When you talk about the Let’s encrypt installation, do you mean the installation of Cells or something else?
If this call:
curl https://<YOUR_PUBLIC_URL>/login (with https):
- does not return anything when executed from the machine that runs Cells,
- returns the expected content when executed from any machine outside your private LAN,
Yet, serving this page does not requires anything else than the Caddy server that is embedded in Cells to be up. ==> it is a public page that does not require authentication.
For the record, the Cells server must be able to reach itself (via the reverse proxy) using the public address for the authentication to work. It is a requirement that is induced by the Dex Server, a third Party library we use to provide the JWT mechanism.
From what I’ve read, I suspect your cells server is on VM in a NATed private VLAN, correct?
Would you please be so kind as to give some more context and details here ?