I have a noob question but seem overwhelmed with all the information I get about it. Basically, why do I need a reverse proxy if all my services are not public? Every guide or video for self hosting there’s always talk of a reverse proxy, have been doing it wrong?
Here’s my setup: I have proxmox running with LXC containers and VM’s for different services some have docker. I have HAProxy on PfSense with a wildcard cert. and the built-in dns resolver, and I vpn home every time I need something.
Have I be going about this the wrong way? Would I benefit from Nginx or traefik? Or is HAProxy enough? Sorry for the stupid question, I’m like a kid with a new toy and overwhelming myself.
This answer says it all. A reverse proxy dispatches HTTP requests to several “backend” services (your applications), depending on what domain name is requested in the HTTP request headers. For example using Apache as a reverse proxy, a config block such as
<VirtualHost *:443> ServerName media.example.org ... ProxyPass "/" "http://127.0.0.1:8096/" </VirtualHost>will redirect requests made on port 443 with the HTTP header
Host: media.example.org(for example a request tohttps://media.example.org/my/page) to the “backend” service listening on127.0.0.1(local machine), port 8096 (which may be a media server, a wiki, …). This way you only have to expose ports 80/443 to the outside network, and the reverse proxy will take care of dispatching requests to the correct “backend” service.Most web servers can be used as reverse proxies.
In addition, since all requests go through the proxy, it is a good place to manage centralized logging, SSL/TLS certificates, access control such as IP whitelisting/blacklisting, automatic redirects…
Thank you! mentioning headers got me to tinker and fix a service that wasn’t running with HAP.