I see so many posts and people who run NGINX as their reverse proxy. Why though? There’s HAProxy and Apache, with Caddy being a simpler option.

If you’re starting from scratch, why did you pick/are you picking NGINX over the others?

  • wjs018@lemmy.world
    link
    fedilink
    English
    arrow-up
    4
    ·
    3 months ago

    Some good answers in here already. It boils down to a couple points for me:

    • Back when I started selfhosting, it was either nginx or apache, and I found nginx better and easier to set up
    • All the nginx knowledge I learned years ago still works just the same as it did back then, so why potentially mess things up by switching if it all still works
    • Basically every project has an example nginx config for reference, that can’t be said about other proxies
    • It is easier to find support online for edge cases that might pop up with nginx due to the ubiquity of its use and years of history
  • rysiek@szmer.info
    link
    fedilink
    English
    arrow-up
    4
    ·
    3 months ago

    HAproxy cannot serve static files directly. You need a webserver behind it for that.

    Apache is slow.

    Nginx is both a capable, fast reverse-proxy, and a capable, fast webserver. It can do everything HAproxy does, and what Apache does, and more.

    I am not saying it is absolutely best for every use-case, but this flexibility is a large part of why I use it in my infra (nad have been using it for a decade).

  • ngn@lemy.lol
    link
    fedilink
    English
    arrow-up
    4
    ·
    3 months ago
    • simple config & setup
    • good performance
    • popular/packaged by every single distro
    • just works
  • kolorafa@lemmy.world
    link
    fedilink
    English
    arrow-up
    4
    ·
    edit-2
    3 months ago

    Because Nginx Proxy Manager exists.

    And also because for me it started from web hosting where Apache and Nginx dominate and later because of many easy to understand example configs from the net including many “docker letsencrypt” examples.

    • Takahe@lemmy.nz
      link
      fedilink
      English
      arrow-up
      1
      ·
      3 months ago

      Very much became it exist. Its way simpler to do in the GUI.

      Did not have to learn anything specific, and can work for things not in docker containers too, like the Nextcloud Snap.

  • Shimitar@feddit.it
    link
    fedilink
    English
    arrow-up
    3
    ·
    3 months ago

    Nginx “just works™” had never got into the way, its been rock solid and has not changed significantly over the years.

    Why would I need something else?

  • sugar_in_your_tea@sh.itjust.works
    link
    fedilink
    English
    arrow-up
    3
    ·
    3 months ago

    There’s a lot of good resources for Nginx, it’s fast (faster than Caddy), and has a ton of features, so you can use it for pretty much anything HAProxy, Apache, or Caddy can do, and not sacrifice much in performance.

    That said, I mostly use HAProxy and Caddy. Here’s my basic setup:

    1. HAProxy at the edge VPS - routes requests to machines based on SNI
    2. WireGuard VPN - connects my internal devices to my VPS
    3. Caddy in Docker - runs on internal network on my NAS/homelab - manages LetsEncrypt renewals and reverse proxies to internal Docker network
    4. Nginx in Docker - FE for NextCloud; this simplifies things so all my TLS is handled in one place, and Caddy doesn’t need to touch files

    I use a local DNS server on my router so my domains can route directly to Caddy instead of going over the internet when on my network, otherwise I may just have HAProxy handle LetsEncrypt certificates.

    From what I can tell, Nginx is a little more efficient than Caddy, but Caddy is plenty fast for my needs. I’m considering switching from NextCloud to the new ownCloud Infinite Scale, and if I do, I’d ditch nginx completely.

  • MangoPenguin@lemmy.blahaj.zone
    link
    fedilink
    English
    arrow-up
    2
    ·
    3 months ago

    It just works and it’s in every distros default repo, it’s pretty easy to set up and can be a webserver for static files, PHP sites, etc… It can be a reverse proxy for HTTP(s) traffic or just forward TCP/UDP.

    There’s also endless documentation out there for how to do something in nginx.

    HAProxy is a nightmare to use in my experience. It just feels so clunky and old.

    Caddy is nice, but downloading and updating it is a pain because you need modules that aren’t included in the repo version.

    • ____@infosec.pub
      link
      fedilink
      English
      arrow-up
      0
      ·
      3 months ago

      Right there with you on “just works,” as well as the simple fact that the config snippets you need are readily available - either in the repo of whatever you’re putting behind the proxy, or elsewhere on the internet.

      I consistently keep in mind that it’s ultimately an RU product, of course. But since it’s open source and changes relatively infrequently, that’s mitigated to a large degree from where I sit.

      Nothing against Caddy, though Apache gets heavy quickly from a maintenance standpoint, IMHO. But nginx has been my go to for many, many years per the above. It drops into oddball environments without having to rip and tear existing systems out by the roots, and it doesn’t care what’s behind it.

      Ages ago, I had a Tomcat app that happened to be supported indirectly by an embedded Jetty (?) app that didn’t properly support SSL certs in a sane way on its own.

      That was just fine to nginx and certbot, the little-but-important Jetty app just lived off to the side and functionally didn’t matter because with nginx and certbot, nothing else gave a crap - including the browser clients and the arcane build system that depended on that random Jetty app.

