So to start off I am trying to get all my internal websites working on a SSL cert. Thus meaning I need a domain to easily make this work, but what I am running into is loopback… at least I think that’s the right term. So on the “internal” webhost machine is running apache2. It also runs docker that has been setup that I can get standard 192.168.1.* addresses for example. (not my actual subnet.) The webserver has 192.168.1.3 for example and the service I’m trying to reverse proxy is on 192.168.1.4 that is a docker container running on the same NIC. How do I get the two IP’s to talk to each other? I would rather not have to keep typing the IP.

  • DarkKnytB
    link
    fedilink
    English
    arrow-up
    1
    ·
    1 year ago

    If you are trying to access something in your lan that has an http(s) address pointed at it you are looking for hairpin NAT. This is not enabled by default.

    But you need to look up how reverse proxies work. In short,.you point your ANAME or CNAME to your router, you forward those ports to your reverse proxy, the reverse proxy resolves the A/CNAME, and then it points to the right internal LAN address and port. That last bit has all sorts of it’s own problems including making sure those two IPs can talk to each other (which they should because they are on the same subject but idk, firewall?)

    Fwiw, you can always resolve host names at your router and not have an external domain name. This is only required if you want to expose it externally and want to get to it easily/use a public SSL authority like let’s encrypt.