hello all,
I need some advice on how to proceed with my reverse proxy.
at the moment I have a proxmox lxc with Debian running nginx as a reverse proxy for some services like homeassistant, nextcloud jellyfin etc. I have a domain and everything works great with letsencrypt certificates.
since I started playing with frigate, I learned a bit more about docker and portainer and got a bit crazy with some more stuff like gitea, transmission, bookstack. now I have the following dilema: how do I use my current nginx with the new docker run services? is it just the usual way of proxy passing to the http://IP.address:port?
to make matters worse I have found out about nginx proxy manager and saw that it has the ability to easily add authentication to services which is interesting to me because of frigate. But with this one I have another dilema: if I switch from simple nginx to nginx proxy manager, how do I migrate my current setup (i.e. keys and configs)?
What is the best way to approach this mixed system? I forgot to mention that my current services are not run through docker and I don’t plan to switch them over because I like them as they are now.
Sorry if this isn’t the right place for this question!
There’s nothing different. Just expose the ports using docker, and then point nginx at it like any other application. If it’s running on the same server, you can just point it at localhost.
For nginx proxy manager, you can define custom configs easily, but for most usage you should be able to set up each redirect with a couple of clicks in the GUI. You should set it up to generate its own certs using the built-in tool though, but if you really want you can import certs manually through the GUI as well.
[Heres](file:///home/ja/IT/git/selfhosted-apps-docker/caddy_v2/readme.md) a detailed guide for how to setup caddy reverse proxy. Includes many setups and even monitoring who connects from where to what, though to get that running is bit of work.
is it just the usual way of proxy passing to the http://IP.address:port?
for caddy it is, if it can ping the machine, it can send traffic its way
how do I migrate my current setup (i.e. keys and configs)?
what I like about caddy is that all that is needed is copy paste the simple caddy config file, that is thats needed to move setup from caddy to caddy
What is the best way to approach this mixed system?
I think every reverse proxy can do what you need, including your already running nginx, so you get answers based on personal preference of users. I run before trafik, got guide for that too… its too complex with lot of abstraction layers, and it polutes docker compose files with labels which I dont like, but it is powerful. I played bit with nginx but other than being kinda gold standard of reverse proxy it was ugly boilerplate config compared to caddy. Caddy was simple, clean, and really… just worked. Though you listed using authentification through reverse proxy and there caddy has a shortcoming where you need to do every user manually, instead of just telling here use this file of users/passwords like traefik can.