa+YVu4VsTrCm1ZMH1v1dUHT8v2TS9aL+k792oac7vO\\/7z8nMfZbwRM7+dP89frkw8fY3IM8GiXMAb4w6n8C8gQids9rlCnaJPa\\/MatFGboSH\\/Kk38B656IleWONfr6Id3ibEN0tp4QjjjVGpOFFr3RDeUdAx09dv3IJQzDNLhu0e2IFH55c0mJfgbwH1TSnlwj0ZPU7d7k7dBbu1OjyA==\\\"\"],\"traceparent\":[\"00-012b7c0c37ce9fa5644a2dd789ec7ee5-875008e5e21d7f32-01\"],\"tracestate\":[\"\"],\"accept\":[\"\\/\"],\"user-agent\":[\"Lemmy\\/0.19.12-4-gd8445881a; +https:\\/\\/lemmy.world\"],\"accept-encoding\":[\"gzip\"],\"content-length\":[\"12675\"],\"x-php-ob-level\":[\"1\"]}}', '{\"type\":\"App\\\\Message\\\\ActivityPub\\\\Inbox\\\\ActivityMessage\",\"X-Message-Stamp-Symfony\\\\Component\\\\Messenger\\\\Stamp\\\\BusNameStamp\":\"[{\\\"busName\\\":\\\"messenger.bus.default\\\"}]\",\"Content-Type\":\"application\\/json\"}', 'default', '2025-10-05 16:37:39', '2025-10-05 16:37:39');

#▲

Time

Info

30.13 ms

INSERT INTO messenger_messages (body, headers, queue_name, created_at, available_at) VALUES(?, ?, ?, ?, ?)

Parameters:

