I have a general question about Octoprint regarding what is actually listening on port 5000. Note I am running it on an ubuntu-server-19.04 box, not an rpi with Octopi so there is no haproxy involved. The reason I ask is because I would like to access it from the public internet by forwarding ports 80 & 443 on my Linksys WRT3200ACM router running OpenWrt to a dedicated Nginx reverse proxy server on my network. That connection will be over SSL https with a cert I got from letsencrpyt using a domain name I have. This means any incoming connections from the public internet will have to go through the reverse proxy with an http auth first in order to get to any of my self-hosted web services.
So the question is, is there a way to make an SSL connection from my reverse proxy server, directly to port 5000 of the Octoprint instance on a separate server (no localhost connection to port 5000)? That's why I'm asking how or what software (or I guess programming language) is making it possible to listen on that port 5000 for Octoprint so maybe I could use a SSL certificate for that connection also. If not, I will just use an SSH tunnel but just wanted to ask out of curiosity. And I know I probably don't need encryption over my internal network but it is over wifi and mostly I just like tinkering with network stuff for fun.
Thanks for your help!