Comment on Reverse Proxy: a single point of failure in my lab
thisisnotausername@lemmy.dbzer0.com 2 weeks agoThe more I go into this rabbit hole, the more I understand this, and I understand now that I went into the hole with practically 0 knowledge of this topic. It was so frustrating to get my “HA” proxy on LAN with replicated containers, DNS and shared storage, hours sank into getting permission to work, just to realise “oh god, this only works on LAN” when my certs failed to renew.
I do not think I need this, truth is that the lab is in a state where I have most things I want[need] working very well and this is a fun nice to have to learn some new things.
Dempf@lemmy.zip 2 weeks ago
IIRC there’s a couple different ways with Caddy to replicate the letsencrypt config between instances, but I never quite got that working. I didn’t find a ton of value in a HA reverse proxy config anyways since almost all of my services are running on the same machine, and usually the proxy is offline because that machine is offline. The more important thing was HA DNS, and I got that working pretty well with keepalived. The redundant DNS server just runs on a $100 mini PC. Works well enough for me.