I am running a Proxmox node with a VM running a couple of Podman rootless containers, one of which is Jellyfin. I have also installed Traefik on a separate LXC unprivileged container. I have installed Tailscale on both the VM and the LXC.
What I want now is to create a reverse proxy so that I create subdomains pointing to my registered domain name, e.g. example.com.
I want when trying to access ‘jellyfin.example.com‘ the reverse proxy to point to the Tailscale IP or URL, for example ‘https://media.tbXXX.ts.net:8096‘. But that should work only when connected to the Tailscale network.
Is this even possible? If it is, can you point me to some resources explaining the whole configuration?
Wait… if you JUST want your domain to point to the tailscale IP and to only work when the client is on the tailnet, this is… super duper easy?
Just install tailscale. Go to your dashboard, and get the IP. And point your domain at that. No tunnels or reverse proxies needed.
The problem is that I have a couple of services listening on different ports and I want to use the reverse proxy to listen to incoming requests and route the traffic to the corresponding ports. I also want to issue SSL certificates and serve the traffic over TCP port 443.
Presumably most of those services on the same physical host are running in containers? So just add tailscale as a sidecar to that. Each container will be its own host as far as your tailnet is concerned and have its own internal IP. The official tailscale youtube has tutorials on that because it maps much better to a portainer based setup and more or less requires clients to have the tailnet running constantly (which, in my opinion, defeats the purpose of selfhosting but you do you).
Or do a mess with SRV records and… good luck with that