Totally fair… I appreciate you engaging with me, your perspective is appreciated! I won’t defend Unraid’s choice when it comes to the UI ports, but I will simply say that there are things that are really nice about Unraid from a usability standpoint.
Thanks again for your thoughts!
The challenge here is that the host is Unraid, which publishes its own interface on 80/443. My reverse proxy is of course handling all requests for my sites, but that is ALSO running on a container, and must be listening on something other than 80/443 when using host or bridge networking.
So, if I’m following along correctly, I would need to put my reverse proxy on a different host (bare metal or VM) in order for it to listen on 80/443.
I super appreciate where you’re coming from on this. Unless I’m mistaken, NAT port forwarding makes this not quite so clean. If my (internally hosted) site is published on ports other than 80/443, is there any way to route them internally without needing to include the port in the request?
If not, then I either have to include the port in my request when I’m inside the LAN, or I need to set up a macvlan in my docker network to facilitate a LAN IP and standard ports.
Do I have that right?
As I dug into this, I found that it is in fact trivial to change the Unraid UI ports. There’s a setting for it. I can only assume that since Unraid attracts a LOT of novices, bad advice gets passed around and taken as gospel. So, I changed Unraid’s ports, set my reverse proxy to listen on 80/443, updated the NAT on my router, and added the relevant host overrides to the DNS Resolver. Hairpin eliminated. Thanks again!