Hi everybody.

How should I setup reverse proxy for my services? I’ve got things like jellyfin, immich a bitwarden running on my Debian server in docker. So should i install something like nginx for each of these also in docker? Or should I install it from repository and make configs for each of these docker services?

Btw I have no idea how to use something like nginx or caddy but i would still like to learn.

Also can you use nginx for multiple services on the same port like(443)?

  • ippocratis@lemmy.mlEnglish
    0·
    3 days ago

    He he didnt but thats what he meant

    I mean 99% of users use reverse proxy for https public access

    Also read the threat replies …

    That’s what this thread is about

    No?

    • WhyJiffie@sh.itjust.worksEnglish
      0·
      2 days ago

      if that’s true, I assume it is because they don’t know about the security consequences, nor about more secure ways. and for 99% that is the worst solution, because they won’t tighten security with a read only filesystem, DMZ and whatnot, worse, they won’t be patching their systems on schedule, but maybe in a year.

      99% users should not expose any public services other than wireguard or something based on it. on a VPS the risk my be lower, but on a home network, hell no!

      • ippocratis@lemmy.mlEnglish
        0·
        2 days ago

        Ok I’m not any networking expert but I think you are overestimating the risk here.

        Opening a port doesn’t mean you are opening your whole home network just the specific services you want. And those not directly but with a web server in front of them . Web servers talked in this tgread that sit in front of open ports are well audited . I think that measures like mtls a generic web server hardening are more than ok to not ever be compromised.

        But yeah I’m surely interested to listen if you could elaborate.

        Thanks