[
  "{"payload":"{\"@context\":[\"https:\/\/join-lemmy.org\/context.json\",\"https:\/\/www.w3.org\/ns\/activitystreams\"],\"actor\":\"https:\/\/lemmy.world\/c\/selfhosted\",\"to\":[\"https:\/\/www.w3.org\/ns\/activitystreams#Public\"],\"object\":{\"id\":\"https:\/\/lemmy.zip\/activities\/update\/4c40b933-106f-4c48-a618-fb30e279ffab\",\"actor\":\"https:\/\/lemmy.zip\/u\/TheHobbyist\",\"@context\":[\"https:\/\/join-lemmy.org\/context.json\",\"https:\/\/www.w3.org\/ns\/activitystreams\"],\"to\":[\"https:\/\/www.w3.org\/ns\/activitystreams#Public\"],\"object\":{\"type\":\"Page\",\"id\":\"https:\/\/lemmy.zip\/post\/50308536\",\"attributedTo\":\"https:\/\/lemmy.zip\/u\/TheHobbyist\",\"to\":[\"https:\/\/lemmy.world\/c\/selfhosted\",\"https:\/\/www.w3.org\/ns\/activitystreams#Public\"],\"name\":\"[question] Help me access my local homeserver using a public domain name\",\"cc\":[],\"content\":\"<p>Hi folks,<\/p>\\n<p>TL;DR: my remaining issue seems to be firefox specific, I\u2019ve otherwise made it work on other browsers and other devices, so I\u2019ll consider this issue resolved. Thank you very much for all your replies and help! (Edit, this was also solved now in EDIT-4).<\/p>\\n<p>I\u2019m trying to setup HTTPS for my local services on my home network. I\u2019m gotten a domain name <code>mydomain.tld<\/code> and my homeserver is running at home on let\u2019s say 192.168.10.20. I\u2019ve setup Nginx Proxy Manager and I can access it using its local ip address as I\u2019ve forwarded ports 80 and 443 to it.\\nHence, when I navigate on my computer to <code>http:\/\/192.168.10.20\/<\/code> I am greeted with the NPM default Congratulations screen confirming that it\u2019s reachable. Great!<\/p>\\n<p>Next, I\u2019ve setup an A record on my registrar pointing to <code>192.168.10.20<\/code>. I think I\u2019ve been able to confirm this works because when I check on an online DNS lookup tool like <code>https:\/\/centralops.net\/CO\/Traceroute<\/code> as it says <code>192.168.10.20 is a special address that is not allowed for this tool.<\/code>. Great!<\/p>\\n<p>Now, what I\u2019m having trouble with, is the following: make it such that when I navigate to <code>http:\/\/mydomain.tld\/<\/code> I get to the NPM welcome screen at <code>http:\/\/192.168.10.20\/<\/code>. When I try this, I\u2019m getting the firefox message:<\/p>\\n<pre style=\\\"background-color:#ffffff;\\\">\\n<span style=\\\"color:#323232;\\\">Hmm. We\u2019re having trouble finding that site.\\n<\/span><span style=\\\"color:#323232;\\\">We can\u2019t connect to the server at mydomain.tld.\\n<\/span><\/pre>\\n<p>Strangely, whenever I try to navigate to <code>http:\/\/mydomain.tld\/<\/code> it redirects me to <code>https:\/\/mydomain.tld\/<\/code>, so I\u2019ve tried solving this using a certificate, using the DNS-01 challenge from NPM, and setting up a reverse proxy from <code>https:\/\/mydomain.tld\/<\/code> to <code>http:\/\/192.168.10.20\/<\/code> and with the wildcard certificate from the challenge, but it hasn\u2019t changed anything.<\/p>\\n<p>I\u2019m unsure how to keep debugging from here? Any advice or help? I\u2019m clearly missing something in my understanding of how this works. Thanks!<\/p>\\n<p>EDIT: It seems several are confused by my use of internal IP addresses in this way, yes it is entirely possible. There are multiple people reporting to use exactly this kind of setup, <a href=\\\"https:\/\/security.stackexchange.com\/a\/174743\\\" rel=\\\"nofollow\\\">here<\/a> <a href=\\\"https:\/\/security.stackexchange.com\/a\/121187\\\" rel=\\\"nofollow\\\">are<\/a> <a href=\\\"https:\/\/notthebe.ee\/blog\/easy-ssl-in-homelab-dns01\/\\\" rel=\\\"nofollow\\\">some<\/a> <a href=\\\"https:\/\/old.reddit.com\/r\/Traefik\/comments\/n6mk92\/how_do_i_setup_dns_challenge_for_lan_https\/\\\" rel=\\\"nofollow\\\">examples<\/a>.<\/p>\\n<p>EDIT-2: I\u2019ve made progress. It seems I\u2019m having two issues simultaneously. First one was that I was trying to test my NPM instance by attempting to reach the Congratulations page, served on port 80. That in itself was not working as it ended in an infinite-loop resolving loop, so trying to instead expose the admin page, default port 81, seems to work in some cases. And that\u2019s due to the next issue, which is that on some browsers \/ with some DNS, the endpoint can be reached but not on others. For some reason I\u2019m unable to make it work on Firefox, but on Chromium (or even on Vanadium on my phone), it works just fine. I\u2019m still trying to understand what\u2019s preventing it from working on Firefox, I\u2019ve attempted multiple DNS settings, but it seems there\u2019s something else at play as well.