> My intention is to have a container running nginx as a reverse proxy
> and containers running the various combinations of Apache, PHP, RoR,
> MySQL, etc software for the web apps I want. After experimenting
> (mixed success) with combinations of the Ubuntu default lxcbr0 (nginx
> container attached) and macvlan (the other containers + additional
> interface in the nginx container) I've come back around to looking at
> simply attaching all containers to lxcbr0. I don't think anything I
> want to run would have an issue with NAT. I would then port forward
> connections to the public IP for web onto the nginx container and so
> on for other services. The nginx container would proxy to the various
> apache container instances - as they're all connected to lxcbr0 i'm
> assuming from what I've read that's as straightforward as a regular
> LAN.

Hi James,

Looks like you want the *exact* configuration that i currently use for
my FreedomBox. I have put nginx inside a "bastion host" container where
it acts like a reverse proxy for containers running wordpress blogs and
for example owncloud. I also have shorewall (a firewall) running which
can do NAT. Here are some links if you want my configuration:

First, my lxc and network setup

Then, creation of my nginx "bastion host" container

Creation of a wordpress container, connect it to nginx

Limit what containers can do on the network

Safe ssh access from the internet to any container

My setup is running on Debian, so it probably is easy to adapt for


