Nginx Proxy Manager (SSL/Reverse Proxy)
Nginx Proxy Manager handles SSL termination and internal reverse proxying for all hosted services.
ID: 106
IP Address: <NPM_IP>
Method: Docker inside LXC
1. Instance Specification
LXC Container details:
| Component | Specification | Notes |
|---|---|---|
| vCPU | 1 Core | Low usage |
| RAM | 512 MB | Docker engine overhead included |
| Storage | 10 GB | local-lvm |
| Network | Static IPv4 | CIDR: <NPM_IP>/24 |
| LXC Flags | Nesting=1, Keyctl=1 |
Required for Docker execution |
Critical Requirement
Unprivileged Container must be unchecked OR features nesting and keyctl must be enabled in Options for Docker to function correctly.
2. Installation Steps
A. Environment Preparation
# Update and install dependencies
apt update && apt upgrade -y
apt install -y curl nano git
# Install Docker
curl -fsSL https://get.docker.com -o get-docker.sh
sh get-docker.sh
B. Deployment via Docker Compose
Create docker-compose.yml:
version: '3.8'
services:
app:
image: 'jc21/nginx-proxy-manager:latest'
restart: always
ports:
- '80:80'
- '81:81'
- '443:443'
volumes:
- ./data:/data
- ./letsencrypt:/etc/letsencrypt
Run the stack: docker compose up -d
3. Initial Configuration
Access URL: http://<NPM_IP>:81
- Default Credentials:
- User:
<ADMIN_EMAIL> - Pass:
<PASSWORD> - Action: Update credentials immediately upon first login.
4. Architecture and Flow
Traffic is processed according to the following logic:
- DNS Entry: AdGuard Home resolves the domain (e.g.,
service.home) to the Proxy IP (<NPM_IP>). - Ingress: NPM accepts traffic on Port 80/443.
- Forwarding: NPM inspects the hostname and forwards to the designated Service IP and port.
Example Mapping
| Priority | Service | DNS Rewrite (AdGuard) | Proxy Host (NPM) |
|---|---|---|---|
| 1 | Dashboard | dash.home → <NPM_IP> |
dash.home → <DASHBOARD_IP>:3005 |
| 2 | Media VM | jelly.home → <NPM_IP> |
jelly.home → <MEDIA_IP>:8096 |