How to easily configure reverse proxy for your sites and other things (Nginx Proxy Manager)

Hi there. I’m sure that many people have a question – how to forward ports on their routers, for make several internal HTTP or HTTPS services working on one external IP address. The question is mostly actual for home and small businesses. And the task can be solved with configuring a reverse proxy.

There are many of products, from very expensive as they said - enterprise class, to very simple which were made on their knees – for example raw Nginx, or something like that, without any control panel. Today I want to show you, very interesting product, which I have been using for several years in my home lab, and for which I have no any questions at all. That’s ]]>Nginx Proxy Manager]]>.

This is something like an addon for Nginx, or a control panel, with very pleasant and intuitive web interface. It is coming as a docker container, so installation doesn’t require any special knowledge or editing any configs, and takes for about 5 minutes.

So lets start to install that system. I have a fresh installed Ubuntu Server 22.04.

First of all update your system:

apt update
apt upgrade

Then we must install docker:

sudo apt install apt-transport-https ca-certificates curl software-properties-common
curl -fsSL https://download.docker.com/linux/ubuntu/gpg | sudo gpg --dearmor -o /usr/share/keyrings/docker-archive-keyring.gpg
echo "deb [arch=$(dpkg --print-architecture) signed-by=/usr/share/keyrings/docker-archive-keyring.gpg] https://download.docker.com/linux/ubuntu $(lsb_release -cs) stable" | sudo tee /etc/apt/sources.list.d/docker.list > /dev/null
sudo apt update
sudo apt install docker-ce

And docker-compose. You should look for actual version on ]]>github]]>:

sudo curl -SL https://github.com/docker/compose/releases/download/v2.10.2/docker-compose-linux-x86_64 -o /usr/libexec/docker/cli-plugins/docker-compose
sudo chmod +x /usr/libexec/docker/cli-plugins/docker-compose
sudo docker compose version

Finally lets install Nginx Proxy Manager. We have to create a file docker-compose.yml. Because this is yml – indentation matters here, keep it in mind:

nano docker-compose.yml

Content of the file:

version: "3"
services:
  app:
    image: 'jc21/nginx-proxy-manager:latest'
    restart: unless-stopped
    ports:
      # These ports are in format <host-port>:<container-port>
      - '80:80' # Public HTTP Port
      - '443:443' # Public HTTPS Port
      - '81:81' # Admin Web Port
      # Add any other Stream port you want to expose
      # - '21:21' # FTP
    environment:
      DB_MYSQL_HOST: "db"
      DB_MYSQL_PORT: 3306
      DB_MYSQL_USER: "npm"
      DB_MYSQL_PASSWORD: "npm"
      DB_MYSQL_NAME: "npm"
      # Uncomment this if IPv6 is not enabled on your host
      # DISABLE_IPV6: 'true'
    volumes:
      - ./data:/data
      - ./letsencrypt:/etc/letsencrypt
    depends_on:
      - db

  db:
    image: 'jc21/mariadb-aria:latest'
    restart: unless-stopped
    environment:
      MYSQL_ROOT_PASSWORD: 'npm'
      MYSQL_DATABASE: 'npm'
      MYSQL_USER: 'npm'
      MYSQL_PASSWORD: 'npm'
    volumes:
      - ./data/mysql:/var/lib/mysql

sudo docker compose up -d

Wait for the end of command execution and in browser go to the address of your server on port 81.

Default username and password are – [email protected] and changeme.

After the first login system will ask you to change account settings and password.

Let’s look to the interface. On the dashboard tab, information about your rules is showed.

By clicking on a tile, you will go to the control interface. The main one, is Proxy Hosts – this is actually reverse proxying.

In the redirection hosts you can add domain redirection rules.

Streams are needed, if you plan to host, for example, a game server.

In the 404 hosts tab, custom error pages can be set.

In the access lists tab, different access rules can be added. You can create rules with nginx auth requirements, or rules for different ip addresses or networks, or both of them.

In the SSL Certificates tab – Certificates can be managed.

In the users tab, some additional users for system control, can be added.

In the settings – default site can be set, if request will come to site which hadn’t been added to proxy host, or somewhere else. It can be the control site of Nginx Proxy Manager, a 404 page, redirect to specified address, or a custom page.

As I said, I have been using this system for several years, and it works great, I hadn’t had any problems with it. Due to simplicity of the interface, there is no need to bother either reissuing certificates or editing Nginx configs.

I think, this is almost perfect reverse proxying system for home or small business. Great respect and thanks to developers!