I really only have a 500Mbit down/100Mbit up connection, so on the WAN side, it's fine, can handle that easily.
And meanwhile on the LAN/VLAN side, I haven't tested, but I've mostly tried putting the high bandwidth stuff in the same VLAN just so they don't hit the router (on a stick), and just crosses the switch.
I've got a N200 aliexpress box on the way though. OPNSense is looking mighty interesting.
You could use apache2 vhosts to route bitwarden.domain2.com traffic to wherever the heck you want. Even to another server on the internet.
Think of a vhost as uh... another set of apache server configuration that ONLY applies if the incoming traffic is for that domain/hostname.
That's determined by the Host header in the request, or the TLS SNI value if you're using HTTPS.
Then in that vhost, you'd just configure it like you would any apache instance, like say, for the root location, have it do a proxy_pass, etc.
I feel like I'm missing some EASY thing; like can't my apache2 just route the bitwarden.domain1.com traffic to another local IP address...
Yes. It can. https://httpd.apache.org/docs/2.4/vhosts/name-based.html
I mean, if you already have nginx OR apache, you could set up a vhost with the other domain name and do a proxy_pass or similar thing to the other one?
They don't need to be the same host software, you'd just need to configure one of them to know how to route it to the other instance. It's just plain HTTP(s) after all.
Reverse proxying is a feature in both nginx and apache after all. Though I'd recommend using nginx for that.
I mean, yeah. That is true, a GUI would be easier for someone to learn. But once you do, config files are way faster.
Honestly, I first moved to traefik (from caddy) because it let me put my proxy configuration next to the application it's for. (When I was using docker-compose files to manage this.)
If you're going to be jumping straight into text based config files.... Caddy's Caddyfile format is a lot easier to work with then nginx configs IMO.
Cloudflare tunnel free is pretty good, and I use it for my on-prem (in house) services because it can work through CGNAT, though you are subject to the standard cloudflare terms of use.
On the other hand, what you're looking for is called a reverse proxy. I'd recommend Caddy or Nginx Proxy Manager for you.
I personally use Traefik, but I'm also running on a kubernetes cluster so....
I think vultr is actually cheaper then DO though.
I've moved to technitium DNS nowadays. I found that it works better for me then AGH.
Actually. Now that I think of it, I should probably diagram that out hmm. Anyone know any good tools for making that?
And seriously, Talos Linux is really, really, nice. If I ever manage to mess up a kubernetes node (which has happened a few times when I was messing around), I just wipe it, reboot it from the ISO, and reprovision it with the machine configuration.
@kronicd Unless android has implemented DHCPv6 and nobody is talking about it, no, no it's not. It would still need me to route the entire /64 to one network after all for SLAAC.
Unless you're suggesting I install more-specific routes on the other networks? maybe a /65 or /66 on them? But in that case, wouldn't the main network, with it's full /64 prefix, have issues reaching those other hosts... hmm. Unless I deploy it with ULA addresses too. And treat the GUA addresses as just for internet connectivity.
Might still have to NAT66 it for other networks that may see android devices...
Might experiment with it once my opnsense box arrives I guess. Don't want to muck around with that on openwrt.
I just wish I got like a /60 at least.
I suppose tunnelling to a VPS is one option, but I'd rather use NAT66 over that because it'd have better throughput/latency.