this post was submitted on 29 Jun 2023
4 points (83.3% liked)

Selfhosted

40219 readers
1129 users here now

A place to share alternatives to popular online services that can be self-hosted without giving up privacy or locking you into a service you don't control.

Rules:

  1. Be civil: we're here to support and learn from one another. Insults won't be tolerated. Flame wars are frowned upon.

  2. No spam posting.

  3. Posts have to be centered around self-hosting. There are other communities for discussing hardware or home computing. If it's not obvious why your post topic revolves around selfhosting, please include details to make it clear.

  4. Don't duplicate the full text of your blog or github here. Just post the link for folks to click.

  5. Submission headline should match the article title (don’t cherry-pick information from the title to fit your agenda).

  6. No trolling.

Resources:

Any issues on the community? Report it using the report flag.

Questions? DM the mods!

founded 1 year ago
MODERATORS
 

I have a noob question but seem overwhelmed with all the information I get about it. Basically, why do I need a reverse proxy if all my services are not public? Every guide or video for self hosting there’s always talk of a reverse proxy, have been doing it wrong?

Here’s my setup: I have proxmox running with LXC containers and VM’s for different services some have docker. I have HAProxy on PfSense with a wildcard cert. and the built-in dns resolver, and I vpn home every time I need something.

Have I be going about this the wrong way? Would I benefit from Nginx or traefik? Or is HAProxy enough? Sorry for the stupid question, I’m like a kid with a new toy and overwhelming myself.

you are viewing a single comment's thread
view the rest of the comments
[–] taladar@sh.itjust.works 1 points 1 year ago (4 children)

HAProxy is a reverse proxy.

[–] wfm@infosec.pub 0 points 1 year ago (3 children)

As mentioned it’s a stupid question, it’s just all of this talk of Nginx got me confused that I need to have it on proxmox or everything will crumble

[–] taladar@sh.itjust.works 3 points 1 year ago (2 children)

The purposes of reverse proxies vary.

One of the main reasons is that you want to host multiple services on the same IPv4 and port since you usually only get one IPv4 (works for IPv6 too but there getting more than one from your hoster is a lot easier). This is known as name-based virtual hosting.

Another thing that is often (but not always) handled by a reverse proxy is SSL/TLS termination. That way the actual application doesn't have to worry about the certificates or crypto-related security updates. Sometimes TLS is used again on the bit between the reverse proxy and the backend server but if they are both on the same physical machine that bit is often skipped.

There are also other services such as rate limiting, caching or fully featured Web Application Firewalls (WAF) and of course CDNs that come in reverse proxy form but you shouldn't need to worry about those too much for a small personal website that isn't used by thousands of users.

[–] wfm@infosec.pub 1 points 1 year ago

Thank you so for tolerating my question and the informative answer

load more comments (1 replies)
load more comments (1 replies)
load more comments (1 replies)