10
submitted 11 months ago* (last edited 11 months ago) by Scrath@lemmy.dbzer0.com to c/selfhosted@lemmy.world

Hello, I have a question regarding the usage of a reverse-proxy which is part of a docker network.

I currently use Nginx Proxy Manager as a reverse-proxy for all my services hosted in docker. This works great since I can simply forward using each containers name. I have some services however (e.g. homeassistant) which are hosted separately in a VM or using docker on another device.

Is it possible to use the same reverse-proxy for those services as well? I haven't found a way to forward to hosts outside of the proxies docker network (except for using the host network setting which I would like to avoid)

you are viewing a single comment's thread
view the rest of the comments
[-] rambos@lemm.ee 9 points 11 months ago* (last edited 11 months ago)

For homeassistant I had to add this in configuration.yaml

http:
  use_x_forwarded_for: true
  trusted_proxies:
    - 172.21.0.2

Where 172.21.0.2 is my NPM docker IP

Edit: its NPM IP and not HA like I wrote first time

[-] tarmarbar@startrek.website 5 points 11 months ago

This. Also, make sure the proxy is proxying websocket traffic as well. I do it with pure nginx like this:

server {
    listen 80;
    server_name example.com;

    location / {
        proxy_pass http://192.168.1.100:8123/;
        proxy_set_header Host $host;
        proxy_set_header X-Real-IP $remote_addr;
        proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
        proxy_set_header X-Forwarded-Proto $scheme;

        # WebSocket support
        proxy_http_version 1.1;
        proxy_set_header Upgrade $http_upgrade;
        proxy_set_header Connection "upgrade";
    }
}
[-] Scrath@lemmy.dbzer0.com 1 points 11 months ago

Thanks. I tried it like this and still get a 400 Bad Request error.

Someone below mentioned adding some more IPs to the trusted_proxies list so I tried that as well without result. The IP I used for the reverse-proxy is the IP listed in portainer under the network for the proxy container. Just to reiterate, the container is running on a different device than homeassistant (technically same device but different VM but that shouldn't make a difference).

http:
  use_x_forwarded_for: true
  trusted_proxies:
    - 192.168.208.2 # IP of reverse-proxy in its network
    - 192.168.208.0/20 # Subnet of proxy docker network
    - 192.168.1.103 # HA IP
[-] rambos@lemm.ee 1 points 11 months ago

My NPM window looks the same as yours. Im not sure mate, I would try disabling firewall just to see is that the problem. Im not expert in that area and nothing else comes to my mind sorry. Im also running everything under one host

this post was submitted on 28 Jan 2024
10 points (91.7% liked)

Selfhosted

40717 readers
150 users here now

A place to share alternatives to popular online services that can be self-hosted without giving up privacy or locking you into a service you don't control.

Rules:

  1. Be civil: we're here to support and learn from one another. Insults won't be tolerated. Flame wars are frowned upon.

  2. No spam posting.

  3. Posts have to be centered around self-hosting. There are other communities for discussing hardware or home computing. If it's not obvious why your post topic revolves around selfhosting, please include details to make it clear.

  4. Don't duplicate the full text of your blog or github here. Just post the link for folks to click.

  5. Submission headline should match the article title (don’t cherry-pick information from the title to fit your agenda).

  6. No trolling.

Resources:

Any issues on the community? Report it using the report flag.

Questions? DM the mods!

founded 2 years ago
MODERATORS