Selfhosted

60001 readers

762 users here now

A place to share alternatives to popular online services that can be self-hosted without giving up privacy or locking you into a service you don't control.

Rules:

Be civil: we're here to support and learn from one another. Insults won't be tolerated. Flame wars are frowned upon.
No spam.
Posts here are to be centered around self-hosting. Please ensure it is clear in your post how it relates to self-hosting.
Don't duplicate the full text of your blog or git here. Just post the link for folks to click.
Submission headline should match the article title.
No trolling.

Resources:

selfh.st Newsletter and index of selfhosted software and apps
awesome-selfhosted software
awesome-sysadmin resources
Self-Hosted Podcast from Jupiter Broadcasting

Any issues on the community? Report it using the report flag.

Questions? DM the mods!

founded 3 years ago

MODERATORS

curbstickle@anarchist.nexus

curbstickle_lw@lemmy.world

Reverse Proxy: a single point of failure in my lab (lemmy.dbzer0.com)

submitted 5 months ago* (last edited 5 months ago) by thisisnotausername@lemmy.dbzer0.com to c/selfhosted@lemmy.world

22 comments fedilink hide all child comments

So, just for the sake of it I've been trying to get my lab to be HA -or as HA as a small homelab can be-

My current set up is a follows:

3 proxmox servers with some Debian VMs, the VMs run docker swarm

A NAS, with Truenas

ISProuter -> OpenWRTRouter -> VM [Port fowards 80/443]

This works like a charm when I am in my LAN, but when I access from outside, if the VM that has 80/443 port forwarded to is down (which it never is) I'd loose connectivity.

I have now idea how to solve this little problem in a efficient way, maybe a reverse proxy running on my OpenWRT? (Which'd only move the point of failure to my router, but if my router goes down is gameover already anyways) has anyone attempted this?

Any opinions/ideas?

Update:

Solved! I moved my traefik data to a NFS share in my NAS, replicated the container across all manager nodes and then installed keepalived and now float a VIP between them.

Works like a charm and it was super easy to set up, literally 3 ansible tasks and 1 jinja template and you are done.

Thanks to all of ya!

you are viewing a single comment's thread
view the rest of the comments

[–] Dempf@lemmy.zip 1 points 5 months ago

IIRC there's a couple different ways with Caddy to replicate the letsencrypt config between instances, but I never quite got that working. I didn't find a ton of value in a HA reverse proxy config anyways since almost all of my services are running on the same machine, and usually the proxy is offline because that machine is offline. The more important thing was HA DNS, and I got that working pretty well with keepalived. The redundant DNS server just runs on a $100 mini PC. Works well enough for me.