How to make my selfhosted website use the IP of a remote server rather than the public IP of my home?
Solution 1:
Depends on situation:
Let's say that home IP is 1.1.1.1 and Azure IP is 2.2.2.2
-
Home IP is a completely global IP and Home IP is static → Then create two records
azure.domain.com A 2.2.2.2andhome.domain.com A 1.1.1.1and add redirect rule (azure.domain.com → home.domain.com) to Nginx※ Note: If you able to deploy all pages and services at Raspberry PI you actually don't need Azure hosting at all. Just publish and share
home.domain.comurl directly. If some of services should use Azure hosting you need to use redirect as I mentioned before or Nginx's reverse proxy feature (it is able to use IP address directly for proxy endpoint so you don't need to register domain name for1.1.1.1) -
Home IP is a completely global IP and Home IP is dynamic → Not perfect... Azure server have to know every time changing Home global IP. Here is couple possible solutions:
- create script at home side and add it to cron task. That will get own global IP and update
home.domain.comrecord every time when IP changed. Also you may use DynDNS services for these purposes (DynDNS is a easiest solution if router support this feature). In this casehome.domain.comwill be usually accessible globally (except time when IP changed but domain record still not updated or old value is cached at client side). - create script at home side and add it to cron task. That will get own global IP and update Azure Nginx's reverse proxy IP. In this case you can use only raw global IP address without setting
home.domain.com. Also this way allow to avoid domain record updating time lag. - create VPN server at Azure side and pass the reverse proxy connection through VPN internal network. Don't forget to automatically re-connect VPN when Home's ISP session updating.
- create script at home side and add it to cron task. That will get own global IP and update
-
Home IP is a not-so-global IP behind ISP NAT and probably Home IP is dynamic → Houston, We've Got a Problem... Even if Azure server knows current Home IP address it can't connect to it from outside. You must to initiate connection from inside (Home's Raspberry PI) to outside (Azure server). For example you may use SSH tunnel initiated from Raspberry PI for these purposes. But easier way will be VPN connection as I described at 2.3
If you plan to use first scenario's reverse proxy way, the Nginx's config should be like:
# set home server global IP
upstream home_server{
server 1.1.1.1:80;
}
server {
listen 80;
server_name azure.domain.com;
# set proxy endpoint (home server)
# all azure.domain.com/home* urls will be redirected to home server
location ~* ^/home {
proxy_pass http://home_server;
proxy_intercept_errors on;
proxy_connect_timeout 3600;
proxy_send_timeout 3600;
proxy_read_timeout 3600;
proxy_pass_request_headers on;
}
}
Addition:
Answering to
I wanted to point to Azure IP because I don't want my website IP address to be associated with my approximate location
Nginx reverse proxy will help to hide actual IP. Only azure.domain.com (or associated with it IP) location will be visible from client side. (However real IP may be stored at http headers, don't forget to rewrite it too)
Second simple way is to use iptables (if Azure hosting is Linux) and forward traffic (2) from azure IP to your home IP:
iptables -t nat -A PREROUTING -p tcp --dport 80 -j DNAT --to-destination 1.1.1.1:80
iptables -t nat -A POSTROUTING -j MASQUERADE
will redirect all http (port 80) traffic to 1.1.1.1:80