Hello people, I recently rented a vps server from OVH and I want to start hosting my own piefed instance and a couple other services. I am running debian 13 with docker, and I have nginx proxy manager almost set up. I want to set up subdomains so when I do social.my.domain it will go to my piefed instance, but how do I tell the machine to send piefed traffic to this subdomain and joplin traffic (for example) to another domain? Can I use nginx/docker natively for that or do I have to install another program. Thanks for the advice.
You must log in or register to comment.
how do I tell the machine to send piefed traffic to this subdomain and joplin traffic (for example) to another domain
You don’t send traffic to domains. You point all the domains to one host, and on that host, set up a reverse proxy like nginx, caddy, or traefik, and then configure HTTP routing rules. That proxy can run in docker. I use traefik and it does all the routing automatically once I add labels to my docker-compose file.
It’s called a Reverse Proxy. The most popular options are going to be Nginx, Caddy, Traefik, Apache (kinda dated, but easy to manage), or HAProxy if you’re just doing containers.
FWIW I don’t find Apache dated at all. It’s mature software, yes, but it’s also incredibly powerful and flexible, and regularly updated and improved. It’s probably not the fastest by any benchmark, but it was never intended to be (and for self-hosting, it doesn’t need to be). It’s an “everything and the kitchen sink” web server, and I don’t think that’s always the wrong choice. Personally, I find Apache’s litlte-known and perhaps misleadingly named Managed Domains (mod_md/MDomain) by far the easiest and clearest way to automatically manage and maintain SSL certificates, it’s really nice and worth looking into if you use Apache and are using any other solution for certificate renewal.
I’ll be honest with you here, Nginx kind of ate httpd’s lunch 15 years ago, and with food reason.
It’s not that httpd is “bad”, or not useful, or anything like that. It’s that it’s not as efficient and fast.
The Apache DID try to address this awhile back, but it was too late. All the better features of nginx just kinda did httpd in IMO.
Apache is fine, it’s easy to learn, there’s a ton of docs around for it, but a massively diminished userbase, meaning less up to date information for new users to find in forums in the like.
In your DNS settings, from your domain provider, add all the A and AAAA records for the sub domains you want to use. So, when someone hits the port 443 using one of those domains, your Nginx Proxy Manager will decide which service to show to the client based on the domain.
how do I tell the machine to send piefed traffic to this subdomain
Configure your Nginx Proxy Manager. It should be using port 80 for HTTP, port 443 for HTTPS and another port for its WebUI (8081 is default, iirc).
So, if I type piefed.yourdomain.com in my address bar, the DNS tells my browser your IP, my browser hits your VPS on port 443, then Nginx Proxy Manager automatically sees that the user is requesting piefed, and will show me piefed.
For the SSL certificates, you can either generate a new certificate for every subdomain, or use a wild card certificate which can work on all subdomains.
The job of a reverse proxy like nginx is exactly this. Take traffic coming from one source (usually port 443 HTTPS) and forward it somewhere else based on things like the (sub)domain. A HTTPS reverse proxy often also forwards the traffic as HTTP on the local machine, so the software running the service doesn’t have to worry about ssl.
Be sure to get yourself a firewall on that machine. VPSes are usually directly connected to the internet without NAT in between. If you don’t have a firewall, all internal services will be accessible, stuff like databases or the internal ports of the services you host.
What service would you recommenced for firewall. The firewall I use on my laptop is ufw, should I use that on the vps or is their a different service that works better?
UFW works well, and is easy to configure. UFW is a great option if you don’t need the flexibility (and insane complexity) that manually managing iptables rules offers,
Acronyms, initialisms, abbreviations, contractions, and other phrases which expand to something larger, that I’ve seen in this thread:
Fewer Letters More Letters DNS Domain Name Service/System HTTP Hypertext Transfer Protocol, the Web HTTPS HTTP over SSL IP Internet Protocol NAT Network Address Translation SSL Secure Sockets Layer, for transparent encryption VPS Virtual Private Server (opposed to shared hosting) nginx Popular HTTP server
[Thread #1001 for this comm, first seen 14th Jan 2026, 02:55] [FAQ] [Full list] [Contact] [Source code]
