I have a GitLab instance in docker-compose on a VM in my home network.
It's running behind HAProxy proxy and accessible on git.example.com:443.
To be able to access them both inside my home network and outside my home network, I have to have the DNS point git.example.com to the HAProxy address.
Because of this, when I try to SSH to git.example.com, it tries to SSH into the proxy server instead.
So I'm trying to be able to forward it so that if someone tries to SSH on ssh.git.example.com:22 (or port 443), it will redirect it to media.lan.example.com:4002, because port 4000/4001/4002 are the ports docker uses for the container for ports 80/443/22 respectively.
How can I achieve this? To be able to SSH on port 22 or 443 at ssh.git.example.com without having to have the client change any of their config.
My HAProxy config:
frontend http
bind example.com:80
reqadd X-Forwarded-Proto:\ http
mode http
use_backend gitlab-backend if { hdr(host) -i git.example.com }
frontend https
bind example.com:443 ssl crt /certs/cert.pem
mode http
use_backend gitlab-backend if { hdr(host) -i git.example.com }
backend gitlab-backend
redirect scheme https if !{ ssl_fc }
server gitlab1 media.lan.example.com:4001 ssl check verify none
mode http
backend gitlab-ssh-backend
redirect scheme https if !{ ssl_fc }
mode tcp
server gitlabssh1 media.lan.example.com:4002 check
frontend gitlab-ssh-frontend
bind ssh.git.example.com:443 ssl crt /certs/cert.pem
use_backend gitlab-ssh-backend
mode tcp
