I have been self-hosting for a while now with Traefik. It works, but I’d like to give Nginx Proxy Manager a try, it seems easier to manage stuff not in docker.

Edit: btw I’m going to try this out on my RPI, not my hetzner vps, so no risk of breaking anything

  • @[email protected]
    link
    fedilink
    English
    15 months ago

    having tried many in past, i always go back to haproxy. it has everything required as proxy and load balancer while also being very efficient.

  • Lka1988
    link
    fedilink
    English
    45 months ago

    I like NPM, it’s simple, but also allows for more complex configs as well if needed. I run it in its own LXC because I have other non-dockerized things that are exposed.

  • @[email protected]
    link
    fedilink
    English
    75 months ago

    i use nginx proxy manager but im barely getting by. Theres zero useful documentation for setting up custom paths so everyone uses subdomains. I ended up buying my own domain just so i didnt feel guilty spamming freedns lmao.

    • Encrypt-Keeper
      link
      fedilink
      English
      55 months ago

      At that point you might be better off just using Nginx without the gui. SWAG is a nice reverse proxy focused implementation of it.

  • Korthrun
    link
    fedilink
    English
    35 months ago

    For a while now I’ve been using either haproxy or nginx depending on my needs. I’ve hit instances with both where the functionality I want is in the paid version.

  • @[email protected]
    link
    fedilink
    English
    25 months ago

    I use both, Traefik on my docker host that’s also used for trying out new stacks, and NPM at work for a config that won’t change (ever, probably).

    Yes, the NPM web ui is somewhat easier in regard to proxying targets outside Docker.

  • @[email protected]
    link
    fedilink
    English
    145 months ago

    I’ve been using caddyserver for awhile and love it. Config is nicely readable and the defaults are very good.

  • Matt The Horwood
    link
    fedilink
    English
    25 months ago

    I use nginx as the internet facing proxy, write my own config and manage it with source control. Also use traefik in docker land with service labels to configure it

  • hendrik
    link
    fedilink
    English
    265 months ago

    In my experience, all the 3 big ones work just fine. Caddy, Traefik, Nginx. I use Nginx.

    • @[email protected]
      link
      fedilink
      English
      55 months ago

      I have had the same experience. Have used all three at some point but mostly use nginx for new servers

  • @[email protected]
    link
    fedilink
    English
    55 months ago

    Nginx for my intranet because configuration is fully manual and I have complete control over it.

    Caddy for the public services on my vps because it handles cert renewal automatically and most of its configuration is magic which just works.

    It is unbelievable how shorter caddy configuration is, but on my intranet:

    1. I don’t want my reverse proxy to dial on internet to try to fetch new SSL certs. I know it can be disabled, but this is the default.
    2. I like to learn how stuff works, Nginx forces you to know more details but it is full of good documentation so it is not too painful compared to Caddy.
      • @[email protected]
        link
        fedilink
        English
        15 months ago

        Yes, but it is a different cron job that needs to run, and you need to monitor it for failures. Caddy does everything out of the box, including retries.

    • @[email protected]
      link
      fedilink
      English
      35 months ago

      I switched to caddy just for the certs. I get trusted certs on all my internal subdomains without maintenance.

      I use haproxy, nginx and caddy at work including a caddy instance with internal CA. 4 lines in config and its signed by our normal CA, so its trusted by all our devices.

  • @[email protected]
    link
    fedilink
    English
    15 months ago

    I highly recommend npm. It’s also the only one I’ve used, so please keep that in mind.

  • reddwarf
    link
    fedilink
    English
    75 months ago

    I use NPM in a docker container. It could not be easier in my opinion but then again, I did not use any of the alternatives so I might be missing out on something, who knows. I did manage a couple of proxy servers in the past based on Apache and I can tell you that NPM is much easier and logical to me than that.

