Hey braintrust, I've got vaultwarden currently exposed to the internet through a cloudflare tunnel pointing to traefik reverse proxy but am looking to make it only available on my internal network (and on tailscale VPN) for increased security. I know that vaultwarden needs HTTPS to function but can't work out a way to make my subdomain (vaultwarden.mydomain.com) point to traefik so that it can generate a wildcard SSL certificate for vaultwarden. I tried to follow this guide linked below but when I set up the DNS record on cloudflare to point to my internal server address, it just leads to the unraid login page rather than vaultwarden and I don't have the ability to add a port number on the DNS record. How can I make the DNS record point to the traefik port of my unraid server?
https://github.com/dani-garcia/vaultwarden/wiki/Running-a-private-vaultwarden-instance-with-Let's-Encrypt-certs