Hello, I have 3 VMs: Debian 8 Debian 12 Ubuntu 18.04 running "the perfect server" on a dedicated server and all 3 have dedicated IPs from the hosting company. Now I got a new server and moved VMs to a Proxmox. There I have OPNsense and now they're getting IP from DHCP and are online. My question is, how can I run them behind OPNsense so that when I try to open from outside the LAN ie. domain1.com points to Debian 8 ISPconfig, domain2.com points to Debian 1 ? Obviously, I only have one dedicated IP for OPNsese. Is something like "Nginx Proxy Manager" possible with the perfect server? What do I need to change on each perfect server since Let's encrypt is already part of ISPconfig? TIA!
You probably need a proxy in front of the servers. There is not much to be changed on ISPConfig side, let#s encrypt might work if the proxy forwards the verification requests, you'll have to test that with the proxy you use. What you will likely have to do in ISPConfig is to diable the Let's encrypt check under System > server config as it tends to fail when the system is behind a NAT router that blocks access to the external IP address from within the local network.
Thank you so much for taking the time to reply, till! On my current firewall (OPNsense) I can install "HAProxy". Does it sound familiar to you? Description: Reliable, high performance TCP/HTTP load balancer HAProxy is a free, very fast and reliable solution offering high availability, load balancing, and proxying for TCP and HTTP-based applications. It is particularly suited for web sites crawling under very high loads while needing persistence or Layer7 processing.
you can work on both, HAProxy or NPM, I've tested these behind pfSense which is basically the same as OPNsense. easiest way is NPM on docker but be careful sometimes the configs got messed up. if you use HAProxy you may want to consider using acme on OPNsense as well and not on ISPConfig, I had issues seeting up the default server with HAProxy.