Skip to content

wmo-raf/nginx-proxy-manager

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

5 Commits
.env.sample
.env.sample
 
 
.gitignore
.gitignore
 
 
README.md
README.md
 
 
docker-compose.yml
docker-compose.yml
 
 

Repository files navigation

Nginx Proxy Manager Installation Guide

Nginx Proxy Manager is a simple yet powerful reverse proxy solution with a beautiful web interface. No command-line expertise needed:

  • Visual interface - Manage proxy hosts from an intuitive dashboard
  • SSL/TLS automation - Let's Encrypt integration with automatic renewal
  • Zero downtime - Add, modify, or remove proxy hosts on the fly
  • Security features - Access lists, basic auth, and bot protection
  • Load balancing - Distribute traffic across multiple backend servers

Perfect for routing traffic to multiple services, setting up a single entry point for your infrastructure, or hosting multiple applications on one server without port conflicts.

More details https://nginxproxymanager.com

Step-by-Step Setup Instructions

Prerequisites

Before you begin, ensure you have the following installed on your system:

  1. Docker (version 20.10+)
  2. Docker Compose (version 2.0+)
  3. Git (to clone repositories or download files)
  4. A Linux server (Ubuntu 20.04+ or CentOS 7+ recommended)
  5. Internet connection to download Docker images
  6. Domain name (optional, but recommended for SSL certificates)

Check if you have Docker and Docker Compose installed:

docker --version
docker compose version

If not installed, follow the official Docker installation guide.

Step 1: Clone the repository to your server

git clone https://github.com/wmo-raf/nginx-proxy-manager.git

cd nginx-proxy-manager

Create subdirectories for data persistence:

mkdir -p data
mkdir -p letsencrypt

Your directory structure should look like this:

nginx-proxy-manager/
├── data/
├── letsencrypt/
├── docker-compose.yml
└── .env

Step 2: Create the .env Configuration File

Create a file named .env in your nginx-proxy-manager directory:

cp .env.sample .env

Add the following content:

NETWORK_NAME=

You can customize the network name to match your infrastructure.

Save the file (in nano: press Ctrl+O, then Enter, then Ctrl+X).

Step 3: Create the Docker Network (First Time Only)

The configuration uses an external network. Create it with this command (use the NETWORK_NAME from your .env file):

docker network create nginx_network

Or if you changed NETWORK_NAME in your .env file, replace it accordingly:

docker network create your_custom_network_name

To verify the network was created:

docker network ls

Important: If you're using this with other services (like SFTPGo), make sure to use the same network name so all services can communicate.

Step 4: Set Directory Permissions

Set proper permissions for the data directories:

chmod 755 data
chmod 755 letsencrypt

Step 5: Start the Service

Navigate to your project directory and start the service:

cd ~/nginx-proxy-manager
docker compose up -d

The -d flag runs containers in detached mode (background).

Monitor the startup process:

docker compose logs -f

Wait until you see messages indicating the service is running. Press Ctrl+C to exit the logs.

Step 6: Verify Installation

Check if the container is running:

docker compose ps

Expected output:

CONTAINER ID   IMAGE                                STATUS
xxxxx          jc21/nginx-proxy-manager:latest     Up 2 minutes

Check the logs for any errors:

docker compose logs nginx_proxy_manager

Step 7: Access the Admin Interface

Open your web browser and go to:

http://your-server-ip:81

Replace your-server-ip with your server's actual IP address.

Default Admin Credentials:

  • Email: admin@example.com
  • Password: changeme

⚠️ IMPORTANT: Change default credentials immediately after first login!

