this post was submitted on 18 Dec 2023
10 points (91.7% liked)

Selfhosted

40006 readers
1126 users here now

A place to share alternatives to popular online services that can be self-hosted without giving up privacy or locking you into a service you don't control.

Rules:

  1. Be civil: we're here to support and learn from one another. Insults won't be tolerated. Flame wars are frowned upon.

  2. No spam posting.

  3. Posts have to be centered around self-hosting. There are other communities for discussing hardware or home computing. If it's not obvious why your post topic revolves around selfhosting, please include details to make it clear.

  4. Don't duplicate the full text of your blog or github here. Just post the link for folks to click.

  5. Submission headline should match the article title (don’t cherry-pick information from the title to fit your agenda).

  6. No trolling.

Resources:

Any issues on the community? Report it using the report flag.

Questions? DM the mods!

founded 1 year ago
MODERATORS
[email protected]
[email protected]
[email protected]
[email protected]
[email protected]
[email protected]
10
Mailu+Photoprism using Traefik, NGINX, & Cloudflare (lemmy.world)
submitted 10 months ago by [email protected] to c/[email protected]
7 comments fedilink hide all child comments
 

Hello, I recently got into Photoprism and it's now my one and only app that I care to spend time feeding. Except Google says I'm running out of space please buy more and I want to do badly but nah. So I found mailu to be a pretty simple docker. Photoprism was working so well initially as dynamic DNS and then I moved to Cloudflare and the world opened up for more. Cloudflare wanted money for portzilla so I found NGINX and that reverse proxy manager is awesome. However I could not figure out how to set it up to get mailu working. I found hints that Traefik could fix that with simple yml files per each service. Could someone please share some info on this? I so far have gotten Traefik to come up but then followed a YouTube video to add TLS and I'm not able to login internally or externally. I think the cloudflare connection is working because I get the same 404 error page as I do locally with 10.178.35.83:9080 as an example I get the same page as "my page.com". The video said to expect that but did not elaborate as to how they fix it or how they bring NGINX under the traefik umbrella.

https://youtu.be/XH9XgiVM_z4?si=G8BQXd3zO5AhILy-

He has the config files here:

https://github.com/JamesTurland/JimsGarage/tree/main

I used his version 3 per the video, but now I can't get to the dashboard.

Anyway after I do figure out this dashboard, the next hurdle would be to figure out how to setup mailu so I can send emails to [email protected]

I'm behind an ONT, which can forward ports and then a Unifi Controller with USG which can also forward ports. Currently I'm forwarding 80 and 443 on both right to the computer holding docker.

you are viewing a single comment's thread
view the rest of the comments
[–] [email protected] 3 points 10 months ago (1 children)

Think of the path the user go form their browser to your service as a children’s connect the dots game. They must go from their browser, to the internet, … eventually to your service, each step doing one thing to get closer to the service and back. Both Traefik and Nginx reverse proxy does the same thing, routing traffic from the entry point to your service, so you don’t need both.

I think the path currently might look something like this:

User -> Internet -> Cloudflare DNS (port 80/443) -> Cloudflare Tunnel (inside your network) -> Traefik (port 80/443) -> Service A

And now you want to add an extra route that goes something like:

User -> Internet -> Cloudflare DNS (port 80/443) -> Cloudflare Tunnel (inside your network) -> Nginx Reverse Proxy (can’t use port 80/443 because it’s taken by Traefik, so port XYZ but that costs a fee) -> Service B

If this understanding is correct, I’d recommend simplifying to just either Traefik or Nginx, as both does the same job of routing traffic from your entrypoint (Cloudflare tunnel) to your service.

For a Traefik based setup, you’d ideally put it on a bridged host network in docker, and have it listen there. Add individual service you’d want to expose (i.e. just the container of the web server for the app, not the database) to that network, and apply the appropriate container labels to expose it. It’d then be able to handle all the appropriate routing for you.

I don’t use Nginx, so I can’t touch on that, but I’d imagine similar setup in which you have Nginx listen to 80/443, then have it route the request to your service as needed based on whatever setup mechanism it uses.

[–] [email protected] 1 points 10 months ago (1 children)

Yes this is what I was thinking, but like I said I ended up with not being able to login to the traefik dashboard. I'm going to disable NGINX and keep trying to get to the dashboard again. I'll have some play time in a few hours. However from some searching, it seems that having both can be okay?

[–] [email protected] 1 points 10 months ago (1 children)

Oh this is embarrassing.... NGINX the webserver! Not the reverse proxy manager! Okay now I get it! People use Traefik to serve NGINX sites not NGINX reverse proxy manager services. Gotcha! Okay now it makes sense, it's one or the other.

[–] [email protected] 2 points 10 months ago

Yup, traefik isn't able to do any sort of serving itself so for anything more complex than a handful of ports you're expected to use nginx or whatever webserver to serve what you need and then have traefik on top of that as a reverse proxy. Or at least that's my understanding as a somewhat new user.