So, at the moment I’m using Nginx Proxy Manager, but lately I started seeing it moving slower and slower and even though I tried traefik some time ago, I didn’t manage to make it work.
Anyway, I want to start using traefik again, but I want to use it like this:
- I want to access all my services/containers in my LAN through http (port 80) on something like sub.mylan.home
- I want to access some of my services over the internet through https (port 443) on sub.mydomain.com
I know this is possible, but I don’t get the hang of the configuration. Somone care to share some tips?
What do you mean?
It can happen that your internal services are still reachable from externally, by calling the external IP and setting the Host header manually to sub.mylan.home, even if that were pointing to an internal address. Traefik would only compare the Host header. To secure this you might also add an IP filter for the internal host, but I‘m not sure whether that’d be secure enough.
You’ll be putting yourself in a situation where a typo, or a wrong docker compose copy/paste, or a default config you forgot to override, will expose stuff to the Internet.