<\/p>\\n<p>EDIT-3: While I have not made it work in all situations I wanted, I will consider this \u201csolved\u201d, because I believe the remaining issue is a Firefox-specific one. My errors so far, which I\u2019ve addressed are that I could not attempt at exposing the NPM congratulations page which was shown on port 80, because it lead to a resolution loop. Exposing the actual admin page on port 81 was a more realistic test to verify whether it worked. Then, setting up the forwarding of that page using something like <code>https:\/\/npm.mydomain.tld\/<\/code> and linking that to the internal IP address of my NPM instance, and port 81, while using the wildcard certificate for my public domain was then necessary. Finally, I was testing exclusively on Firefox. While I also made no progress when using <code>dig<\/code>, <code>curl<\/code> or <code>host<\/code>, as suggested in the commends (which are still useful tools in general!) I managed to access my NPM admin page using other browsers and other devices, all from my home network (the only use-case I was interested in). I\u2019ll keep digging to figure out what specific issue remains with my Firefox, I\u2019ve verified multiple things, from changing the DNS on firefox (seems not to work, showing <code>Status: Not active (TRR_BAD_URL)<\/code> in the firefox DNS page (e.g. with base.dns.mullvad.dns). Yet LibreWolf works just fine when changing DNS. Go figure\u2026<\/p>\\n<p>EDIT-4: I have now solved it in firefox too, thanks to @non_burglar@lemmy.world! So it turns out, firefox has setup a validation system for DNS settings, called TRR. You can read more about it here: <a href=\\\"https:\/\/wiki.mozilla.org\/Trusted_Recursive_Resolver\\\">wiki.mozilla.org\/Trusted_Recursive_Resolver<\/a> Firefox has a number of TRR configurations, preventing the complete customization of DNS, but also with specific defaults that prevent my use-case. By opening up the firefox config page at about:config, search for <code>network.trr.allow-rfc1918<\/code> and set it to <code>true<\/code>. This now solved it for me. This allows the resolution of local IP addresses. You can read more about RFC1918 here: <a href=\\\"https:\/\/datatracker.ietf.org\/doc\/html\/rfc1918\\\">datatracker.ietf.org\/doc\/html\/rfc1918<\/a>\\nI\u2019ll probably still look to actually make other DNS usable, such as <code>base.dns.mullvad.net<\/code> which is impossible to use on Firefox by default\u2026<\/p>\\n\",\"mediaType\":\"text\/html\",\"source\":{\"content\":\"Hi folks,\\n\\nTL;DR: my remaining issue seems to be firefox specific, I've otherwise made it work on other browsers and other devices, so I'll consider this issue resolved. Thank you very much for all your replies and help! (Edit, this was also solved now in EDIT-4).\\n\\nI'm trying to setup HTTPS for my local services on my home network. I'm gotten a domain name `mydomain.tld` and my homeserver is running at home on let's say 192.168.10.20. I've setup Nginx Proxy Manager and I can access it using its local ip address as I've forwarded ports 80 and 443 to it.\\nHence, when I navigate on my computer to `http:\/\/192.168.10.20\/` I am greeted with the NPM default Congratulations screen confirming that it's reachable. Great!\\n\\nNext, I've setup an A record on my registrar pointing to `192.168.10.20`. I think I've been able to confirm this works because when I check on an online DNS lookup tool like `https:\/\/centralops.net\/CO\/Traceroute` as it says `192.168.10.20 is a special address that is not allowed for this tool.`. Great!\\n\\nNow, what I'm having trouble with, is the following: make it such that when I navigate to `http:\/\/mydomain.tld\/` I get to the NPM welcome screen at `http:\/\/192.168.10.20\/`. When I try this, I'm getting the firefox message:\\n```\\nHmm. We\u2019re having trouble finding that site.\\nWe can\u2019t connect to the server at mydomain.tld.\\n```\\n\\nStrangely, whenever I try to navigate to `http:\/\/mydomain.tld\/` it redirects me to `https:\/\/mydomain.tld\/`, so I've tried solving this using a certificate, using the DNS-01 challenge from NPM, and setting up a reverse proxy from `https:\/\/mydomain.tld\/` to `http:\/\/192.168.10.20\/` and with the wildcard certificate from the challenge, but it hasn't changed anything.\\n\\nI'm unsure how to keep debugging from here? Any advice or help? I'm clearly missing something in my understanding of how this works. Thanks!\\n\\nEDIT: It seems several are confused by my use of internal IP addresses in this way, yes it is entirely possible. There are multiple people reporting to use exactly this kind of setup, [here](https:\/\/security.stackexchange.com\/a\/174743) [are](https:\/\/security.stackexchange.com\/a\/121187) [some](https:\/\/notthebe.ee\/blog\/easy-ssl-in-homelab-dns01\/) [examples](https:\/\/old.reddit.com\/r\/Traefik\/comments\/n6mk92\/how_do_i_setup_dns_challenge_for_lan_https\/).