CompactFlax

St John’s to St Pierre, with a branch line to Miquelon.

Yes, we know that the far right in Europe is supported by Pooty. This doesn’t represent a breakdown in unity.

Even a stopped clock…

Well yes, it is one hop, because you’ve got the router doing TLS termination. Inside your network you point to the server that has the TLS certs. Outside of the network you do port forwarding, or use a tunnel with cloudflare agents.

Why is the router involved at all? It’s all local traffic. The external traffic comes through the cloud flare tunnel, right? Maybe I’m not understanding the architecture you’ve got.

It’s possible but it’s an extra pain in the butt.

Internally, have you tried pointing the DNS directly to the ngnix server, not the router? There’s no reason to have that extra hop (I don’t think).

If you are establishing a TLS connection to a server, the server will need a certificate. It sounds like you’re trying to have two instances of a reverse proxy - one on the server, and one on the router. It may be my ignorance of the particulars, but my immediate thought is that you should select one point in the network to do reverse proxying.

So far, there’s been a good bit of money to be made in timing the stock market to announcements. But I’m sure no American politician would be involved with insider trading.