Hi all!
I have a simple (?) architecture question I’d like to get your advice on, before moving forward: for a simple home setup, I have two machines, each having a dedicated Docker (and traefik) running. Each with its own separated services deployed in docker.
I’d like for all these services to be accessible via internet using traefik reverse proxy, with one subdomain per service. I had previously done this with only one machine. Simple enough. But what would be a correct architecture to do the same thing with two machines?
My initial (albeit probably naive) idea was to have a cascading approach: with one machine (X) in the front, with ports 80 and 443 available through the internet, and one (Y) in the back. Every request comes through X, traefik on X looks if it has a service deployed and matching the requested subdomain. If not, then there would be a rule on X forwarding the request to Y, where the second traefik on Y would continue the resolve. In this scenario, each machine would be responsible for its own TLS decrypts and lets encrypt challenges and so on.
My question is, does this work? Supposing I have the correct forwarding rule set in X. Or will this be a reverse-proxy mess… Should I look into this or follow a totally different path?
Thanks for your help!