securebytes.net

// /writing

Field notes

← Home

Walkthroughs of things I built and why. Mostly homelab and infrastructure work — the kind of writeups I wish existed when I was hunting for the answer at 2am.

WRITING Apr 26, 2026

Wildcard TLS for a self-hosted homelab — Cloudflare DNS-01, end to end

How I gave eight internal services real Let's Encrypt certificates with one wildcard, no port forwards, and automated renewal. Walks through the Cloudflare token, acme.sh setup, nginx wiring, and the gotchas that bit me.

homelabtlscloudflarenginx