    Just create a compose file and start it. Create DNS records pointing to your NPM IP address/exposed IP and make a host in NPM sending traffic to the right container IP:port. The compose file is super simple, could not be easier. Here’s mine for example:

    services:
      nginx-proxy-manager:
        container_name: nginx-proxy-manager
        image: 'jc21/nginx-proxy-manager:latest'
        restart: always
        ports:
          - '80:80'
          - '443:443'
        volumes:
          - ./data:/data
          - ./letsencrypt:/etc/letsencrypt
    
    

    I just make sure ports 443 and 80 are exposed on my router so DNS records can point to that IP adrdess. All traffic on port 80 gets re-routed to 443.

    I’m probably stating all the obvious things here 😀

    • Tiritibambix
      link
      fedilink
      English
      35 months ago

      I mean yes, that seems obvious now that I’ve learned this.

      But I wish I read this comment 3 years ago when I was starting to dive into self hosting. Would have saved me a bunch of time. So always assume some piece of knowledge is not obvious for someone out there and share ᕕ( ᐛ )ᕗ

      • reddwarf
        link
        fedilink
        English
        25 months ago

        So always assume some piece of knowledge is not obvious for someone out there and share

        You just described a thing of mine I cannot help but do; explain the ever loving crap out of things
        I need to be careful with that though as relatives start to complain and push back on me telling things over and over.
        Thing is, until I see a full comprehension on the other side on what I try to convey I just keep explaining in variations, keep finding metaphors and keep pestering you until you ‘get it’. Some say it is a virtue, some say it is a hindrance.

        I have had therapy on this… 😂

        • Tiritibambix
          link
          fedilink
          English
          15 months ago

          Hahaha, I can totally relate. I think we should think of it as a virtue. Continue the good work 💪

  • @[email protected]
    link
    fedilink
    English
    225 months ago

    it seems easier to manage stuff not in docker

    Read into Traefik’s dynamic configuration. Adding something outside of Docker is as easy as adding a new config file in the dynamic configuration folder. E.g. jellyfin.yml:

    http:
    
      routers:
    
        jellyfin:
          rule: Host(`jellyfin.example.org`)
          entrypoints: websecure
          tls:
            certResolver: le
          service: jellyfin
    
      services:
    
        jellyfin:
          loadbalancer:
            servers:
              - url: "http://192.168.1.5:8096/"
    

    The moment you save that file it will be active and working in Traefik.

  • @[email protected]
    link
    fedilink
    English
    15 months ago

    I really like Zoraxy. Similar to NPM but it’s its own thing and I like it a lot more

    I know how to use raw nginx/Caddy/traefik to do it, but I find the WebUI and all the extra features Zoraxy has to be very convenient and easy to use.

    • 𝕽𝖚𝖆𝖎𝖉𝖍𝖗𝖎𝖌𝖍
      link
      fedilink
      English
      325 months ago

      I mean, the basic config file for Caddy is 1 line, and gives you Let’s Encrypt by default. The entire config file for a reverse proxy can be as few as 3 lines:

      my.servername.net {
         reverse_proxy 127.0.0.1:1234
      }
      

      It’s a single executable, and a single 3-line file. Caddy is an incredible piece of software.

      • @[email protected]
        link
        fedilink
        English
        35 months ago

        When I was researching reverse proxies I first stumbled upon nginx and traefik and especially nginx seemed a bit intimidating. As someone who hadn’t done it before I was worried if I’d do it right. Then I found caddy and yeah just used a threeliner like that in config and that was that. Simple and easy to get it right.

        I’ve since switched to having my stuff behind wireguard instead of reverse proxy, but I keep caddy around so I can just spin it back up if I want to access Jellyfin on someone’s tv or something.

      • @[email protected]
        link
        fedilink
        English
        55 months ago

        Ive got a basic workflow for nginx proxy manager now so this isnt super useful but good god that’s exactly what i wish nginx was.

    • 🔰Hurling⚜️Durling🔱
      link
      fedilink
      English
      1
      edit-2
      5 months ago

      Honest noob question. I currently connect to my self hosted server using Twingate. How would this be different? can you give me an Eli5 what a reverse proxy manager would make my setup better?