So, you say you want to host websites and web applications on Linux? That's awesome, but hang on a sec... It's only possible to port forward to a single server, so how is this possible?
Solving this challenge can be handled one of two ways: SRV Records or a Reverse Proxy. In this post, we're going to look specifically at Nginx since (in my opinion) this is one of the easiest to use alternatives, especially if you want more advanced functionality in the future. Note that Apache and Caddy also have this functionality with roughly the same feature set, you'll want to choose the option that makes the most sense for your implementation.
- First things first, you'll want to setup your host. You can either run your reverse proxy on an existing web server or set up a dedicated load balancer/reverse proxy server. In this configuration, I am using an Ubuntu 18.04 LXC container running under a Proxmox hypervisor.
- Make sure your packages are up to date before you install Nginx by running a quick
$ sudo apt update && apt upgrade -y. This command updates your package lists to make sure you have the latest sources for the following
apt upgradecommand. The
-yswitch simply accepts the changes without user intervention.
- Install Nginx with
$ sudo apt install nginx.
- Now that Nginx is installed, we are ready to start configuring things. There are actually several different ways that you can setup a basic configuration on Nginx, but I am going to stick with one of the most common options: using the
sites-enabledfolders located in
- We will start by creating all of our configurations in the
sites-availablefolder. This does not immediately make them active, but does give us a place to store them temporarily. Here is an example of the most basic config type for a reverse proxy setup.
- Once you create your configuration file (Using Nano, unless you've mastered the art of exiting Vim), save it as whatever you want. I tend to save mine with the name of the service trying to be accessed:
- Now that you've saved your file, you need to activate it, this can simply be completed by symlinking it to the
/etc/nginx/sites-enabled$ sudo ln -s ../sites-available/your-config.conf your-config.conf.
- Finally, restart Nginx using
$ sudo service nginx restartand your reverse proxy is up and running. Note that a reverse proxy only works if all of your port 80 and 443 requests are pointing to your reverse proxy.
To conclude, this quick write-up is just scratching the surface of the power of reverse proxy. Things like applying a SSL certificates, using web sockets, http > https rewrites, and more are possible which is where a setup like this really shines. Stay tuned for another writeup on my specific implementation in my homelab and how it ties in with Cloudflare SSL.