37
submitted 1 year ago by ultraHQ@lemmy.one to c/selfhost@lemmy.ml
top 50 comments
sorted by: hot top controversial new old
[-] antik@lemmy.world 16 points 1 year ago* (last edited 1 year ago)

For me it's https://nginxproxymanager.com/ it's just so easy to setup and use. One docker command and you're up and running with a nice webinterface to manage access to your docker instances with ssl. I heard good things about Traefik too but I have no personal experience with that one. NPM does everything I need and if it ain't broken... :)

Edit: because people love screenshots https://nginxproxymanager.com/screenshots/

[-] DarkwinDuck@feddit.de 2 points 1 year ago

I used Traefik on my Docker stack and it's pretty neat, though it took some time for me to get my head around how to configure it correctly.

[-] antik@lemmy.world 1 points 1 year ago

Yeah seems like I was lucky to find what I needed on the first try. A colleague of mine was using Traefik but switched to NPM because it's so easy to use.

[-] lvl@beehaw.org 2 points 1 year ago

I second that. Amazing easy to use, configure, supports (LetsEncrypt) certificates via DNS-01 challenge and integrates with ease with most DNS providers.

Paired with authentication providers (keycloak, authelia, authentik), the "advanced" textbox lets you do forward proxying really easy, or customize your "basic proxy".

I'm not sure how many of these features are present in Traefik, it would be really nice if any of you know if any of these are easily supported in it:

  • Forward proxying
  • Custom rewrites (nginx internal; rewrites)
  • Unattended DNS-01 support with ACME (LetsEncrypt)
[-] eric@lemmy.world 1 points 1 year ago

I second NPM. As you mentioned it’s been very easy to use, but I also haven’t been trying to do anything complicated.

I’ve never used load balancing so perhaps Caddy or Traefik is easier to use than NPM in that regard, but I wouldn’t know.

[-] wizjenkins@lemmy.wizjenkins.com 3 points 1 year ago

Yes NPM is for basic reverse proxying, so one URL to one server. If you wanted to scale and load balance across multiple servers you'd need regular nginx with a text config file since you literally can't configure a second or third server.

And I'd still find that easier than Traefik, but maybe that's just because I've been using Apache2 and nginx for like a decade at this point so it's what I know.

[-] frap129@lemmy.maples.dev 1 points 1 year ago

I used NPM for a very long time, but after I switched to podman, DNS name resolution for containers stopped working in NPM, they work fine in every other container. Switched to caddy and it's okay, it only supports HTTP transports so I can't use it as a gateway for my DoH/DoT server, but that's not a huge deal. Once NPM works properly on podman I may switch back

[-] d4nm3d@reddthat.com 1 points 1 year ago

I've been using NPM for years.. but since 2.10.3 broke SSL certificates and there's been literally no interest from JC21 to fix the problem (there's a PR ready to go) i've been forced to look elsewhere and have settled on caddy for now..

load more comments (4 replies)
[-] poVoq@slrpnk.net 7 points 1 year ago

Nginx, because it works well and most open-source projects provide good examples for it when setting up things.

[-] eight_byte@feddit.de 2 points 1 year ago

Same for me. You need the read into the documentation a bit, but once you understand how it works its fairly easy.

[-] nick_99@sh.itjust.works 6 points 1 year ago

I use NGiNX and have ever since I started. It just works and is easy to configure.

[-] darkfoe@lemmy.serverfail.party 2 points 1 year ago

Same. I know it's more work than caddy etc, but I've been doing it for eons now so it's muscle memory at this point.

[-] privateger@lemmy.plasmatrap.com 5 points 1 year ago

nginx. Traefik is near unusable if you ever need something that isn't dockerized. Caddy seems neat, but I miss some options you get with nginx.

nginx is just... good in all aspects.

[-] 360MustangScope@lemmy.ml 5 points 1 year ago* (last edited 1 year ago)

Caddy, slapping essentially 2 lines into a config file and my reverse proxy is ready for my local network and websites? Can’t really beat that

[-] domi@lemmy.secnd.me 5 points 1 year ago

Traefik, because I can configure it with labels on my containers and don't have to deal with the proxy config every time I add a new service.

