Hello, I have a question regarding the usage of a reverse-proxy which is part of a docker network.

I currently use Nginx Proxy Manager as a reverse-proxy for all my services hosted in docker. This works great since I can simply forward using each containers name. I have some services however (e.g. homeassistant) which are hosted separately in a VM or using docker on another device.

Is it possible to use the same reverse-proxy for those services as well? I haven’t found a way to forward to hosts outside of the proxies docker network (except for using the host network setting which I would like to avoid)

    • Scrath@lemmy.dbzer0.comOP
      link
      fedilink
      English
      arrow-up
      0
      ·
      10 months ago

      By exposed you basically mean that I can reach them using my browser? I can reach my homeassistant web ui on port 8123 but when I try to forward to that port with the servers IP I get a 400 Bad Request error. I’m not sure if this is caused by nginx being unable to forward or by homeassistant not accepting the connection somehow

      • rambos@lemm.ee
        link
        fedilink
        English
        arrow-up
        0
        ·
        edit-2
        10 months ago

        For homeassistant I had to add this in configuration.yaml

        http:
          use_x_forwarded_for: true
          trusted_proxies:
            - 172.21.0.2
        

        Where 172.21.0.2 is my NPM docker IP

        Edit: its NPM IP and not HA like I wrote first time

        • tarmarbar@startrek.website
          link
          fedilink
          English
          arrow-up
          0
          ·
          10 months ago

          This. Also, make sure the proxy is proxying websocket traffic as well. I do it with pure nginx like this:

          server {
              listen 80;
              server_name example.com;
          
              location / {
                  proxy_pass http://192.168.1.100:8123/;
                  proxy_set_header Host $host;
                  proxy_set_header X-Real-IP $remote_addr;
                  proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
                  proxy_set_header X-Forwarded-Proto $scheme;
          
                  # WebSocket support
                  proxy_http_version 1.1;
                  proxy_set_header Upgrade $http_upgrade;
                  proxy_set_header Connection "upgrade";
              }
          }
          
        • Scrath@lemmy.dbzer0.comOP
          link
          fedilink
          English
          arrow-up
          0
          ·
          10 months ago

          Thanks. I tried it like this and still get a 400 Bad Request error.

          Someone below mentioned adding some more IPs to the trusted_proxies list so I tried that as well without result. The IP I used for the reverse-proxy is the IP listed in portainer under the network for the proxy container. Just to reiterate, the container is running on a different device than homeassistant (technically same device but different VM but that shouldn’t make a difference).

          http:
            use_x_forwarded_for: true
            trusted_proxies:
              - 192.168.208.2 # IP of reverse-proxy in its network
              - 192.168.208.0/20 # Subnet of proxy docker network
              - 192.168.1.103 # HA IP
          
      • David From Space@orbiting.observer
        link
        fedilink
        English
        arrow-up
        0
        ·
        edit-2
        10 months ago

        If you have any kind of firewall on your network, you might make sure it’s not blocking that port with a rule. Here’s a couple screenshots from my setup in case that helps.

        The config in NPM

        The config in HA’s configuration.yaml

        Try adding just the NPM IP and HA IP first, then add the docker internal network as well if you still have issues.