#linux #network #homelab

Nginx Proxy Manager (NPM) is a docker container for managing Nginx proxy hosts with a simple, powerful interface. For further information check out the website.

This document will focus on setting up NPM in a Docker environment alongside other containers (the second installation case from the website). This setup ensures NPM runs within a custom network, helping keep your services isolated.

1. Create a custom docker network

By setting up a custom Docker network, you can ensure that upstream services remain secure and don't expose unnecessary ports to the Docker host's interfaces. This keeps your system more secure and organized.

docker network create ocean


This network (ocean) will be used for all your containers, allowing them to communicate with each other privately.

2. Create a docker-compose.yaml file


services:
  app:
    image: 'jc21/nginx-proxy-manager:latest'
    restart: unless-stopped
    ports:
      # These ports are in format <host-port>:<container-port>
      - '80:80' # Public HTTP Port
      - '443:443' # Public HTTPS Port
      - '81:81' # Admin Web Port
      # Add any other Stream port you want to expose
      # - '21:21' # FTP

      # environment:
      # Uncomment this if you want to change the location of
      # the SQLite DB file within the container
      # DB_SQLITE_FILE: "/data/database.sqlite"

      # Uncomment this if IPv6 is not enabled on your host
      # DISABLE_IPV6: 'true'

    volumes:
      - ./data:/data
      - ./letsencrypt:/etc/letsencrypt

networks:
  default:
    external: true
    name: ocean


Key Points:
  • Ports: Ports 80, 443, and 81 are exposed. Port 80 and 443 are for HTTP and HTTPS traffic, while port 81 is the admin interface.
  • Volumes: Volumes ensure that your data and SSL certificates persist across container restarts.
  • Network: The container is attached to the ocean network, isolating it from other host networks.
  • Start it with docker compose up -d


3. Configure NPM in the UI


Once NPM is running, navigate to the NPM web interface (http://<host>:81) to start configuring your proxy hosts.

For example, to add a proxy for Portainer:

  • Set Host: portainer (matching the service name defined in Docker Compose).
  • Set Port: 9000 (this port is exposed by the Portainer container but is not published to the Docker host directly).


By using Docker's internal network, services like Portainer are accessible within the same network but aren’t exposed to external interfaces.