So, I have some idea on what a reverse proxy does and will be using nginx (with the neat proxy manager UI) for my setup.

However, I’m not completely clear what exactly I want it to do and how I cn use it to run different services on one machine. I’m especially unclear on the ports configuration … tutorials will say things like “change the listening port to xxx for that service and to port yyy for the other service”

How does this work, which ports can I use and how do I need to configure the respective services?

EDIT: thanks everybody, your replies did help me a lot! I have my basic setup now up and running using portainer + nginx + fail2ban.

  • ephimetheus@lemmy.world
    link
    fedilink
    English
    arrow-up
    0
    ·
    edit-2
    1 year ago

    Yeah that’s exactly right! You have the proxy listen on 80/443 and use the subdomains to proxy to the respective other services that you have listen to other ports. Make sure those other ports are not open to the outside, though, as that would allow someone to bypass the proxy. In you example, you would change away from 0.0.0.0 to 127.0.0.1, which means the port is only open to the loop back interface, not the other ones. This happens accidentally especially when using docker for the app service. Also you should probably run some firewall to block all ports that you don’t wish to expose.

    I’d really suggest you take a look at Caddy for the reverse proxy. It completely handles SSL certificate creation and renewal so you don’t have to do anything.

    • Solvena@lemmy.worldOP
      link
      fedilink
      English
      arrow-up
      1
      ·
      1 year ago

      thank you, that clears things up a bit. Now it’s to play around with it, until I get it up and running :)

      • hungover_pilot@lemmy.world
        link
        fedilink
        English
        arrow-up
        1
        ·
        1 year ago

        For future reading this “multiplexing” is called SNI inspection/routing and it can only be used when TLS/SSL is in use.