3. Can someone explain Nginx/Apache reverse proxy and how to use it?

Can someone explain Nginx/Apache reverse proxy and how to use it?

The simplest way I can describe it, is the scenario in which I use it.

So, ports 80 and 443 (HTTP/HTTPS) come in from the internet, hit my Modem, go through my Firewall, and hit my reverse proxy VM. From there, that reverse proxy can do a few things. Sometimes, it'll do high availability and clustering. Maybe it does caching. In my case, it just routes requests around based on sites-available and sites-enabled.

  • I have VMware vCenter Server. It has the vSphere Web Client.
  • I have two domain names. One personal, one professional-personal.
  • I have a blog for one set up, and I have a resume for another one set up.
  • I have a router which I'd like to access externally. Not just DD-WRT which is my home-production, but pfSense, which is my homelab's gateway.
  • I have an OpenHAB server. I might also have Plex. Maybe I also have uTorrent web interface.

But at the end of the day, what else do I have that holds me back? ONE SINGLE IP ADDRESS.

So when I go to my.personal.domain or my.professional.domain, they point to the same IP. From there, port 80 and 443, if not reverse proxied, will always serve up the same website. If I want plex instead of OpenHAB, I have to go to one of my two domains, :DIFFERENTPORT.

The problem is that my person blog can be on port 80. But port 80 doesnt care whats being asked - what domain or subdomain. It serves the site, that's that. So if I wanted my router? :8080. If I wanted OpenHAB? :5060. Etc. All sites have to be on different ports when they hit my firewall.

Enter, the reverse proxy, scanning HTTP request headers.

When my browser wants to go to my.personal.domain, it does a DNS lookup. GoDaddy gives it my one single IP address. It then gets to Apache Reverse Proxy. It doesnt just say "gimme a website," It says in the request header, "give me my.personal.domain" apache responds.

So, I have my.personal.domain, and also:

  • plex.personal.domain,
  • openhab.personal.domain,
  • resume.professional.domain
  • email.professional.domain (Google Apps for Work - I dont agree with hosting email at home, thats a different story).

You get the story. Lots of subdomains. ALL of these subdomains, point to one IP: the only IP I have. They hit my reverse proxy's port 80.

My reverse proxy says, "Oh you want resume.professional.domain? Let me get that," so then Apache Reverse Proxy will call out to another web server's port 80 within my lan. Anything Apache gets, it ships out.

"Oh, you want OpenHAB.personal.domain?" so it connects to my home automation server, and any HTTP data it gets, it sends over. This goes in both ways. So when I flip an HTML5 switch, the data hits the reverse proxy, the reverse proxy ships that data back to OpenHAB, OpenHAB ships it over Zwave, my lights adjust.

It is a gateway, literally. It is like an HTTP router. An HTTP connection comes in, and based on yours sites-enabled in Apache for example, it will get the data from the LAN for you. So you don't have to do any stupid NAT bullshit and say, "my resume is at domain.com:5734" instead of just "resume.domain.com"

Hope that clears it up!

For high availability or clustering, it just takes that request, and round-robin (for example) forwards it on to one server. If it finds out that one server died, it routes everything to another server which has the same website. Distributes the load within the LAN, without doing any complex port forwarding stuff.

For caching, instead of sending out that request, Apache will just go "Oh, I have the data right here." and gets it without shipping any requests out.

/r/homelab Thread
Previous
Next

Recently removed from /r/homelab

Anyone make the switch from pfsence to opnsense recently? Routing a device through another device on the same LAN The Post Formerly Known as Anything Friday - March 2023 Edition "Homeserver" in Data Center due to high energy prices in Germany The Post Formerly Known as Anything Friday - January 2023 Edition Rack servers Setting up a home-from-home lab at a remote site with only a captive portal WiFi connection available (aspirational project!) GPU passthrough issues Cheapest way to connect to home network when I move? Looking for advice to start my home lab journey Newbie looking for advice on current situation Anyone built a server rack / cabinet out of wood? Picked this beast up for $40 last night, 2x Xeon 5670’s and 8gb ram that I upgraded to 24! I’m super excited to have it as my server! Proxmox CentOS 7 Container, Login? (Feel Dumb) Installed this for a client

More Random Comments

College or real estate? [pubQ] Proper way to leave your literary agent? IT GETS BETTER TIPS - READ IF SUPER ANXIOUS. I HAVE BEEN THERE. Can we talk about boring? Who do you want next? Had to pay 50 cent to use the restroom, but there is a cutout for kids to use it free. How to Obtain a Title Search I am fucking furious about a situation with my [22M] friend group [mix of 22 and 21 F] Discovery timeline?? Sex advice - please be kind! Broker I work for won't let me take the test for at least another month and a half.. Feeling discouraged. I want to speak up about my self harm and suicide attempt Amber Heard's testimony from last year aging like fine wine Help on becoming self-employed/freelance in Luxembourg I feel like Sakura’s deep love for Sasuke doesn’t really make sense. He was never nice to her and then tried to kill her. Her love all stems from her thinking he was hot when they were kids. She deserves better than him.