Best and most secure way to expose Zoneminder with Caddy server
Posted: Sat Jan 12, 2019 5:23 pm
Hi guys,
I'm running Zoneminder currently with Apache on Ubuntu, to secure it I've enabled basic authentication but that wasn't working with zmNinja so I've followed these steps: https://github.com/pliablepixels/zmNinj ... h-zms-urls. Working great, but I'm also running Home Assistant on the same server and like to expose that also (so I can access it from the internet) but I don't like to use Apache. Nginx is possible but came across Caddy server and want to go that way. Mainly because of the automatic HTTPS and the simplicity.
I could try to migrate the Apache config (or one of the many Nginx configs in the wiki and on the forums, why so many differences?) to a Caddy config but maybe someone did this already? Another option is to run Caddy as proxy in front of Apache but why should I run two webservers when just one can handle it all?
My other question is; is basic authentication the way to go? I came across this wiki: https://github.com/pliablepixels/zmNinj ... -ProxyPass, it looks like that's now the best way to set things up securely but that's for Apache Zoneminder does also have a build in authentication option. Is that really secure? Maybe that's a better option?
I hope you guys can give me some advice.
I'm running Zoneminder currently with Apache on Ubuntu, to secure it I've enabled basic authentication but that wasn't working with zmNinja so I've followed these steps: https://github.com/pliablepixels/zmNinj ... h-zms-urls. Working great, but I'm also running Home Assistant on the same server and like to expose that also (so I can access it from the internet) but I don't like to use Apache. Nginx is possible but came across Caddy server and want to go that way. Mainly because of the automatic HTTPS and the simplicity.
I could try to migrate the Apache config (or one of the many Nginx configs in the wiki and on the forums, why so many differences?) to a Caddy config but maybe someone did this already? Another option is to run Caddy as proxy in front of Apache but why should I run two webservers when just one can handle it all?
My other question is; is basic authentication the way to go? I came across this wiki: https://github.com/pliablepixels/zmNinj ... -ProxyPass, it looks like that's now the best way to set things up securely but that's for Apache Zoneminder does also have a build in authentication option. Is that really secure? Maybe that's a better option?
I hope you guys can give me some advice.