I host a ton of services running behind my nginx reverse proxy (basic auth + lets encrypt). On the whole it works really well with nearly everything I throw at it. Lately, there’s been a lot of gradio/websocket/python stuff coming from the AI community like the local llama and stable diffusion stuff. Not sure what’s causing it but there’s always weird issues when I try to reverse proxy them.
Does anyone have some magic settings that “just work” with these weirdo web apps?
I’m pretty sure there might be some arcane scripts for you that would help you. But you should clarify query a bit. What are the weird issues you’re running into? Alternatively, if you’re managing nginx and letsencrypt manually you could try:
- Caddy
- Traefik
- NGINX Proxy Manager
I hear good things about Traefik. Basically all I need is a reverse proxy that will handle re-writing URLs and websockets and slapping some ssl and auth on it. If something is easier for that, I’m all ears.
All three options should cover those requirements. You should take a look at them and decide which suit you best.
Can’t talk about anything but SD (using various UIs, mostly AUTOMATIC1111’s and other variants of the official) but they “just work” behind traefik. Traefik does the SSL termination and figures out which service (ip + port) to talk to based on its config. By default it does ACME (Let’s Encrypt) for you and handles passing websockets without the special config lines like you need in nginx (though that should be as easy as this). As long as the application is well written (which is not always the case in the ML world, haha) and uses relative URLs for links, most everything should “just work” behind a reverse proxy, or need a config flag or two telling them they can trust the proxied SSL/IP and stuff like that.
+1 for Traefik. I got tired of all of nginx’s quirks. It’s really powerful and I’m sure the combinations of achievable results are infinite with nginx… so for some use cases it makes sense. But seriously… almost every container I’m likely to deploy follows a fairly simple model and traefik to just “works” with everything I’ve tried so far. I have ALL the traefik config in docker compose labels so every single configuration element I need to spin up a container a second time or on a new host is in ONE place.