Reverse proxy for LAN pc's as well as local host

Swindiff · September 15, 2025, 6:16pm

1. The problem I’m having:

This is the caddyfile which I have set up for the single PC reverse proxy
myddns.org {
encode gzip
reverse_proxy localhost:8096
}
I am struggling to work out what I need to add for remote access to the 2nd PC on my network using the caddy server on the first PC
I tried this but it does not work
myddns.org {
encode gzip
reverse_proxy localhost:8096
reverse_proxy http://192.168.1.9:5055
}
I understand it is not good practice to run 2 caddy servers on the same LAN???
Thanks for any help you can offer.

2. Error messages and/or full log output:

PASTE OVER THIS, BETWEEN THE ``` LINES.
Please use the preview pane to ensure it looks nice.

3. Caddy version:

4. How I installed and ran Caddy:

a. System environment:

b. Command:

PASTE OVER THIS, BETWEEN THE ``` LINES.
Please use the preview pane to ensure it looks nice.

c. Service/unit/compose file:

PASTE OVER THIS, BETWEEN THE ``` LINES.
Please use the preview pane to ensure it looks nice.

d. My complete Caddy config:

PASTE OVER THIS, BETWEEN THE ``` LINES.
Please use the preview pane to ensure it looks nice.

5. Links to relevant resources:

timelordx · September 15, 2025, 7:09pm

Could you explain, in your own words, what you’re trying to achieve?

Are you trying to load balance the same website traffic to two different servers? Or are you trying to send different parts of your website to different servers?

Swindiff · September 15, 2025, 7:35pm

Hi, thanks for your reply.

I have my jellyfin server running on Windows PC with local IP 192.168.1.5. I then have a jellyseer docker container running on a PC with local IP 192.168.1.9

I have Caddy running on the same PC as Jellyfin, I can connect to my jellyfin remotely using myDDNS hostname.
I would like to be able to connect to my jellyseerr container via a reverse proxy, I thought I could do this by myDDNS:5055

I can connect to it if I port forward to port 5055 on IP 192.168.1.9. This allows me to access wit via a web browser typing myDDNS:5055, but I would like the security of a reverse proxy as with my jellyfin server.

Sorry I am new to all this and trying to learn.

Thanks

openhabgs · September 15, 2025, 7:38pm

I think this approach could help you to find a solution.I used it to access several docker instances through one caddyserver and my caddyfile looks like:

	handle /vwt/* {
		uri strip_prefix /vwt
		reverse_proxy vaultwarden-test:80
	}

	handle /vwp/* {
		uri strip_prefix /vwp
		reverse_proxy vaultwarden-prod:80
	}

	handle /grocy/* {
		uri strip_prefix /grocy
		reverse_proxy grocy:80
	}

	reverse_proxy nextcloudcaddy:80

the link to access one of the servers then looks like e.g.:

https://yourdomain.org/vwt/

timelordx · September 15, 2025, 9:06pm

You can try the approach @openhabgs gave you, It’s a solid solution. You can simplify it even more to:

myddns.org {

    encode gzip

    ## Jellyseer    
    redir /seer /seer/
    handle_path /seer/* {
        reverse_proxy 192.168.1.9:5055
    }

    ## Jellyfin
    redir /fin /fin/
    handle_path /fin/* {
        reverse_proxy 192.168.1.5:8086
    }

    ## Drop everything else
    abort
}

Then, you can access both via:

https://myddns.org/seer
https://myddns.org/fin

However, some web apps do not like to share the same FQDN with other web apps:

If that’s the case here, you need either two FQDNs, or the same FQDN but each web app on its own port.

Swindiff · September 16, 2025, 10:03am

Hi both

Thank you so much for your helpful replies. With regards to using subfolders for the domain, could I use subdomains instead?

for example jellyfin.myDDNS.org and jellyseerr.myDDNS.org

Given that Caddy is on 192.168.1.5, the same PC as Jellyfin, can i use localhost to reverse proxy to it , or is it best to use the IP address of the machine?

Regards

Swindiff · September 16, 2025, 10:45am

Just found this example on Google AI search, would this work using different IP addresses instead of the loopback one in the example?

caddy

# Define a site block for the first subdomain
app1.yourdomain.com {
    reverse_proxy 127.0.0.1:8080
}

# Define a site block for the second subdomain
app2.yourdomain.com {
    reverse_proxy 127.0.0.1:9000
}

# Optional: Handle the main domain
yourdomain.com {
    root * /var/www/html/main_site
    file_server
}

Use code with caution.

timelordx · September 16, 2025, 9:13pm

Absolutely! That’s kind of the best solution in this case and pretty much this:

Swindiff · September 17, 2025, 7:37am

Hi

Thanks i thought that might be the case. I tried the solution with sub folders for the domain but could not get it to work. I currently have 1 free subdomain with NO-IP, to have more subdomains I need to pay a monthly fee of $2.99. The next question, is it best to create another subdomain with an A record pointing to my public IP, or is it better to have a secondary sub domain with a CNAME record pointing to my primary subdomain? Given that I use NO-IP’s Dynamic update client to keep my IP address synced with my DDNS hostname would I be better off just using A records? Thanks for all your assistance, I realise this is getting beyond the scope of Caddy now.

timelordx · September 17, 2025, 8:16am

It might be cheaper to just buy your own domain. If your DNS host allows it, you can point the apex of your domain to your dynamic NO-IP using an ALIAS record. From there, you can set up as many subdomains as you want with CNAMEs, or even use a wildcard CNAME if that works better.

Swindiff · September 17, 2025, 8:32am

NO-IP would let me use my own domain name, but I can only create 1 subdomain there for free. Its then $2.99/month for 3, or $3.99/month for 5

Swindiff · September 23, 2025, 10:42am

Hi Timelord

Thanks to your help I got jellyfin and jellyseerr working using revere proxy with separate subdomains. I also use some software called NextPVR which I am also trying to access through Caddy. I currently access it directly via port forwarding to the pc and app directly.

From what I have read this software can only really use HTTP as it is primarily meant for local access. I have managed to access it via WAN revere proxied through Caddy using the following

NextPVR.Domain.org {
encode gzip
tls internal
reverse_proxy 192.168.1.3:8866
}

I get a warning in the browser that it is not secure and falls back to http rather than https

Is there a way to get this to work via https with a certificate?

Thanks

timelordx · September 23, 2025, 3:24pm

A screenshot would be helpful. Could you also share a curl output of the following?

curl -kv https://NextPVR.Domain.org

Swindiff · September 23, 2025, 4:37pm

OK, it does work but I just get this not secure warning

Screenshot 2025-09-23 165440

Swindiff · September 23, 2025, 5:01pm

timelordx · September 23, 2025, 5:34pm

You’re using tls internal, which is Caddy’s own internal certificate authority. This authority is not trusted by default, so you either need to add it to trusted CAs in your browser or computer, or stop using the internal CA.

Swindiff · September 23, 2025, 5:56pm

Thankyou

system · October 23, 2025, 5:56pm

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.