\\n\\nEDIT-2: I've made progress. It seems I'm having two issues simultaneously. First one was that I was trying to test my NPM instance by attempting to reach the Congratulations page, served on port 80. That in itself was not working as it ended in an infinite-loop resolving loop, so trying to instead expose the admin page, default port 81, seems to work in some cases. And that's due to the next issue, which is that on some browsers \/ with some DNS, the endpoint can be reached but not on others. For some reason I'm unable to make it work on Firefox, but on Chromium (or even on Vanadium on my phone), it works just fine. I'm still trying to understand what's preventing it from working on Firefox, I've attempted multiple DNS settings, but it seems there's something else at play as well.\\n\\nEDIT-3: While I have not made it work in all situations I wanted, I will consider this \\\"solved\\\", because I believe the remaining issue is a Firefox-specific one. My errors so far, which I've addressed are that I could not attempt at exposing the NPM congratulations page which was shown on port 80, because it lead to a resolution loop. Exposing the actual admin page on port 81 was a more realistic test to verify whether it worked. Then, setting up the forwarding of that page using something like `https:\/\/npm.mydomain.tld\/` and linking that to the internal IP address of my NPM instance, and port 81, while using the wildcard certificate for my public domain was then necessary. Finally, I was testing exclusively on Firefox. While I also made no progress when using `dig`, `curl` or `host`, as suggested in the commends (which are still useful tools in general!) I managed to access my NPM admin page using other browsers and other devices, all from my home network (the only use-case I was interested in). I'll keep digging to figure out what specific issue remains with my Firefox, I've verified multiple things, from changing the DNS on firefox (seems not to work, showing `Status: Not active (TRR_BAD_URL)` in the firefox DNS page (e.g. with base.dns.mullvad.dns). Yet LibreWolf works just fine when changing DNS. Go figure...\\n\\nEDIT-4: I have now solved it in firefox too, thanks to @non_burglar@lemmy.world! So it turns out, firefox has setup a validation system for DNS settings, called TRR. You can read more about it here: https:\/\/wiki.mozilla.org\/Trusted_Recursive_Resolver Firefox has a number of TRR configurations, preventing the complete customization of DNS, but also with specific defaults that prevent my use-case. By opening up the firefox config page at about:config, search for `network.trr.allow-rfc1918` and set it to `true`. This now solved it for me. This allows the resolution of local IP addresses. You can read more about RFC1918 here: https:\/\/datatracker.ietf.org\/doc\/html\/rfc1918\\nI'll probably still look to actually make other DNS usable, such as `base.dns.mullvad.net` which is impossible to use on Firefox by default...\",\"mediaType\":\"text\/markdown\"},\"attachment\":[],\"sensitive\":false,\"published\":\"2025-10-05T10:13:48.849177Z\",\"updated\":\"2025-10-05T16:37:08.878457Z\",\"language\":{\"identifier\":\"en\",\"name\":\"English\"},\"audience\":\"https:\/\/lemmy.world\/c\/selfhosted\",\"tag\":[{\"href\":\"https:\/\/lemmy.zip\/post\/50308536\",\"name\":\"#selfhosted\",\"type\":\"Hashtag\"}]},\"cc\":[\"https:\/\/lemmy.world\/c\/selfhosted\"],\"type\":\"Update\",\"audience\":\"https:\/\/lemmy.world\/c\/selfhosted\"},\"cc\":[\"https:\/\/lemmy.world\/c\/selfhosted\/followers\"],\"type\":\"Announce\",\"id\":\"https:\/\/lemmy.world\/activities\/announce\/update\/8a857aa9-bf47-4f18-a23e-bdd59147bf90\"}","request":{"host":"kbin.spritesserver.nl","method":"POST","uri":"\/f\/inbox","client_ip":"135.181.143.221"},"headers":{"content-type":["application\/activity+json"],"host":["kbin.spritesserver.nl"],"date":["Sun, 05 Oct 2025 16:37:39 GMT"],"digest":["SHA-256=8Mp5PR8p\/+E3QOOhdV3QRywB1Umm6uoxXttgiPYL0po="],"signature":["keyId=\"https:\/\/lemmy.world\/c\/selfhosted#main-key\",algorithm=\"hs2019\",headers=\"(request-target) content-type date digest host\",signature=\"LYBDICbkSHHM0ALxTSAYWhjUfIVKsMjxqoQDYpjSK2O2S4nqMfyVJv+91NH0T1LZ8oW\/Q6XdybZRDktkRhyU0RPW6foQDeZYsKvnzoq5GwhLynUvu7tF8cepZ6UptQSECJa+YVu4VsTrCm1ZMH1v1dUHT8v2TS9aL+k792oac7vO\/7z8nMfZbwRM7+dP89frkw8fY3IM8GiXMAb4w6n8C8gQids9rlCnaJPa\/MatFGboSH\/Kk38B656IleWONfr6Id3ibEN0tp4QjjjVGpOFFr3RDeUdAx09dv3IJQzDNLhu0e2IFH55c0mJfgbwH1TSnlwj0ZPU7d7k7dBbu1OjyA==\""],"traceparent":["00-012b7c0c37ce9fa5644a2dd789ec7ee5-875008e5e21d7f32-01"],"tracestate":[""],"accept":["*\/*"],"user-agent":["Lemmy\/0.19.12-4-gd8445881a; +https:\/\/lemmy.world"],"accept-encoding":["gzip"],"content-length":["12675"],"x-php-ob-level":["1"]}}"
  "{"type":"App\\Message\\ActivityPub\\Inbox\\ActivityMessage","X-Message-Stamp-Symfony\\Component\\Messenger\\Stamp\\BusNameStamp":"[{\"busName\":\"messenger.bus.default\"}]","Content-Type":"application\/json"}"
  "default"
  "2025-10-05 16:37:39"
  "2025-10-05 16:37:39"
]

