Simple Reverse Proxy


I am losing another night trying to set up a home server with multiple subdomains. It seems like reverse proxy setup is obvious to other users, but I just can not get it to work.

I have one public IP and the ports 80, 443 are forwarded in my router to the server’s ethernet card. The firewall ports are also opened with networking.firewall.allowedTCPPorts . The web applications are made to listen on ports 8081 and 8082, and the Let’s Encrypt certification is configured.

How can I build a reverse proxy with a minimal config? I have designated a separate .nix file just for the proxy.

Thank you in advance.

I figured out the “obvious” part after taking a short nap.

The virtual hosts for the web services can not be named after the domain names. I gave them names like “” and it worked for locations."/".proxyPass .

I also had to pull the Let’s encrypt certification configuration into the proxy file.

For future reference, here is the proxy file:

  networking.firewall.allowedTCPPorts = [

  security.acme = {
    acceptTerms = true;

    email = "REDACTED";

  services.nginx.virtualHosts = let
    SSL = {
      enableACME = true;
      forceSSL = true;
    }; in {
      "domain.tld" = (SSL // {
        locations."/".proxyPass = "";

        serverAliases = [

      "sub.domain.tld" = (SSL // {
        locations."/".proxyPass = "";

1 Like