Open-Source Configuration-Based Secure Access to your Home Network

Name: Open-Source Configuration-Based Secure Access to your Home Network
Availability: InStock
Author: scaelere

by scaelere·Mar 18, 2026·1 point·0 comments

Visit Project View on HN

AI Analysis

●MidShip It

JSON config for nginx is nice, but Caddy already does auto-SSL simpler.

Strengths

•JSON/YAML configuration beats manual nginx config files for home setups
•Client certificate support adds mTLS security layer for sensitive services
•PROXY protocol support preserves original client IP through the proxy

Weaknesses

•Caddy handles auto-SSL with significantly simpler configuration syntax
•Cloudflare Tunnel offers zero-config remote access without port forwarding

Post Description

I wanted a simple and flexible method to quickly add and remove domains and backend servers for remote access from my home network, without going through the pain of manually configuring nginx for any change.

What I've come up with is a simple configuration-based (json or yaml) templating system.

With nginx-quick-relay you can add back-ends to two groups: - `pass-through`: it forwards HTTP+HTTPS traffic as is with optional PROXY protocol, OR - `direct-serve`: it acquires and renews certificates, redirects HTTP to HTTPS, and forwards traffic to your HTTP/HTTPS endpoint

It also handles - client certificates (per domain) to only allow trusted peers to access your resources - optional exclusion of local network traffic from client certificate requirement (based on CIDR) - server certificates (per back-end server) - PROXY protocol to preserve info on the requesting client