View formatted query View runnable query Explain query

INSERT INTO messenger_messages (
  body, headers, queue_name, created_at,
  available_at
)
VALUES
  (?, ?, ?, ?, ?)

INSERT INTO messenger_messages (body, headers, queue_name, created_at, available_at) VALUES('{\"payload\":\"{\\\"@context\\\":[\\\"https:\\/\\/join-lemmy.org\\/context.json\\\",\\\"https:\\/\\/www.w3.org\\/ns\\/activitystreams\\\"],\\\"actor\\\":\\\"https:\\/\\/lemmy.world\\/c\\/selfhosted\\\",\\\"to\\\":[\\\"https:\\/\\/www.w3.org\\/ns\\/activitystreams#Public\\\"],\\\"object\\\":{\\\"id\\\":\\\"https:\\/\\/lemmy.zip\\/activities\\/update\\/4c40b933-106f-4c48-a618-fb30e279ffab\\\",\\\"actor\\\":\\\"https:\\/\\/lemmy.zip\\/u\\/TheHobbyist\\\",\\\"@context\\\":[\\\"https:\\/\\/join-lemmy.org\\/context.json\\\",\\\"https:\\/\\/www.w3.org\\/ns\\/activitystreams\\\"],\\\"to\\\":[\\\"https:\\/\\/www.w3.org\\/ns\\/activitystreams#Public\\\"],\\\"object\\\":{\\\"type\\\":\\\"Page\\\",\\\"id\\\":\\\"https:\\/\\/lemmy.zip\\/post\\/50308536\\\",\\\"attributedTo\\\":\\\"https:\\/\\/lemmy.zip\\/u\\/TheHobbyist\\\",\\\"to\\\":[\\\"https:\\/\\/lemmy.world\\/c\\/selfhosted\\\",\\\"https:\\/\\/www.w3.org\\/ns\\/activitystreams#Public\\\"],\\\"name\\\":\\\"[question] Help me access my local homeserver using a public domain name\\\",\\\"cc\\\":[],\\\"content\\\":\\\"<p>Hi folks,<\\/p>\\\\n<p>TL;DR: my remaining issue seems to be firefox specific, I\\u2019ve otherwise made it work on other browsers and other devices, so I\\u2019ll consider this issue resolved. Thank you very much for all your replies and help! (Edit, this was also solved now in EDIT-4).<\\/p>\\\\n<p>I\\u2019m trying to setup HTTPS for my local services on my home network. I\\u2019m gotten a domain name <code>mydomain.tld<\\/code> and my homeserver is running at home on let\\u2019s say 192.168.10.20. I\\u2019ve setup Nginx Proxy Manager and I can access it using its local ip address as I\\u2019ve forwarded ports 80 and 443 to it.\\\\nHence, when I navigate on my computer to <code>http:\\/\\/192.168.10.20\\/<\\/code> I am greeted with the NPM default Congratulations screen confirming that it\\u2019s reachable. Great!<\\/p>\\\\n<p>Next, I\\u2019ve setup an A record on my registrar pointing to <code>192.168.10.20<\\/code>. I think I\\u2019ve been able to confirm this works because when I check on an online DNS lookup tool like <code>https:\\/\\/centralops.net\\/CO\\/Traceroute<\\/code> as it says <code>192.168.10.20 is a special address that is not allowed for this tool.<\\/code>. Great!<\\/p>\\\\n<p>Now, what I\\u2019m having trouble with, is the following: make it such that when I navigate to <code>http:\\/\\/mydomain.tld\\/<\\/code> I get to the NPM welcome screen at <code>http:\\/\\/192.168.10.20\\/<\\/code>. When I try this, I\\u2019m getting the firefox message:<\\/p>\\\\n<pre style=\\\\\\\"background-color:#ffffff;\\\\\\\">\\\\n<span style=\\\\\\\"color:#323232;\\\\\\\">Hmm. We\\u2019re having trouble finding that site.\\\\n<\\/span><span style=\\\\\\\"color:#323232;\\\\\\\">We can\\u2019t connect to the server at mydomain.tld.\\\\n<\\/span><\\/pre>\\\\n<p>Strangely, whenever I try to navigate to <code>http:\\/\\/mydomain.tld\\/<\\/code> it redirects me to <code>https:\\/\\/mydomain.tld\\/<\\/code>, so I\\u2019ve tried solving this using a certificate, using the DNS-01 challenge from NPM, and setting up a reverse proxy from <code>https:\\/\\/mydomain.tld\\/<\\/code> to <code>http:\\/\\/192.168.10.20\\/<\\/code> and with the wildcard certificate from the challenge, but it hasn\\u2019t changed anything.<\\/p>\\\\n<p>I\\u2019m unsure how to keep debugging from here? Any advice or help? I\\u2019m clearly missing something in my understanding of how this works. Thanks!