Comment on Help with hosting internal and external services with DMZ and docker swarm
mhzawadi@lemmy.horwood.cloud 11 months agoThis is kind of how my setup looks, only without the DMZ. PFSense NAT to nginx lxc, terminates the SSL/TLS and then uses both my swam nodes as upstream for docker services. Docker services are behind traefik, each service is its own network in docker. If its a webby service you hit treafik not a port.
TheButtonJustSpins@infosec.pub 11 months ago
I have exposed endpoints hitting HAProxy in pfSense, which then reverse proxies as needed. Same thing, basically.