Is it possible to have two freedomboxes, each with it’s own domain, behind one router/ip-address? Or is it for packages arriving not possible to know which box is their final destination.
One box would be my production box, not to tamper with, and the other one would be my test box to try/test applications and set-ups.
This question has been asked before, but did not get an answer back then:
However, for anything else than http(s), I don’t know. I can ask people who I know run a number of services while they have a single public IPv4 address, but I expect that this may involve some complexity, and require running software not handled by freedombox.
The easiest solution ive found for something similar to this is containerization. with containers, ports are handled internally, making life much easier.
“two freedboxes”: i dont know.
i am running two servers, one with freedombox and the other dietpi (running containers).
both boxes are connected to a single router that forwards ports as necessary. ports 80 and 443 both go directly to fbx. fbx handles some of my apps, my web server and my certificates.
i then use the apache web server on fbx to reverse proxy to the dietpi ports/containers as necessary.
not really the answer to your question but may give a lead to a solution. if the default ports 80 and 443 could be changed for one of the freedomboxes, maybe it could work.
I have two FreedomBoxes at home. A Pioneer and Raspberry Pi 4B.
Pioneer is my edge machine. It handles TLS termination and services like DNS resolver, HTTP proxy, Tor hidden service, Tor SOCKS proxy and VPN server.
Raspberry Pi 4B handles all the “heavier” apps like Samba, MiniDLNA, Radicale, ejabberd (XMPP server), Shaarli.
My router forwards ports 80 and 443 to my Pioneer for all the HTTP/S traffic. I just forward ports needed for XMPP to my Raspberry Pi 4B.
I do something similar to what you are asking by using the apache2 web server as a reverse proxy (using vhosts and locations) to forward traffic internally after Pioneer handles TLS termination.
I reckon FreedomBox already does something similar to this, as for most apps, apache2 proxy forwards traffic to uwsgi internally.
So, what you can do, is point apache2 in your edge (production) machine to your testing server. You can get an idea of what the config file in your edge machine should be by copying the apache conf/site files that get generated on your testing machine after installing an app.
If you are interested in this I can give you more details.
It is possible to have two or more FreedomBoxes behind a router, but without a reverse proxy you can just use a port once - e.g. https (port 443) can only be used for one server from outside. I just did set up a second server as web server with www.mydomain.tld which is using port 443 from outside. My email server uses mydomain.tld with port 80 (http) for the Let’s Encrypt certificates (for mydomain.tld and www.mydomain.tld), which I forward with rsync to the web server, so the www.mydomain.tld has also a certificate. Of course ISP and Firewall configuration must be appropriate.