NGINX is an open-source web server software with reverse proxy functionalities that allow you to redirect traffic to another server. It boasts great features and is free, making it one of the most popular web-serving tools on the internet.
But setting up a reverse proxy on NGINX can take a lot of time. Additionally, if you’ve never used it before, there’s a good chance you’ll run into errors or accidentally misconfigure it.
This brief guide will walk you through setting up the NGINX proxy manager. Bear in mind that you will require sudo permissions and a Linux server with Docker and Docker compose installed.
How to Use the NGINX Proxy Manager
The NGINX Proxy Manager (NPM) is NGINX’s built-in reverse proxy management system best suited for small server environments. It runs on Docker and offers a neat and efficient interface for easy proxy management.
The best part? You don’t have to learn to work with NGINX servers or SSL certificates to set it up.
Step #1: Install Docker
Since NPM runs on a Docker container, you will need Docker installed on the server, along with Docker compose.
We’ve broken down the entire process for an Ubuntu server. If your server is running another distribution of Linux, you can go through the official Docker documentation for the instructions.
First, you have to clear the server of any previous Docker installations by running this command in your terminal:
sudo apt-get remove docker docker-engine docker.io containerd runc |
You can now begin installing Docker. Install the repository and the relevant dependencies with these commands:
sudo apt-get update
sudo apt-get install apt-transport-https ca-certificates curl gnupg lsb-release -y |
Now, set the Docker repository GPG key:
curl -fsSL https://download.docker.com/linux/ubuntu/gpg | sudo gpg –dearmor -o /usr/share/keyrings/docker-archive-keyring.gpg |
You can now add the stable repository with the command:
echo “deb [arch=amd64 signed-by=/usr/share/keyrings/docker-archive-keyring.gpg] https://download.docker.com/linux/ubuntu \
$(lsb_release -cs) stable” | sudo tee /etc/apt/sources.list.d/docker.list > /dev/null |
All that’s left to do is update the repositories. You can then finally install Docker. You can do both of these things with the command:
sudo apt-get update && sudo apt-get install docker-ce docker-ce-cli containerd.io docker-compose -y |
To set Docker to run on startup and start running it on the server, use:
sudo systemctl enable docker.service
sudo systemctl start docker.service sudo systemctl enable containerd.service |
Step #2: Install SQLite
Installing the SQLite database is as simple as running the command:
sudo apt install sqlite3 |
You need SQLite on the machine to run NPM, but you can also use MySQL database.
Step #3: Deploy NPM
Before deploying NPM on Docker, you must create a Docker compose file to initialize the container. Ideally, you must create the file in a directory with full permissions.
Run the command:
nano docker-compose.yaml |
When the compose file opens, put the following lines in it, save it and close it:
version: “3”
services: app: image: ‘jc21/nginx-proxy-manager:latest’ restart: always ports: # HTTP port – ’80:80′ # HTTPS Port: – ‘443:443’ # Admin UI – ’81:81′ environment: DB_SQLITE_FILE: “/data/npm.sqlite” volumes: – ./data:/data – ./letsencrypt:/etc/letsencrypt |
You can now run the Docker compose command:
docker-compose up -d |
As you’d expect, the command deploys the stack from the NPM image in the file.
Step #4: Access the UI
Now that the container is up and running, log into the interface with the port and IP address set in the file.
The NPM login UI will appear. You must then enter the username admin@example.com and the password “changeme.”
Since it’s your first time logging in, you must update the administrator details, including your email, full name, and nickname.
The NPM dashboard will appear, and you can begin working with NPM from here.
Step #5: Set a Proxy Host
The first step of working with NPM is to set up a proxy host that exposes a service. Begin by going to the Hosts section and navigating to Proxy Hosts. Click “Add Proxy Host.”
Next, choose between HTTP and HTTPS. If the service in question doesn’t support HTTPS, choose HTTP. Then, set the domain names, IP address, and forward hostname.
Checking the “Block common exploits” option will make the proxy more secure. Hit “Save,” and you will expose the service. You can now access it with the IP and port or using the hostname you have set. Managing the proxy is easy from the proxy hosts list.
Step #6: Learn the NPM Access List
You might need to expose a service to specific IP addresses. Luckily, doing this is easy with the NPM Access List.
Find the Access List in the interface and click “Add Proxy List.” Name the access list and check the “Satisfy Any” box.
Next, click on the Authorization tab, then set the usernames and passwords for logging into the service later.
Finally, click on the Access Tab and set the IP addresses you want the service to allow connections from. Deny access to all other IP addresses.
Remember that you can attach the list to specific applications from the Proxy Host section. This is as simple as finding your host and setting the access list you created.