I currently have quite a few self hosted services running on two machines on my home network; docker, not k8s. Some are LAN-only (or VPN, of course), but quite a few are exposed to the internet via a reverse proxy. I stream media, and have a decent uplink with no ISP filtering, so my current solution is HAProxy on my router, pointing to the various backends.

This works perfectly, and gives better reliability than running something like NPM, Traefik, Authelia, or Authentik on one of my nodes, with port forwarding; in case one node is down, services on the other remain accessible. However, HAProxy on OpenWRT can be a bit limited, and I'd like to be able to get more visibility into traffic as well as add addition authentication.

Has anyone had any luck running a more advanced reverse proxy on the edge device? I have a Nano PI r4s, so it should be more than powerful enough to handle the load, though for simplicity's sake, I'd prefer to stick to relatively vanilla openwrt.