<\\/p>\\\\n<p>EDIT: It seems several are confused by my use of internal IP addresses in this way, yes it is entirely possible. There are multiple people reporting to use exactly this kind of setup, <a href=\\\\\\\"https:\\/\\/security.stackexchange.com\\/a\\/174743\\\\\\\" rel=\\\\\\\"nofollow\\\\\\\">here<\\/a> <a href=\\\\\\\"https:\\/\\/security.stackexchange.com\\/a\\/121187\\\\\\\" rel=\\\\\\\"nofollow\\\\\\\">are<\\/a> <a href=\\\\\\\"https:\\/\\/notthebe.ee\\/blog\\/easy-ssl-in-homelab-dns01\\/\\\\\\\" rel=\\\\\\\"nofollow\\\\\\\">some<\\/a> <a href=\\\\\\\"https:\\/\\/old.reddit.com\\/r\\/Traefik\\/comments\\/n6mk92\\/how_do_i_setup_dns_challenge_for_lan_https\\/\\\\\\\" rel=\\\\\\\"nofollow\\\\\\\">examples<\\/a>.<\\/p>\\\\n<p>EDIT-2: I\\u2019ve made progress. It seems I\\u2019m having two issues simultaneously. First one was that I was trying to test my NPM instance by attempting to reach the Congratulations page, served on port 80. That in itself was not working as it ended in an infinite-loop resolving loop, so trying to instead expose the admin page, default port 81, seems to work in some cases. And that\\u2019s due to the next issue, which is that on some browsers \\/ with some DNS, the endpoint can be reached but not on others. For some reason I\\u2019m unable to make it work on Firefox, but on Chromium (or even on Vanadium on my phone), it works just fine. I\\u2019m still trying to understand what\\u2019s preventing it from working on Firefox, I\\u2019ve attempted multiple DNS settings, but it seems there\\u2019s something else at play as well.<\\/p>\\\\n<p>EDIT-3: While I have not made it work in all situations I wanted, I will consider this \\u201csolved\\u201d, because I believe the remaining issue is a Firefox-specific one. My errors so far, which I\\u2019ve addressed are that I could not attempt at exposing the NPM congratulations page which was shown on port 80, because it lead to a resolution loop. Exposing the actual admin page on port 81 was a more realistic test to verify whether it worked. Then, setting up the forwarding of that page using something like <code>https:\\/\\/npm.mydomain.tld\\/<\\/code> and linking that to the internal IP address of my NPM instance, and port 81, while using the wildcard certificate for my public domain was then necessary. Finally, I was testing exclusively on Firefox. While I also made no progress when using <code>dig<\\/code>, <code>curl<\\/code> or <code>host<\\/code>, as suggested in the commends (which are still useful tools in general!) I managed to access my NPM admin page using other browsers and other devices, all from my home network (the only use-case I was interested in). I\\u2019ll keep digging to figure out what specific issue remains with my Firefox, I\\u2019ve verified multiple things, from changing the DNS on firefox (seems not to work, showing <code>Status: Not active (TRR_BAD_URL)<\\/code> in the firefox DNS page (e.g. with base.dns.mullvad.dns). Yet LibreWolf works just fine when changing DNS. Go figure\\u2026<\\/p>\\\\n<p>EDIT-4: I have now solved it in firefox too, thanks to @non_burglar@lemmy.world! So it turns out, firefox has setup a validation system for DNS settings, called TRR. You can read more about it here: <a href=\\\\\\\"https:\\/\\/wiki.mozilla.org\\/Trusted_Recursive_Resolver\\\\\\\">wiki.mozilla.org\\/Trusted_Recursive_Resolver<\\/a> Firefox has a number of TRR configurations, preventing the complete customization of DNS, but also with specific defaults that prevent my use-case. By opening up the firefox config page at about:config, search for <code>network.trr.allow-rfc1918<\\/code> and set it to <code>true<\\/code>. This now solved it for me. This allows the resolution of local IP addresses. You can read more about RFC1918 here: <a href=\\\\\\\"https:\\/\\/datatracker.ietf.org\\/doc\\/html\\/rfc1918\\\\\\\">datatracker.ietf.org\\/doc\\/html\\/rfc1918<\\/a>\\\\nI\\u2019ll probably still look to actually make other DNS usable, such as <code>base.dns.mullvad.net<\\/code> which is impossible to use on Firefox by default\\u2026<\\/p>\\\\n\\\",\\\"mediaType\\\":\\\"text\\/html\\\",\\\"source\\\":{\\\"content\\\":\\\"Hi folks,\\\\n\\\\nTL;DR: my remaining issue seems to be firefox specific, I\'ve otherwise made it work on other browsers and other devices, so I\'ll consider this issue resolved. Thank you very much for all your replies and help! (Edit, this was also solved now in EDIT-4).