a collection of my hacking/reverse engineering writeups and tech guides

NginxProxyManager + Docker Setup Guide

fekie July 25, 2024 #docker #setup #guide

This guide will show you how to set up NginxProxyManager with containerized web apps. This was a very painful process to set up so I decided to write a guide about it.

Prerequisites

  1. Docker + Docker Compose Plugin
  2. Have Nginx uninstalled
  3. Ports 80, 443, and 81 are open on your server
  4. An A DNS record pointing to the server's IP address

Setup

Setting up the NginxProxyManager container

  1. Create and clone a Github repository for your NginxProxyManager configs and data.
  2. Create a docker_compose.yml and paste the following. The <NETWORK> value can be any alphanumeric value, as long as it is the same network that our services will be running on. Port 81 is how we will access the admin panel for NginxProxyManager.
version: "3.8"
services:
    app:
        image: "jc21/nginx-proxy-manager:latest"
        restart: unless-stopped
        container_name: nginxproxymanager
        ports:
            # These ports are in format <host-port>:<container-port>
            - "80:80" # Public HTTP Port
            - "443:443" # Public HTTPS Port
            - "81:81" # Admin Web Port

        volumes:
            - ./data:/data
            - ./letsencrypt:/etc/letsencrypt

networks:
    default:
        external: true
        name: <NETWORK>
  1. Start the program with
docker compose up -d --build

Logging into the admin portal

  1. Head to the newly created admin portal by heading to <SERVER_ADDRESS>:81
  2. Log in using the default email and password (which is currently admin@email.com and changeme respectively)
  3. Immediately after logging in, change the password (I believe the button shows if you click the profile button at the top right) and create the account with an email and save the login info.

Configuring projects to be proxied by NginxProxyManager

  1. We need the child project to have the same <NETWORK> as our NginxProxyManager docker instance. We also need to make sure that our child project has a container name. An example docker-compose.yml for a project is:
services:
    <PROJECT_NAME>:
        build: .
        command: npm run start
        ports:
            - "127.0.0.1:<HOST_PORT>:<DOCKER_PORT>"
        container_name: <PROJECT_NAME>
       
networks:
    default:
        external: true
        name: <NETWORK>
  1. Go ahead and start the docker container with:
docker compose up -d --build
  1. Just to note, containers can be stopped with the following:
docker compose down

Setting up reverse proxies

  1. On the dashboard, click on Proxy Hosts -> Add Proxy Host
  2. On the details tab, enter the info as follows:
Domain Names: <DOMAIN> // -> Click on add domain
Scheme: http
Forward Hostname/IP: <PROJECT_NAME> // (this will be the container_name in our docker compose file from earlier)
Forward Port: <HOST_PORT>
Block Common Exploits: True
  1. On the ssl tab, enter the info as follows:
SSL Certificate: Request a new SSL Certificate
Force SSL: true
Email Address for Let's Encrypt: <EMAIL> // -> agree to terms of service
  1. Your site should now be available at <DOMAIN>

Additional Resources

Index
Prerequisites
Setup
- Setting up the NginxProxyManager container
- Logging into the admin portal
- Configuring projects to be proxied by NginxProxyManager
- Setting up reverse proxies
Additional Resources