Origination#

It was 2020 around when isp’s around my area didn’t have any CGNAT and had a nice public ip, I went to my routers UI : Set up the port forwarding by looking at reddit resources and through blogs for how to setup one.

Got the jellyfin server behind the public ip with port, when accessed it from another location, was able to access it , speed was fine too.

But now the times have changed they have introduced cg-nat , and ask for extra money if one needs to get a static ip. So started looking for free options then came the Tailscale which quite nicely unlocked a few doors to access my things for free.

It was quite easy to set it up. Had the script run on my vm. Created a dns , installed the certificate, now was able to access a port from the machine that was running tailscale.

But required isolation at this point so wanted this to act as a proxy for the ports that are on different vm’s , then discovered reverse proxy : had two options either to go for caddy or nginx. I chose caddy due to its documentation was easy on eyes.

Had the Caddyfile setup as this :

home.domain:8096 {
	reverse_proxy 10.0.0.10:8096
}

Had it running quite easily, then issue started when wanted the proxmox ui to be available behind the proxy. When had simply as : reverse_proxy 10.0.0.12:8006, ofcourse it won’t work, as it expects to be running 443.

Got to know it’s supposed to be done this way :

        reverse_proxy 10.0.0.12:8006 {
                transport http {
                        tls_insecure_skip_verify
                }
        }

This seemed to work but introduced another major issue, generally when vm restarts it’s supposed to load the systemd service of caddy and get it up running. So whenever it restarted it didn’t seem to be successful. So I had to every time manually had to restart caddy, by caddy stop; caddy start. Then also got to know by default the command tends to look at the current folder so I was supposed to be in the directory where the Caddyfile is or to use the –config arg to mention the path.