\\\\n\\\\nI\'m trying to setup HTTPS for my local services on my home network. I\'m gotten a domain name `mydomain.tld` and my homeserver is running at home on let\'s say 192.168.10.20. I\'ve setup Nginx Proxy Manager and I can access it using its local ip address as I\'ve forwarded ports 80 and 443 to it.\\\\nHence, when I navigate on my computer to `http:\\/\\/192.168.10.20\\/` I am greeted with the NPM default Congratulations screen confirming that it\'s reachable. Great!\\\\n\\\\nNext, I\'ve setup an A record on my registrar pointing to `192.168.10.20`. I think I\'ve been able to confirm this works because when I check on an online DNS lookup tool like `https:\\/\\/centralops.net\\/CO\\/Traceroute` as it says `192.168.10.20 is a special address that is not allowed for this tool.`. Great!\\\\n\\\\nNow, what I\'m having trouble with, is the following: make it such that when I navigate to `http:\\/\\/mydomain.tld\\/` I get to the NPM welcome screen at `http:\\/\\/192.168.10.20\\/`. When I try this, I\'m getting the firefox message:\\\\n```\\\\nHmm. We\\u2019re having trouble finding that site.\\\\nWe can\\u2019t connect to the server at mydomain.tld.\\\\n```\\\\n\\\\nStrangely, whenever I try to navigate to `http:\\/\\/mydomain.tld\\/` it redirects me to `https:\\/\\/mydomain.tld\\/`, so I\'ve tried solving this using a certificate, using the DNS-01 challenge from NPM, and setting up a reverse proxy from `https:\\/\\/mydomain.tld\\/` to `http:\\/\\/192.168.10.20\\/` and with the wildcard certificate from the challenge, but it hasn\'t changed anything.\\\\n\\\\nI\'m unsure how to keep debugging from here? Any advice or help? I\'m clearly missing something in my understanding of how this works. Thanks!\\\\n\\\\nEDIT: It seems several are confused by my use of internal IP addresses in this way, yes it is entirely possible. There are multiple people reporting to use exactly this kind of setup, [here](https:\\/\\/security.stackexchange.com\\/a\\/174743) [are](https:\\/\\/security.stackexchange.com\\/a\\/121187) [some](https:\\/\\/notthebe.ee\\/blog\\/easy-ssl-in-homelab-dns01\\/) [examples](https:\\/\\/old.reddit.com\\/r\\/Traefik\\/comments\\/n6mk92\\/how_do_i_setup_dns_challenge_for_lan_https\\/).\\\\n\\\\nEDIT-2: I\'ve made progress. It seems I\'m having two issues simultaneously. First one was that I was trying to test my NPM instance by attempting to reach the Congratulations page, served on port 80. That in itself was not working as it ended in an infinite-loop resolving loop, so trying to instead expose the admin page, default port 81, seems to work in some cases. And that\'s due to the next issue, which is that on some browsers \\/ with some DNS, the endpoint can be reached but not on others. For some reason I\'m unable to make it work on Firefox, but on Chromium (or even on Vanadium on my phone), it works just fine. I\'m still trying to understand what\'s preventing it from working on Firefox, I\'ve attempted multiple DNS settings, but it seems there\'s something else at play as well.\\\\n\\\\nEDIT-3: While I have not made it work in all situations I wanted, I will consider this \\\\\\\"solved\\\\\\\", because I believe the remaining issue is a Firefox-specific one. My errors so far, which I\'ve addressed are that I could not attempt at exposing the NPM congratulations page which was shown on port 80, because it lead to a resolution loop. Exposing the actual admin page on port 81 was a more realistic test to verify whether it worked. Then, setting up the forwarding of that page using something like `https:\\/\\/npm.mydomain.tld\\/` and linking that to the internal IP address of my NPM instance, and port 81, while using the wildcard certificate for my public domain was then necessary. Finally, I was testing exclusively on Firefox. While I also made no progress when using `dig`, `curl` or `host`, as suggested in the commends (which are still useful tools in general!) I managed to access my NPM admin page using other browsers and other devices, all from my home network (the only use-case I was interested in). I\'ll keep digging to figure out what specific issue remains with my Firefox, I\'ve verified multiple things, from changing the DNS on firefox (seems not to work, showing `Status: Not active (TRR_BAD_URL)` in the firefox DNS page (e.g. with base.dns.mullvad.dns). Yet LibreWolf works just fine when changing DNS. Go figure...