Used nginx for years but it's starting to show the signs of its age, same as Apache did a few years before that.

[-] Malin@omg.qa 4 points 1 year ago

HaProxy for most of the stuff and Nginx for very limited stuff. Or a combination between HaProxy and Nginx in some very special cases.

[-] grygon@lemmy.ml 4 points 1 year ago

Caddy for general reverse proxy stuff, works like magic and makes certs, routing, etc just work.

I also have a lot of my stuff subsequently reverse proxied behind Authentik for anything that shouldn't be exposed to the public internet

[-] overtinker@lemmy.world 1 points 1 year ago

I love that about Caddy as well, it just works!

Do you know of any tool that can help me look at overall traffic that goes through it?

Right now I am using Mullvad through gluetun to essentially route traffic to my services without opening ports on my router and I am just curious what sort of traffic is hitting my server seeing how (I hope) isolated my address seems to be (servicename.mydomain.tld:)

I will soon migrate this reverse proxy setup to a VPS since Mullvad will be sunsetting their port forwarding feature soon but I am still in need of a tool that can show me what sort of traffic goes through Caddy. Something like countries, IPs and services that they are trying to access as well as the request types.

[-] Perhyte@lemmy.world 1 points 1 year ago* (last edited 1 year ago)

Do you know of any tool that can help me look at overall traffic that goes through it?

I haven't looked in detail at the Monitoring Caddy documentation page and haven't used this myself, but apparently it can be configured to emit a bunch of metrics in Prometheus format.

Something like countries, IPs and services that they are trying to access as well as the request types.

Oh, for that kind of thing you'd need to parse the log files instead. GoAccess maybe?

[-] Tyr3al@feddit.de 4 points 1 year ago

For me it’s traefik. It’s took me a while to get it working, but it’s actually really easy now. Setting up container access with labels is very convenient!

[-] 1337admin@1337lemmy.com 4 points 1 year ago

Apache.

I started my self hosted journey over a decade ago and from what I remember most of the guides were for apache so that's what I learned. Over the years Ive added so much that to re-do everything would take down my stuff while I figure it out and I just haven't found it worth it.

Although it's harder to keep it up these days, even setting up my Lemmy instance was a pain because nobody has apache guides anymore so you have to figure it out yourself

[-] rimu@lemmy.nz 2 points 1 year ago

If you published an Apache guide I'm sure it would be popular.

[-] alcoholic_chipmunk@lemmy.world 1 points 1 year ago

Fellow Apachian! It's how I learned how to make a reverse proxy initially and just never saw the point in learning something else (though to be fair haven't had to make a reverse proxy recently).

[-] toketin@feddit.it 3 points 1 year ago

Swag container of linuxserver, it's a nginx reverse proxy

[-] cnschn@lemmy.cnschn.com 3 points 1 year ago

One more vote for Caddy, everything just works, simple things are simple but you have a lot of flexibility for more complex situations.

I use Caddy, but recently realising it's not good enough. Dealing with any traffic that's not HTTP/s puts you in a pickle.

[-] rolaulten@lemmy.ml 3 points 1 year ago

Let's see. At work it's a mix between apache (I'm slowly replacing with nginx as services are migrated) and aws's alb ingress controller (while I'm not a fan, it lets me use acm certs).

At home it's all nginx.

[-] Ekis@beehaw.org 3 points 1 year ago

I made the switch from NGINX to Caddy. For me, configuring Caddy is much more simple than configuring NGINX. Also Caddy automatically obtains and renews SSL certificates.

So, Caddy's simplicity is what won me over. I don't care about speed since I'm the only user of my self-hosted services.

[-] carlyman@lemmy.ml 2 points 1 year ago* (last edited 1 year ago)

Went from Nginx (and I pushed it hard on others to use) to NPM to Traefik to Caddy. Caddy is just simple, easy setup for Certs, and integrates easily with Authelia.

[-] slashzero@hakbox.social 2 points 1 year ago* (last edited 1 year ago)

Of the three I've always used nginx. Easy to setup, and it works. Plus, on a docker based self-hosted instance nginx is preinstalled. The other bonus is it is well documented as a lot of people use it.

[-] dimspace@lemmy.ml 2 points 1 year ago* (last edited 1 year ago)

Apache. My server is kinda stuck in 2018.

