MyTechAccount90210

joined 1 year ago
sorted by: new top controversial old
1
Making the next step, proxy to docker containers (alien.top)
 

Hello all. I'm bouncing around ideas in my head right now, and I want to take the next step in my home infrastructure. As it stands, I have my main docker server that hosts a variety of stacks and containers, and of course my nginx proxy manager as well.

Basically all the containers have the ports open that they need, and the proxy is just hairpinning back into the same VM. So DNS for my friendly name stuff points 10.178.200.4, and then the proxy points to 10.178.200.4:8787 or 8989 or whatever for the individual apps.

I feel like, at least in my mind with the docker virtual networks, that I should be able to close all the ports except 80 and 443, and route traffic to the virtual IPs that come from docker, and the networking can be done internally. Is my brain working, or is this stupid?

Best way to expose PLEX to the WAN? in c/homelab@selfhosted.forum
[โ€“] MyTechAccount90210@alien.top 1 points 11 months ago

You don't add it from the app. You add it in server settings. And you wouldn't hairpin, you'd have the firewall rules. Having it in dmz would segregate it from your internal network so outside users could hit it .... If you so choose.

Best way to expose PLEX to the WAN? in c/homelab@selfhosted.forum
[โ€“] MyTechAccount90210@alien.top 1 points 1 year ago (2 children)

You're doing something wrong or you have an incompatible isp. If you want to have it in your dmz, great poke firewall rules for 32400 and set up the internal subnet as an approved lan subnet.