[Support] Nginx Proxy Manager (NPM) Official

mgutt

By mgutt
in Docker Containers

Recommended Posts

  • Replies 969
  • Created
  • Last Reply

Top Posters In This Topic

Popular Days

Top Posters In This Topic

Popular Days

Popular Posts

mgutt
mgutt

No joke: I missed this part in the docs:   I will update the container and remove the external DB. SQLite is the easier option for the user.

mgutt
mgutt

Correct. You can not reach unRAID through port 8080 or you explicitly changed Unraid to this port in the settings.   Note: you could change UNRAID to 5000/5001 and let NPM listen to 80/443.

Mentox
Mentox

Hi @mgutt, what is the reason for using MariaDB instead of SQLite? I am running jc21 and SQLite works great.

Posted Images

Yoda_1204 Noob

Yoda_1204

Posted
Posted

I have a sophos XG Firewall that has 5 different public IP address on it. 
I want to find out if the below is possible to do with Nginx Proxy manger.

I want to point each public IP address to a different Unraid - Nginx Proxy Container. (So I would have a total of 5 Nginx Proxy containers). Is this possible to do?

I have tried this with two Nginx Proxy contains with no look so far. The first one always works, but the second one does not. I have changed all of the ports and data paths to different locations.

Thank you in advance

Link to comment
mgutt Veteran

mgutt

Posted
  • Author
Posted
9 minutes ago, Yoda_1204 said:

I want to point each public IP address to a different Unraid - Nginx Proxy Container. (So I would have a total of 5 Nginx Proxy containers). Is this possible to do?

I'd say you need to add each IP range as a different VLAN and use the different br0.XX for different NPM containers:

 

 

 

Of course each NPM container needs a different name and different appdata paths.

  • Like 1
Link to comment
  • 2 weeks later...
blaine07 Enthusiast

blaine07

Posted
Posted

On SWAG I was able to put YOURLS in a www folder and change a file to allow access to YOURLS right through SWAG. Is there some way or somewhere I can put little things like that for NPM to host? In NPM I see a "default_www" inside nginx? 

 

Anyone using YOURLS with NPM that can maybe shed light?

Link to comment
blaine07 Enthusiast

blaine07

Posted
Posted
45 minutes ago, mgutt said:

Adding a new host to NPM?!

Where can I put the YOURLS folder and how would I use the “Custom Locations” or “Advanced” to point it at correct folder? I just don’t know how to point it at where I put YOURLS. I assume YOURLS could go directly inside “data” like on SWAG but how would I point back to it? Especially with YOURLS having a few special things that have to be forwarded. 

 

If I flustered you, I’m sorry.  

Link to comment
mgutt Veteran

mgutt

Posted
  • Author
Posted
10 hours ago, blaine07 said:

Where can I put the YOURLS folder

I don't understand your question. You have a container. This container has a local IP and a Port. Now it should become reachable through a domain, which has a public IP pointing to your router. Your router forwards the traffic to your unRAID Server/NPM. Now you add the domain to NPM through the hosts page and set the local IP and Port of the container as the forward IP/Port. Done. The traffic of this domain is forwarded to the container.

 

So about which "folders" are you talking?

 

 

 

 

 

Link to comment
blaine07 Enthusiast

blaine07

Posted
Posted (edited)
2 minutes ago, mgutt said:

I don't understand your question. You have a container. This container has a local IP and a Port. Now it should become reachable through a domain, which has a public IP pointing to your router. Your router forwards the traffic to your unRAID Server/NPM. Now you add the domain to NPM through the hosts page and set the local IP and Port of the container as the forward IP/Port. Done. The traffic of this domain is forwarded to the container.

 

So about which "folders" are you talking?

 

 

 

 

 

Yourls isn’t a container. It just goes into a directory inside of the swag container. No port to point to for it. Inside swag one of the conf files forwards urls.mydomain.net to folder where YOURLS is inside of Swag at. 
 

* I’m just trying to mimic dropping folder somewhere inside NPM and pointing a subdomain at NPM at that directory contained within Npm

Edited by blaine07
Link to comment
JonathanM Grand Master

JonathanM

Posted
Posted
11 hours ago, blaine07 said:

just surprised I can do that with SWAG and NOT NPM. 

swag is a full NGINX server implementation that many people just happen to be using as a reverse proxy.

NPM is a specialized NGINX set up to make reverse proxy convenient and easy to set up. It's not designed to do anything BUT reverse proxy, hence the name Nginx PROXY manager.

  • Thanks 1
Link to comment
Kopernikus Apprentice

Kopernikus

Posted
Posted (edited)

@mgutt

 

Hi,

 

Using this container for a few months now, and all working fine.

However I wanted to run a public instance off the SearxNG metasearch docker.

I have set this up as usual in NPM and all seem te be working.

However to allow it to be placed on the public instance list (https://searx.space/#) it needs to have an A+ TLS grade and an A+ HTML grade. For nginx the config would be: https://ssl-config.mozilla.org/ and for the HTML https://github.com/searxng/searx-docker/blob/master/Caddyfile#L33-L84

 

Is this possible with Nginx Proxy Manager or will this require a full Nginx docker?

Edited by Kopernikus
Link to comment
Kopernikus Apprentice

Kopernikus

Posted
Posted
15 hours ago, mgutt said:

You can add headers through the advances tab of a host and by using the "add_header" command.

 

Hi,

 

For the headers this seems to be working, thx.

However for the TLS I found the solution but don't now how to implement it.

I need to edit /etc/nginx/conf.d/include/ssl-ciphers.conf with a more "thight" ssl cipher list.

Ofcourse I could edit the file and save it to a new container but then I would have to do this every time the container is updated.

So I thought of mounting (overwriting) the file directly into the container, so something like this:

 

/etc/nginx/conf.d/include/ssl-ciphers.conf:/path/to/local/file/myown-custom-ssl-ciphers.conf

 

I tried it true the mount path in unraid but that doesn't seem to work.

Any idea?

 

Ideally it would be good if we can set this as an option in /data/nginx/custom/ssl-ciphers.conf or through the UI of NPM

Link to comment
Kopernikus Apprentice

Kopernikus

Posted
Posted (edited)
4 hours ago, mgutt said:

@Kopernikus

What is the content of ssl-ciphers.conf (Check NPM at github)? Maybe this can be added to the advanced tab as well.


  

ssl_session_timeout 5m;
ssl_session_cache shared:SSL:50m;

# intermediate configuration. tweak to your needs.
ssl_protocols TLSv1.2 TLSv1.3;
ssl_ciphers 'ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES256-GCM-SHA512:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA512:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305';
ssl_prefer_server_ciphers on;

 

It's the same as the ssl-cipher.conf already in the NPM docker except unsecure ciphers are removed and ssl_prefer_server is set to on

Edited by Kopernikus
Link to comment
carltonb Noob

carltonb

Posted
Posted

I am back again to ask for help with a problem that I never figured out (probably due to my understanding) of Cloudflare and NPM.

I created a Cloudflare account and NPM in unraid.

I got my Nextcloud up and running thanks to the great tutorials online.

But my problem still lies if I try to add more than one proxy in NPM.

If I add Vaultwarden and click on it it opens up Nextcloud and not Vaultwarden.

I am attaching a picture of what I have setup. I tried to follow the suggestions that everyone provided about 5 months ago but failed. I need to see if I can get this figured out for at least my own learning experience.

Please let me know what other information may be needed.

npm.jpg

Link to comment

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.

Guest
Reply to this topic...

×   Pasted as rich text.   Restore formatting

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
Go to topic listing