Every time something has an update I need to remember how I installed it to start with, a script? From source? By some other random method? I've got gitea waiting to update but I really can't remember how I installed it to start with 🤣🤣

So yeh, Apache, because it first works with my tangled mess

[-] pitbuster@lemmy.ml 2 points 1 year ago

Caddy, the configs are usually pretty simple to get you started (specially the for free https in the standard setup).

[-] mike@lemmy.nine-hells.net 2 points 1 year ago

I used to use Traefik but switched to Caddy. I like how easy it is to configure a new reverse proxy for one of my containers. Literally 3 new lines in my Caddyfile, restart the caddy container and away it goes getting certificates etc.

[-] Edo78@feddit.it 1 points 1 year ago

I'm not a Caddy expert (nor a Traefik one) but with Traefik I didn't even have to add any line to its config. I just use a template docker-compose and set the domain and the port.

[-] mike@lemmy.nine-hells.net 2 points 1 year ago

Yeah from memory (was a while ago), Traefik hooks into the docker socket to auto-discover containers that have a specific label? Might not be remembering that correctly.

[-] lidstah 2 points 1 year ago
  • almost everywhere: HAProxy. I like the syntax, ACLs, map files, stick-tables... there's too much to say in a single post, but I use it since 2012 and it never failed me, whatever the need, both at home and at work.
  • kubernetes: ingress-nginx. Mostly because it's the first one I tried back in the days and it just works :). Although I should try one of the haproxy based ingresses, or Traefik, which seems interesting too.
[-] mariom@lemmy.world 2 points 1 year ago

Depends ;)

Private: Traefik, as it was default on k3s and I just get used to it. Work: mostly Nginx

[-] tjes@lemmy.world 1 points 1 year ago

Traefik as the ingress for my container hosts, and nginx as an additional layer for public facing stuff.

The nginx layer functions as an additional layer to set up access policies.

[-] UntouchedWagons@lemmy.ca 1 points 1 year ago* (last edited 1 year ago)

In the past I've used SWAG and NPM and then later traefik when I was using Docker, but now that I've switched to Kubernetes I only use Traefik which oddly is an altogether different beast than Traefik for Docker which I find odd. On K8S traefik is pretty straightforward to use while on Docker it's a bit of a mess so much so that I made a github repo about how to set it up

- This somehow got posted even though I had only clicked Preview, don't know how that happened -

so that others in the future could figure out how to get Traefik working in docker because the documentation was kinda terrible.

I also tried Caddy (2 I think) but couldn't get it to work because the documentation was awful and in order to use DNS based authentication for LE certs you have to make your own docker container which is nuts; and there's no documentation for that either (at least none that I could find)

[-] ycnz@lemmy.nz 1 points 1 year ago

Traefik across 3 nodes internally for its Nomad service discovery. HAProxy for my non-Nomad stuff.

[-] tupcakes@midwest.social 1 points 1 year ago

Another nomad person! There are dozens of us!

[-] d4nm3d@reddthat.com 1 points 1 year ago

I've switched from NginxProxyManager to Caddy as i don't like the fact that 2.10.3 has just broken the certificate side of things...

The thing i really miss is having a GUI to handle things but having cockpit on the same system makes a (poor) suitable replacement.

[-] Hylia@lemmy.ml 1 points 1 year ago

nginx if only because I can't bring myself to spend the time it would take to try out a new one. I should probably take another swing at traefik sometime

[-] Elbullazul@lem.elbullazul.com 1 points 1 year ago

Nginx, more specifically lsio's SWAG container. I like using it because of it's flexibility, relative ease of use and integration with authelia/authentik

load more comments
view more: next ›
this post was submitted on 10 Jun 2023
37 points (100.0% liked)

Self Hosted - Self-hosting your services.

11514 readers
15 users here now

A place to share alternatives to popular online services that can be self-hosted without giving up privacy or locking you into a service you don't control.

Rules

Important

Beginning of January 1st 2024 this rule WILL be enforced. Posts that are not tagged will be warned and if not fixed within 24h then removed!

Cross-posting

If you see a rule-breaker please DM the mods!

founded 3 years ago
MODERATORS