I’ve been running 2 linodes for a number of years now - one has my website (wordpress) on it and one has a Foundry VTT server running. Both are separate linodes, and I use Google Domains to point [site.tld] to the wordpress VPS and foundry.[site.tld] to the other linode.

For a few services I run at home within my own network (Sonarr, Lidarr, Plex, etc.) I’ve started to use Docker and Portainer, and I like how easy it is to set things up (and remove them if they don’t work). I’d like to redo my VPS similarly - I’d like to have a single linode, as a Docker host, and have the main domain point to a Wordpress container, a subdomain point to a Foundry container, and be able to easily add other containers for something like freshrss, etc. My goal is to be able to quickly spin up a docker via a compose file (portainer would be preferred), have it automatically reach out to letsencrypt to get a cert for the relevant subdomain, and have that subdomain point to that docker container.

I’ve been doing some searching around, and there seem to be a number of options, things like nginx reverse proxy, traefik, etc. and there are a lot of conflicting results.

Does anyone here have an opinion on this or some advice as to what the best option to look into might be?

  • styx@lemmy.world
    link
    fedilink
    arrow-up
    1
    ·
    edit-2
    1 year ago

    I sugget using Caddy. It’s insanely easy, handles SSL so you don’t need Let’s Encrypt (it uses LE under the hood), has a reverse_proxy command that is 1-3 lines. I dabbled with Apache2 for a time, and I can say switching to Caddy was the best decision.

    I now have a DNS server, syncthing, nextcloud, grafana and a few more stuff all behind reverse proxy, SSL handled by caddy. Some of them point to file servers for different paths (i.e. stuff.example.com/admin goes to a website and stuff.example.com goes to the service) and the configuration is less than 5 lines.

  • Matthew@lemmy.piperservers.net
    link
    fedilink
    arrow-up
    1
    ·
    1 year ago

    I have had an issue with updates to Nginx Proxy Manager breaking itself in the past so I switched to Traefik.

    NPM is much more user-friendly when it works. However, as mentioned, Traefik integrates directly with docker through labels, making it very convenient if not a bit more of a learning curve.

    So far, the only annoyance I have with Traefik is that I haven’t found a very easy way to host itself on a separate server from where the containers are running because it uses the docker.sock file to pick up the labels on running containers automatically. Instead, I manually create files for the files provider. I don’t think this is an issue if you are using Kubernetes, but I haven’t gotten all the way down that road quite yet, as it is a bit overkill for me.

  • vividspecter@lemmy.world
    link
    fedilink
    arrow-up
    1
    ·
    edit-2
    1 year ago

    I’ll throw in SWAG as another option which I found was easiest to setup, albeit it on a VPN/local only setup. It supports certbot for SSL and pre-defined proxy configs for various services (mostly linuxserver.io containers but there are others) and it’s easy to edit them to make your own configs. I’m not sure about portainer support as I’m not familiar with that.

  • Lupec@lemmy.lpcha.im
    link
    fedilink
    arrow-up
    1
    ·
    edit-2
    1 year ago

    As someone who’s used pretty much every solution out there at some point, I have thoughts on the main contenders:

    • Traefik is great if you’ve got a purely docker setup. It’s extremely powerful and the dashboard is quite nice, but it’s quite complex and it’s got a lot of moving parts. Docker integration works great but the whole label configuration thing is clunky, and the documentation can be confusing.
    • Caddy ingests a dead simple config and just works. Can easily handle cert renewal behind the scenes without you even having to think about it, drop the dynamic DNS one in and you basically have it all covered. There’s even one that gives it Traefik-like capabilities, although I can’t speak for how well it works in practice.
    • NPM works great if you’re more of a GUI person, very straightforward and impossible to screw up but a bit more annoying to go off the beaten path imo

    I personally favor Caddy these days, but they’re all solid choices.

  • knaak@lemmy.world
    link
    fedilink
    arrow-up
    0
    ·
    1 year ago

    I use NPM which is also a docker image and has automatic let’s encrypt and a nice interface. Nginx Proxy Manager.