Single webserver for multiple service webinterfaces - eviltoast

Hi all, I’m rather new to the whole selfhosting stuff and only have limited experience (ran everything on my Raspberry). Now I’ve finally a real server I can use and I’m currently planning what I want to host.

There will be multiple service which have an web interface, like portainer, wireguard, nhost and so on and then there will be my personal developer portfolio website. Everything dockerized.

Say I have the domain “domain.com” which should point at my website. The other services either run on different ports, say domain.com:1234 or with different paths like domain.com/service. Both isn’t great. I could either use a reverse proxy which redirects to subdomains or use virtualhosts. Both should work imo (any thoughts on what to use?). Now that every ports other than 80, 443 and 22 are closed things should be somewhat safe. Anyways, I’m a bit concerned about having tens of webservers for each service, how can I be sure that all of them are safe and up to date?

That leads to my question: could I use a single webserver for all the service webinterfaces? And if so, how would I configure that?

Thanks!

  • SensualHobo@alien.topB
    link
    fedilink
    English
    arrow-up
    1
    ·
    1 year ago

    Another +1 for reverse proxy to do this. Caddy is a good option. I am a fan of Nginx Proxy Manager myself. I have a domain name and in the DNS servers I redirect to the local IP of my host server. This way my website or subdomains can only be accessed if someone is connected to my home network.

    After you do this, you need to know the port you exposed the web server on (e.g: 127.0.0.1:9090 ), then go into your proxy manager and make a rule where 'mydomain.com/service points to this. However, I prefer to use sub-domains like ‘service.mydomain.com’. The only downside of a reverse proxy is that setting up services that use CORS can be quite fiddly to set up.

    edit: I ported my domain to Cloudflare dns servers since it’s easy to create an SSL wildcard certificate to force https on my sites. No ports are exposed outside of the local network so it’s relatively safe.