I’ve documented how to configure Caddy with the INWX DNS provider to enable automated TLS certificate issuance using the DNS-01 challenge, specifically for homelab scenarios where domains may not resolve publicly.
This setup allows seamless access to internal services like https://n8n.homelab25.example.com/home/workflows over HTTPS within a private residential network—without relying on public DNS or exposing ports to the internet. (ACME DNS challenge)
And it allows me to use a local-ai on a dedicated PC from my daily driver PC, or my laptop. (I used a fresh Ubuntu installation on some kind of a Gaming PC to install local-ai)
The guide is available here:
Configuring Caddy with INWX for Automated TLS · rpapub/local-ai-packaged Wiki · GitHub
Relevant implementation commit in my personal fork:
feat(caddy): add INWX DNS challenge support for automated TLS · rpapub/local-ai-packaged@726aa65 · GitHub
An alternative is to ssh user@host -L 3000:localhost:3000 -L 5678:localhost:5678 but I ran into issue with 308 auto-redirects to https by openwebui. The technologically sound solution is anyways to use certificates. And Caddy with its reverse-proxy feature and ACME implementation makes it trivial.
Feedback or suggestions welcome.