networking – How to serve couple domains with differents ports and apps trough single public IP to VM as backend on same host

I have a bare-metal host with 8 cores and 64 GB RAM, 4To HDD on RAID 1 with a single public IP.

I was thinking to share this huge rig with a couple of VMs so can run different services and OS in each VM.

So, I can share 80, 443 ports trough same public IP to different VMs

I.E.:

Public IP 123.23.1.2

baremetal.domain.tld --> 123.23.1.2
service1.domain.tld --> 123.23.1.2 internal to 192.168.122.1
service2.domain.tld --> 123.23.1.2 internal to 192.168.122.2
...

So there are services could be reached internet wide on each server:

baremetal: 
ssh/22
https/443
http/80
This could run containerized services on some ports.

service1:
https/443
http/80
virtualmin/1000

service2:
https/443
http/80
vestacp/8083
smtp/25
imap/993
dns/53
pgsql/5432
mysql/3306

service3:
other services/ports like IoT protocols etc.

I was thinking this could be done with HAProxy since it does a load balance that can masquerade backend VMs, but my first attempt failed with SSL errors to virtualmin.

global
defaults
        timeout connect 5000
        timeout client  50000
        timeout server  50000

frontend service1_frontend
    bind service1.domain.tld:1000

    default_backend service1_backend

backend service1_backend
    mode    tcp
    source 0.0.0.0 usesrc client
    server  melchor 192.168.122.1:1000