\\\\n\\\\nEDIT-4: I have now solved it in firefox too, thanks to @non_burglar@lemmy.world! So it turns out, firefox has setup a validation system for DNS settings, called TRR. You can read more about it here: https:\\/\\/wiki.mozilla.org\\/Trusted_Recursive_Resolver Firefox has a number of TRR configurations, preventing the complete customization of DNS, but also with specific defaults that prevent my use-case. By opening up the firefox config page at about:config, search for `network.trr.allow-rfc1918` and set it to `true`. This now solved it for me. This allows the resolution of local IP addresses. You can read more about RFC1918 here: https:\\/\\/datatracker.ietf.org\\/doc\\/html\\/rfc1918\\\\nI\'ll probably still look to actually make other DNS usable, such as `base.dns.mullvad.net` which is impossible to use on Firefox by default...\\\",\\\"mediaType\\\":\\\"text\\/markdown\\\"},\\\"attachment\\\":[],\\\"sensitive\\\":false,\\\"published\\\":\\\"2025-10-05T10:13:48.849177Z\\\",\\\"updated\\\":\\\"2025-10-05T16:37:08.878457Z\\\",\\\"language\\\":{\\\"identifier\\\":\\\"en\\\",\\\"name\\\":\\\"English\\\"},\\\"audience\\\":\\\"https:\\/\\/lemmy.world\\/c\\/selfhosted\\\",\\\"tag\\\":[{\\\"href\\\":\\\"https:\\/\\/lemmy.zip\\/post\\/50308536\\\",\\\"name\\\":\\\"#selfhosted\\\",\\\"type\\\":\\\"Hashtag\\\"}]},\\\"cc\\\":[\\\"https:\\/\\/lemmy.world\\/c\\/selfhosted\\\"],\\\"type\\\":\\\"Update\\\",\\\"audience\\\":\\\"https:\\/\\/lemmy.world\\/c\\/selfhosted\\\"},\\\"cc\\\":[\\\"https:\\/\\/lemmy.world\\/c\\/selfhosted\\/followers\\\"],\\\"type\\\":\\\"Announce\\\",\\\"id\\\":\\\"https:\\/\\/lemmy.world\\/activities\\/announce\\/update\\/8a857aa9-bf47-4f18-a23e-bdd59147bf90\\\"}\",\"request\":{\"host\":\"kbin.spritesserver.nl\",\"method\":\"POST\",\"uri\":\"\\/f\\/inbox\",\"client_ip\":\"135.181.143.221\"},\"headers\":{\"content-type\":[\"application\\/activity+json\"],\"host\":[\"kbin.spritesserver.nl\"],\"date\":[\"Sun, 05 Oct 2025 16:37:39 GMT\"],\"digest\":[\"SHA-256=8Mp5PR8p\\/+E3QOOhdV3QRywB1Umm6uoxXttgiPYL0po=\"],\"signature\":[\"keyId=\\\"https:\\/\\/lemmy.world\\/c\\/selfhosted#main-key\\\",algorithm=\\\"hs2019\\\",headers=\\\"(request-target) content-type date digest host\\\",signature=\\\"LYBDICbkSHHM0ALxTSAYWhjUfIVKsMjxqoQDYpjSK2O2S4nqMfyVJv+91NH0T1LZ8oW\\/Q6XdybZRDktkRhyU0RPW6foQDeZYsKvnzoq5GwhLynUvu7tF8cepZ6UptQSECJa+YVu4VsTrCm1ZMH1v1dUHT8v2TS9aL+k792oac7vO\\/7z8nMfZbwRM7+dP89frkw8fY3IM8GiXMAb4w6n8C8gQids9rlCnaJPa\\/MatFGboSH\\/Kk38B656IleWONfr6Id3ibEN0tp4QjjjVGpOFFr3RDeUdAx09dv3IJQzDNLhu0e2IFH55c0mJfgbwH1TSnlwj0ZPU7d7k7dBbu1OjyA==\\\"\"],\"traceparent\":[\"00-012b7c0c37ce9fa5644a2dd789ec7ee5-875008e5e21d7f32-01\"],\"tracestate\":[\"\"],\"accept\":[\"*\\/*\"],\"user-agent\":[\"Lemmy\\/0.19.12-4-gd8445881a; +https:\\/\\/lemmy.world\"],\"accept-encoding\":[\"gzip\"],\"content-length\":[\"12675\"],\"x-php-ob-level\":[\"1\"]}}', '{\"type\":\"App\\\\Message\\\\ActivityPub\\\\Inbox\\\\ActivityMessage\",\"X-Message-Stamp-Symfony\\\\Component\\\\Messenger\\\\Stamp\\\\BusNameStamp\":\"[{\\\"busName\\\":\\\"messenger.bus.default\\\"}]\",\"Content-Type\":\"application\\/json\"}', 'default', '2025-10-05 16:37:39', '2025-10-05 16:37:39');

Database Connections

Name	Service
default	doctrine.dbal.default_connection

Entity Managers

Name	Service
default	doctrine.orm.default_entity_manager

Second Level Cache

0 Hits

0 Misses

0 Puts

Entities Mapping

No loaded entities.

Symfony Profiler

POST https://kbin.spritesserver.nl/f/inbox

Configuration Settings

Theme