I have a public domain, let’s call it “domain dot com” and it has an SSL certificate. I am installing HassOs on a raspberry pi 4.
I have a subdomain for that domain pointed to all my self-hosted things, let’s call it “home dot domain dot com” and I have a paid for SSL certificate for that domain.
I have a BUNCH of services hosted there, with reverse proxies in subdirectories to various ports. For example, “home dot domain dot com/airsonic/” or “home dot domain dot com/shinobi/” or “home dot domain dot com/bitwarden/”. This works across the board, and I have an existing dynamic dns solution that keeps this up to date, I think at present I have 18 services this is successfully working for.
Now that I’m integrating Home Assistant, I’m learning that because the decision has been made to keep the base url absolute and not relative, it’s not possible to proxy this to a subdirectory and requires its own subdomain. (If this is incorrect please let me know, I’m taking my understanding from here https://github.com/home-assistant/architecture/issues/156#issuecomment-478183627 ) Fine, not ideal but I can work with that. I can create “hass dot domain dot com” and keep my dynamic dns system pointed to that as well.
That works today, as long as I’m using port 8123 which is forwarded. 80 and 443 are spoken for by apache and my reverse proxy.
I’m trying to then set up Let’s Encrypt as I do not want to pay for another proper SSL certificate. I am finding this impossible to set up; I’ve never used let’s encrypt before since I’ve always had paid for certificates, but if I’m understanding this, it’s not gonna work because Let’s Encrypt only supports 80 and 443?
I’ve never worked with a self hosted service with requirements like this before; is SSL out of the question for me unless I dedicate 80 and 443 to this device? Usually I would get a bit linux-ey and delve into the command line, but it seems with the RPi image you can’t even get sudo so you’ve got to work within the confines of the UI?