Virtualmin Domain to Lan IP (Reverse proxy)

Hello all,

I currently have A proxmox Install on my desktop PC which hosts several VM’s.

My router firewall settings do not give me much flexibility and cannot look at Subdomains, only DST IP & Port.

  • additionally I Have a dynamic IP address which I manage via DNS dynamic Update scripts & duckDNS on the router side and Dyndns on the Webmin/Virtualmin side.

Now that’s explained here is the problem:

Virtualmin is my primary Webhosting server/LAN side DNS for local domains. So I can have subdomain.domain.TLD (for many domains) land to the Virtualmin server and everything is fine.

But say, for example, I want “Specific Subdomain”.SpecificDomain.tld to go to a Different virtual machine (Different static Lan IP) using a reverse proxy?

I am not sure how to do this on Webmin/Virtualmin for the port 80 and port 443.

Currently, on my firewall I am doing (primary hostname):“randomPort” -> different destination IP on the router.

I hope you understand what I am trying to say because I am not good at explaining myself.

let me give you an example:

If I want www.mydomain.com to go to Webmin/Virtualmin, it should load a web page.
But if I want MyPBX.myDomain.com, I don’t wish to Virtualmin to load that as a webpage. Instead, I want Virtualmin to Reverse proxy it from a LAN IP 192.168.50.99:80

Do you understand what I am trying to say?

I think the solution is something to do with BindDNS & Reverse proxy and something.

But I do not know how to do it.

Can you please give me an example of an idea on how to solve this specific hostname to an IP via Virtualmin/Webmin directly? Or should I have a separate PROXY in between Virtualmin/my router?

I want to minimise all complexity and manage everything nicely inside Virtualmin!!! (also I do not wish to have Virtualmin installed with Cloudmin directly on the Host system) I like keeping all my webpages in a separate LXC.

Thanks very much!!!

I’m not aware of any particular Virtualmin feature that allows you to translate external requests to port 80 to multiple IPs behind NAT. This question gets asked a LOT. :slight_smile:

Webmin has a Squid module. You’d need to set squid up as a reverse proxy for all of your websites. There are probably setup guides if you Google for them.

On the other hand, if you just want to administer your FreePBX/IncrediblePBX/etc from outside your LAN, I would just simplify my life and change the port that service listens on and set the router up to suit. Once you save it to your bookmarks you won’t care what port it is.

Or, upgrade your router (I’m fond of the Mikrotik RB750G as a powerful and affordable home router) and ask your ISP for more IP addresses.

Hi Noisemarine,

Thanks for that,

I am using 3cx now on lxc, and you are right, custom ports do the trick for just this one application.

But actually, the issue is far more in-depth, and I want the flexibility of spinning up Docker containers (on a separate Docker host LXC) spinning up VM such as rails app’s or things that done play nice under Virtualmin’s PHP/apache bundle)

And actually, sometimes I want to give a specific web app such as next cloud, far more resources than I allow Virtualmin to have (so I can keep Virtualmin pure and portable)

Other ideas I have are: a plex server
A dedicated Mysql database VM.
NextCloud.
Various rails apps.
Node apps that won’t work on PHP/Apache.
Additional Virtualmin’s in the cluster?.

Ultimately I want Virtualmin/Webmin to serve as my “Landing point” for my “Virtual Cloud” (that lives on a spare ryzen desktop in my office).

At some point, I may spin up a separate proxmox host and do high availability stuff.

Now I know there is traefik for docker, and pfsense as a VM for other applications, and my edge router (that everything on in the house comes in from) is a Mikrotik hapac2, which is very very capable. HOWEVER, MikroTik, as I can see it, has quite a basic and gimped web proxy feature which I do not want to mess with.

But you are right, MikroTik’s are great, but not smart enough to separate traffic via incoming hostname except over port 80.

So based on what you have said< i think the best way forward is to put a virtual router in front of the Webmin/Virtualmin to sort all the traffic out?

Having a pfsense router in front of Webmin/Virtualmin will add complexity, and would mean many of my services will be on separated by router networks.

Shame :slight_smile: I think this could be a great feature.

I suppose I could try and play with & learn squid proxy, but as it’s not integrated into Virtualmin, I need a reverse proxy that can direct via hostname.

I heard Nginx can do this but is a pain to set up and maintain.

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.