this post was submitted on 19 May 2025
93 points (95.1% liked)

Selfhosted

46653 readers
1414 users here now

A place to share alternatives to popular online services that can be self-hosted without giving up privacy or locking you into a service you don't control.

Rules:

  1. Be civil: we're here to support and learn from one another. Insults won't be tolerated. Flame wars are frowned upon.

  2. No spam posting.

  3. Posts have to be centered around self-hosting. There are other communities for discussing hardware or home computing. If it's not obvious why your post topic revolves around selfhosting, please include details to make it clear.

  4. Don't duplicate the full text of your blog or github here. Just post the link for folks to click.

  5. Submission headline should match the article title (don’t cherry-pick information from the title to fit your agenda).

  6. No trolling.

Resources:

Any issues on the community? Report it using the report flag.

Questions? DM the mods!

founded 2 years ago
MODERATORS
[email protected]
[email protected]
[email protected]
[email protected]
[email protected]
[email protected]
93
How to reverse proxy? (lemm.ee)
submitted 3 weeks ago by [email protected] to c/[email protected]
74 comments fedilink hide all child comments
 

Hi everybody.

How should I setup reverse proxy for my services? I've got things like jellyfin, immich a bitwarden running on my Debian server in docker. So should i install something like nginx for each of these also in docker? Or should I install it from repository and make configs for each of these docker services?

Btw I have no idea how to use something like nginx or caddy but i would still like to learn.

Also can you use nginx for multiple services on the same port like(443)?

(page 2) 27 comments
sorted by: hot top controversial new old
[–] [email protected] 0 points 3 weeks ago (1 children)

While using a web server before your self hosted micro services is the obvious answer and caddy the easier to configure, as a beginner you should also consider taiscale funnels. You dont need to mess with router stuff like port forward or caring if you ISP have your router behind a cgnat which is kinda norm nowadays , also dont have to care for a domain name dynamic DNS stuff . You could have a look to my quick how to . All you need is running a script , the ports and desired names of your subdomains and your tailscale auth key. https://ippocratis.github.io/tailscale/

[–] [email protected] 1 points 2 weeks ago (1 children)

Well I already got static IP from my ISP and configured Wireguard on my directly on my router so I think I'm good.

[–] [email protected] 1 points 2 weeks ago (2 children)

The funnel exposes your local services to the public over https . Like what you want to accomplish with reverse proxy . Its just more straightforward for a beginner.

Personally I closed my router ports and switched to tailscalr funnels after using caddy with mutual TLS for years.

[–] [email protected] 1 points 2 weeks ago (1 children)

maybe silly question but does tailscale tunnel operate in a similar fashion to a cloud flare tunnel? as in you can remotely access your internal service over https?

[–] [email protected] 1 points 2 weeks ago

Yes that's exactly what they do

[–] [email protected] 1 points 2 weeks ago (4 children)

The funnel exposes your local services to the public over https . Like what you want to accomplish with reverse proxy .

they did not say they want it public, and that's an additional security burden they may not need

load more comments (4 replies)
[–] [email protected] 0 points 2 weeks ago* (last edited 2 weeks ago) (1 children)

There's Nginx proxy manager if you want to set it up. But I'd rather go with Tailscale instead.

load more comments (1 replies)
load more comments
view more: ‹ prev next ›