hello all,
I need some advice on how to proceed with my reverse proxy.
at the moment I have a proxmox lxc with Debian running nginx as a reverse proxy for some services like homeassistant, nextcloud jellyfin etc. I have a domain and everything works great with letsencrypt certificates.
since I started playing with frigate, I learned a bit more about docker and portainer and got a bit crazy with some more stuff like gitea, transmission, bookstack. now I have the following dilema: how do I use my current nginx with the new docker run services? is it just the usual way of proxy passing to the http://IP.address:port?
to make matters worse I have found out about nginx proxy manager and saw that it has the ability to easily add authentication to services which is interesting to me because of frigate. But with this one I have another dilema: if I switch from simple nginx to nginx proxy manager, how do I migrate my current setup (i.e. keys and configs)?
What is the best way to approach this mixed system? I forgot to mention that my current services are not run through docker and I don’t plan to switch them over because I like them as they are now.
Sorry if this isn’t the right place for this question!
[Heres](file:///home/ja/IT/git/selfhosted-apps-docker/caddy_v2/readme.md) a detailed guide for how to setup caddy reverse proxy. Includes many setups and even monitoring who connects from where to what, though to get that running is bit of work.
for caddy it is, if it can ping the machine, it can send traffic its way
what I like about caddy is that all that is needed is copy paste the simple caddy config file, that is thats needed to move setup from caddy to caddy
I think every reverse proxy can do what you need, including your already running nginx, so you get answers based on personal preference of users. I run before trafik, got guide for that too… its too complex with lot of abstraction layers, and it polutes docker compose files with labels which I dont like, but it is powerful. I played bit with nginx but other than being kinda gold standard of reverse proxy it was ugly boilerplate config compared to caddy. Caddy was simple, clean, and really… just worked. Though you listed using authentification through reverse proxy and there caddy has a shortcoming where you need to do every user manually, instead of just telling here use this file of users/passwords like traefik can.