Homelab

977 readers

1 users here now

Rules

Be Civil.
Post about your homelab, discussion of your homelab, questions you may have, or general discussion about transition your skill from the homelab to the workplace.
No memes or potato images.
We love detailed homelab builds, especially network diagrams!
Report any posts that you feel should be brought to our attention.
Please no shitposting or blogspam.
No Referral Linking.
Keep piracy discussion off of this community

founded 2 years ago

MODERATORS

communick@selfhosted.forum

rglullis@communick.news

Need help with network config... (alien.top)

submitted 2 years ago by MrILikeTurtleMan@alien.top to c/homelab@selfhosted.forum

1 comments fedilink hide all child comments

So to start off I am trying to get all my internal websites working on a SSL cert. Thus meaning I need a domain to easily make this work, but what I am running into is loopback... at least I think that's the right term. So on the "internal" webhost machine is running apache2. It also runs docker that has been setup that I can get standard 192.168.1.* addresses for example. (not my actual subnet.) The webserver has 192.168.1.3 for example and the service I'm trying to reverse proxy is on 192.168.1.4 that is a docker container running on the same NIC. How do I get the two IP's to talk to each other? I would rather not have to keep typing the IP.

top 1 comments

sorted by: hot top controversial new old

[–] DarkKnyt@alien.top 1 points 2 years ago

If you are trying to access something in your lan that has an http(s) address pointed at it you are looking for hairpin NAT. This is not enabled by default.

But you need to look up how reverse proxies work. In short,.you point your ANAME or CNAME to your router, you forward those ports to your reverse proxy, the reverse proxy resolves the A/CNAME, and then it points to the right internal LAN address and port. That last bit has all sorts of it's own problems including making sure those two IPs can talk to each other (which they should because they are on the same subject but idk, firewall?)

Fwiw, you can always resolve host names at your router and not have an external domain name. This is only required if you want to expose it externally and want to get to it easily/use a public SSL authority like let's encrypt.