I’m to the point now where my little home device has enough services and such that bookmarking them all as http://nas-address:port is annoying me. I’ve got 3 docker stacks going on (I think) and 2 networks on my Synology. What’s the best or easiest way to be able to reach them by e.g. http://pi-hole and such?
I’m running all on a Synology 920+ behind a modem/router from my ISP so everything is on 192.168.1.0/24 subnet, and I’ve got Tailscale on it with it as an exit node if that helps.
I use nginx proxy manager to reach all my services via servicename.domain.com for example.
https://nginxproxymanager.com/
Nginx proxy manager is really simple to use. Again it runs as a container and uses let’s encrypt certificates.
Ugh. I really gotta switch to this. I started out by using Apache because that’s what I use for work, and just what I know. I create the configs and get the certificates from Let’s Encrypt manually. But now I have so many services that switching to something else feels daunting. But it’s kind of a pain in the ass every time I add something new.
Other than writing an entry in my docker-compose.yml that was all the configuration required. The rest is in the GUI and it’s super simple.
Oh, I don’t have a GUI for my server. But I’m sure they have a command line interface for it, right?
I mean nginx proxy manager is managed by a GUI/web interface.
Oh right a web interface. That makes more sense. 😅
Yeah, I really do need to get around to setting that up…
get the certificates from Let’s Encrypt manually
https://httpd.apache.org/docs/2.4/mod/mod_md.html just add
MDomain myapp.example.org
to your config and it will generate Let’ Encrypt certs automaticallyit’s kind of a pain in the ass every time I add something new.
You will have to do some reverse proxy configuration every time you add a new app, regardless of the method (RP management GUIs are just fancy GUIs on top of the config file, “auto-discovery” solutions link traefik/caddy require you to add your RP config as docker labels). The way I deal with it, is having a basic RP config template for new applications [1]. Most of the time
ProxyPass/ProxyPassReverse
is enough, unless the app documentation says otherwise.