I host a ton of services running behind my nginx reverse proxy (basic auth + lets encrypt). On the whole it works really well with nearly everything I throw at it. Lately, there’s been a lot of gradio/websocket/python stuff coming from the AI community like the local llama and stable diffusion stuff. Not sure what’s causing it but there’s always weird issues when I try to reverse proxy them.

Does anyone have some magic settings that “just work” with these weirdo web apps?

  • flimsyberry@lemmy.world
    link
    fedilink
    English
    arrow-up
    1
    ·
    1 year ago

    I’m pretty sure there might be some arcane scripts for you that would help you. But you should clarify query a bit. What are the weird issues you’re running into? Alternatively, if you’re managing nginx and letsencrypt manually you could try:

    • Caddy
    • Traefik
    • NGINX Proxy Manager
    • Behohippy@lemmy.worldOP
      link
      fedilink
      English
      arrow-up
      0
      ·
      1 year ago

      I hear good things about Traefik. Basically all I need is a reverse proxy that will handle re-writing URLs and websockets and slapping some ssl and auth on it. If something is easier for that, I’m all ears.

      • flimsyberry@lemmy.world
        link
        fedilink
        English
        arrow-up
        1
        ·
        1 year ago

        All three options should cover those requirements. You should take a look at them and decide which suit you best.

  • terribleplan@lemmy.nrd.li
    link
    fedilink
    English
    arrow-up
    1
    ·
    1 year ago

    Can’t talk about anything but SD (using various UIs, mostly AUTOMATIC1111’s and other variants of the official) but they “just work” behind traefik. Traefik does the SSL termination and figures out which service (ip + port) to talk to based on its config. By default it does ACME (Let’s Encrypt) for you and handles passing websockets without the special config lines like you need in nginx (though that should be as easy as this). As long as the application is well written (which is not always the case in the ML world, haha) and uses relative URLs for links, most everything should “just work” behind a reverse proxy, or need a config flag or two telling them they can trust the proxied SSL/IP and stuff like that.

    • gaurhoth@lemmy.world
      link
      fedilink
      English
      arrow-up
      1
      ·
      1 year ago

      +1 for Traefik. I got tired of all of nginx’s quirks. It’s really powerful and I’m sure the combinations of achievable results are infinite with nginx… so for some use cases it makes sense. But seriously… almost every container I’m likely to deploy follows a fairly simple model and traefik to just “works” with everything I’ve tried so far. I have ALL the traefik config in docker compose labels so every single configuration element I need to spin up a container a second time or on a new host is in ONE place.