Reverse proxy to a different computer?

eivind · January 27, 2024, 9:16pm

My YunoHost server

Hardware: Laptop
YunoHost version: 11.2.9.1
I have access to my server : Webadmin and SSH
Are you in a special context or did you perform some particular tweaking on your YunoHost instance ? : no

Description of my issue

Good people one and all,

I have a machine running Yunohost behind a router, and a DNS setup pointing domain.tld and all subdomains to the public IP address. The router is naturllay setup to forward port 80 and 443 to the Yunohost machine. As Yunohost doesn’t have Libretime (which would be great, by the way), I have set up a different computer running only Libretime on the same network.

As is expected, I can’t setup the reverse proxy or certificates on the Libretime computer. The Yunohost computer, as far as I can understand, has to handle certificates and act as reverse proxy. However, I am unable to get this to work.

My understanding is that I have to point requests to radio.domain.tld to the Libretime computer, and that this has to happen by reverse proxying on the Yunohost box. I just can’t wrap my head around how. I have played with the reverse proxy apps on Yunohost with no luck. To be precise, this is what I have done:

Add radio.domain.tld domain through Yunohost webadmin
Install Let’s encrypt certificate on subdomain
Install either reverse proxy or redirect apps on the subdomain
Add LOCAL_LIBRETIME_IP:8080 as redirect/reverse proxy target

The result is one of two:

502 error message (bad gateway) when using reverse proxy
Redirect to Yunohost SSO page when using redirect

I don’t expect any input, but certainly welcome it. Let me also use this opportunity to thank the developers for a wonderful project.

Edit: Thanks to @OniriCorpe for the IPv6 suggestion. I’ll try that!

OniriCorpe · January 27, 2024, 9:53pm

you can either:

access to your Libretime host machine with IPv6 and configure only IPv6 for its domain name, so you can bypass the need of reverse proxying from your yunohost machine
let your yunohost deal with the domain name and use the redirect app in reverse proxy mode to forward request to your Libretime host machine IP and port

eivind · January 27, 2024, 10:00pm

Hm, I am unsure if using IPv6 would work. The reason is the router: Port 80 and 443 already open to the IPv6 address of the Yunohost box. Can a second port open rule using the same ports be added for the Libretime box IP? I am not knowledgeable enough to answer this, but I will of course try.

OniriCorpe · January 27, 2024, 10:06pm

usually you don’t need to open ports in your ISP router for public IPv6 addresses

jarod5001 · January 27, 2024, 10:49pm

According to the documentation

You can install it manually using a script.
Did you try to install it on custom_web_app? Both tarball and github repo are doable. And if you have some spare time and energy, you can try to package it yourself.
Before you try to install it on custom_web_app note that the script will install postgresql that may break your server, so use --no-setup-postgresql. The install script will configure libretime to listen to port 8080, so you may need to add --listen-port 80 to the command otherwise you’ll have to tweak nginx configuration. There are may be other things that might need attention, I did a fast look. And you should make a snapshot of your server before proceeding or try it on a test machine.
And some ports need to be open especially icecast.
Good luck

eivind · January 28, 2024, 11:41am

Accessing via IPv6 worked! Thank you very much. Case solved.

system · February 12, 2024, 11:42am

This topic was automatically closed 15 days after the last reply. New replies are no longer allowed.