  • tills13@lemmy.world
    link
    fedilink
    English
    arrow-up
    2
    ·
    3 months ago

    Caddy’s developer gives me the ick. He’s way too pompous in PRs on GH. nginx is just a constant – it does exactly what you need to and does it well.

  • hendrik@palaver.p3x.de
    link
    fedilink
    English
    arrow-up
    1
    ·
    edit-2
    3 months ago

    It’s easy to use, reliable, and doubles as a webserver so I only need one software to host my websites and also do the reverse proxying to the other webservices.

  • ruse8145@lemmy.sdf.org
    link
    fedilink
    English
    arrow-up
    1
    ·
    3 months ago

    Caddy certainly was the easier option but it’s as complex as nginx now and id argue it’s hard to to use.

  • Decronym@lemmy.decronym.xyzB
    link
    fedilink
    English
    arrow-up
    1
    ·
    edit-2
    3 months ago

    Acronyms, initialisms, abbreviations, contractions, and other phrases which expand to something larger, that I’ve seen in this thread:

    Fewer Letters More Letters
    CA (SSL) Certificate Authority
    DNS Domain Name Service/System
    HTTP Hypertext Transfer Protocol, the Web
    HTTPS HTTP over SSL
    IP Internet Protocol
    NAS Network-Attached Storage
    NAT Network Address Translation
    SSL Secure Sockets Layer, for transparent encryption
    TCP Transmission Control Protocol, most often over IP
    TLS Transport Layer Security, supersedes SSL
    UDP User Datagram Protocol, for real-time communications
    VPN Virtual Private Network
    VPS Virtual Private Server (opposed to shared hosting)
    nginx Popular HTTP server

    [Thread #888 for this sub, first seen 26th Jul 2024, 04:25] [FAQ] [Full list] [Contact] [Source code]

  • computergeek125@lemmy.world
    link
    fedilink
    English
    arrow-up
    1
    ·
    edit-2
    3 months ago

    TLDR: probably a lot of people continue using the thing that they know if it just works as long as it works well enough not to be a bother.

    Many many years ago when I learned, I think the only ones I found were Apache and IIS. I had a Mac at the time which came pre installed with Apache2, so I learned Apache2 and got okay at it. While by release dates Nginx and HAProxy most definitely existed, I don’t think I came across either in my research. I don’t have any notes from the time because I didn’t take any because I was in high school.

    When I started Linux things, I kept using Apache for a while because I knew it. Found Nginx, learned it in a snap because the config is more natural language and hierarchical than Apache’s XMLish monstrosity. Then for the next decade I kept using Nginx whenever I needed a webserver fast because I knew it would work with minimal tinkering.

    Now, as of a few years ago, I knew that haproxy, caddy, and traefik all existed. I even tried out Caddy on my homelab reverse proxy server (which has about a dozen applications routed through it), and the first few sites were easy - just let the auto-LetsEncrypt do its job - but once I got to the sites that needed manual TLS (I have both an internal CA and utilize Cloudflare’ origin HTTPS cert), and other special config, Caddy started becoming as cumbersome as my Nginx conf.d directory. At the time, I also didn’t have a way to get software updates easily on my then-CentOS 7 server, so Caddy was okay-enough, but it was back to Nginx with me because it was comparatively easier to manage.

    HAProxy is something I’ve added to my repertoire more recently. It took me quite a while and lots of trial and error to figure out the config syntax which is quite different from anything I’d used before (except maybe kinda like Squid, which I had learned not a year prior…), but once it clicked, it clicked. Now I have an internal high availability (+keepalived) load balancer than can handle so many backend servers and do wildcard TLS termination and validate backend TLS certs. I even got LDAP and LDAPS load balancing to AD working on that for services like Gitea that don’t behave well when there’s more than one LDAPS backend server.

    So, at some point I’ll get around to converting that everything reverse proxy to HAProxy. But I’ll probably need to deploy another VM or two because the existing one also has a static web server and I’ve been meaning to break up that server’s roles anyways (long ago, it was my everything server before I used VMs).

  • miau@lemmy.sdf.org
    link
    fedilink
    English
    arrow-up
    1
    ·
    3 months ago

    Honest question: why not use nginx?

    I have run it in so many different scenarios, both professionally and personally, its crazy. Nginx has never failed me, literally. My homeserver is quite limited but nginx has a very small footprint, it performs beautifully well and it satisfies all my hosting, proxying, redirecting and streaming needs.

    It works for modern and legacy applications, custom code, webhosting, supports all the modern features and its configuration is very easy with literal thousandsof examples available online.

    Apache probably can do all that but I hate how unintuitive its configuration is to me personally. HAproxy cant do half the stuff nginx does.

    As for caddy Ive heard of it but never really used it. What does it offer that nginx doesnt?

  • solberg@lemmy.blahaj.zone
    link
    fedilink
    English
    arrow-up
    0
    ·
    3 months ago

    I think a lot of people just haven’t heard of Caddy. Since I’ve found it I haven’t used anything else.

    • onlinepersona@programming.dev
      link
      fedilink
      English
      arrow-up
      0
      arrow-down
      1
      ·
      3 months ago

      It might be worth looking more deeply into. From a cursory glance, it might be usable for my usecase, but many service have configuration examples for NGINX (or Apache if they’re old). I’ve never seen caddy examples. What has your experience been with adapting those examples to caddy?

      Anti Commercial-AI license