Step 8: Configure Your First Proxy Host

  1. Log in with default credentials
  2. Go to "Hosts" → "Proxy Hosts"
  3. Click "Add Proxy Host"
  4. Fill in:
    • Domain Names: Your domain(s)
    • Scheme: http or https
    • Forward Hostname/IP: Your backend service IP/hostname
    • Forward Port: Your backend service port
  5. Enable "Block Common Exploits" for security
  6. Go to "SSL" tab and select "Request a new SSL Certificate"
  7. Enter your email and accept Let's Encrypt terms
  8. Save

Port Configuration Reference

Your Nginx Proxy Manager setup uses these ports:

Port Service Purpose
80 HTTP Web traffic (auto-redirect to HTTPS)
81 Admin Interface Web administration panel
443 HTTPS Secure web traffic

Ensure these ports are:

  1. Not blocked by firewall
  2. Open in your hosting provider's security groups
  3. Accessible from the internet

Stopping and Starting Services

Stop the service:

docker compose down

Start the service again:

docker compose up -d

Restart the service:

docker compose restart

View logs:

docker compose logs -f nginx_proxy_manager

View last 100 lines of logs:

docker compose logs --tail=100 nginx_proxy_manager

Connecting Other Services

To connect other services (like SFTPGo) to this Nginx Proxy Manager:

  1. Ensure both services use the same network (configured in .env with NETWORK_NAME)
  2. In Nginx Proxy Manager, use the service container name as the hostname
    • Example: sftpgo:8080 for SFTPGo web interface
  3. Set the appropriate forward port

Troubleshooting

Issue: Cannot access admin interface (http://ip:81)

Solution:

  1. Check if container is running: docker compose ps
  2. Check firewall settings: sudo ufw status
  3. Allow port 81: sudo ufw allow 81
  4. Check service logs: docker compose logs nginx_proxy_manager

Issue: SSL certificate not renewing

Solution:

  1. Check logs: docker compose logs nginx_proxy_manager | grep letsencrypt
  2. Ensure ports 80 and 443 are accessible from the internet
  3. Verify domain DNS is pointing to your server
  4. Check Let's Encrypt rate limits (50 certificates per domain per week)

Issue: Cannot reach backend services

Solution:

  1. Verify services are on the same network: docker network inspect nginx_network
  2. Use service container name, not localhost or 127.0.0.1
  3. Ensure backend service is running: docker compose ps
  4. Check backend service logs for errors

Issue: 502 Bad Gateway error

Solution:

  1. Verify backend service is running and healthy
  2. Check forward hostname/port configuration in proxy host
  3. Check backend service logs: docker compose logs service_name
  4. Ensure backend service is accessible on the network

Issue: Permission denied errors

Solution:

sudo chown -R 33:33 data
sudo chown -R 33:33 letsencrypt

Security Best Practices

  1. Change default credentials immediately
  2. Use strong passwords (minimum 16 characters)
  3. Configure firewall to restrict access to admin port 81
  4. Enable SSL certificates for all proxy hosts
  5. Use strong SSL/TLS settings (A+ rating recommended)
  6. Enable Access Lists to restrict IPs if needed
  7. Enable HTTP/2 for better performance
  8. Keep Docker images updated: 
    docker compose pull
docker compose up -d
  9. Monitor logs regularly for suspicious activity
  10. Back up your configuration regularly

SSL Certificate Management

Request new certificate:

  • Go to Proxy Host
  • SSL tab → "Request a new SSL Certificate"
  • Let's Encrypt handles automatic renewal

Regular Maintenance

Update containers regularly:

docker compose pull
docker compose up -d

Clean up unused Docker resources:

docker system prune -a

Monitor disk space:

df -h
du -sh *

Advanced Configuration

Custom Docker network across multiple projects:

If you're running multiple Docker Compose projects and want them to communicate:

  1. All projects must use the same NETWORK_NAME in their .env
  2. Create network once: docker network create shared_network
  3. All services will be discoverable by container name

Monitoring and Logging

View real-time logs:

docker compose logs -f --tail=50 nginx_proxy_manager

Export logs:

docker compose logs nginx_proxy_manager > nginx_logs.txt

Monitor resource usage:

docker stats nginx_proxy_manager

Support and Documentation

Next Steps

  1. Set up your first proxy host
  2. Configure SSL certificates
  3. Set up access lists for security
  4. Configure redirects if needed
  5. Monitor and maintain regularly
  6. Document all configurations

About

Nginx Proxy Manager Installation Guide

nginxproxymanager.com

Resources

Readme
Activity
Custom properties

Stars

0 stars

Watchers

0 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

No packages published