Nginx Proxy Manager - Getting Started

Nginx Proxy Manager is a container-based solution that makes it easy to manage reverse proxies without needing to manually edit configuration files. It provides a user-friendly web interface for managing proxies, SSL certificates, and access controls.

Similar information using video format: Lawrence Systems, Self-Hosted SSL Simplified: Nginx Proxy Manage

Prerequisites

Before installing Nginx Proxy Manager, ensure you have:

• Docker and docker composer. Install instructios are in this site
• Ports open to internet 80 81 and 443

Installation

We will be using new VM inside Google Cloud Platform for this. Make similar computer instance like last time. Remember to choose Ubuntu 22.04 LTS as the operating system (NO ARM)! Remember to open ports 80, 81, and 443 in the firewall settings and also the firs person to go to port 81 will be the admin user, so be careful with that.

Better options would be not to open port 81 to the public and instead use an SSH tunnel to access the admin interface, but for simplicity we will open it to the public for now.

Using Docker Compose (Recommended)

Create a docker-compose.yml file:

YAML

services:
  app:
    image: 'jc21/nginx-proxy-manager:latest'
    restart: unless-stopped
    ports:
      - '80:80'
      - '81:81'
      - '443:443'
    environment:
      TZ: 'Europe/Helsinki'
    volumes:
      - ./data:/data
      - ./letsencrypt:/etc/letsencrypt

Start the services:

Bash

docker-compose up -d

Access Control

IP Whitelist/Blacklist

1. Open your proxy host
2. Go to the Access tab
3. Under Access List, select or create a new access list
4. Define allowed/blocked IPs
5. Click Save

Basic Authentication

1. In the proxy host, go to the Access tab
2. Under Authorization, enter username and password
3. Click Save

Users will be prompted for credentials before accessing the service.

Managing SSL Certificates

Let's Encrypt Auto-Renewal

Certificates are automatically renewed 30 days before expiration. Monitor renewal status in:

Menu → Certificates

Using Custom Certificates

1. Go to Certificates
2. Click Add Certificate
3. Choose Custom Certificate
4. Upload your certificate and private key files
5. Click Save

GeoIP Blocking (For comparison with Traefik)

Next we will do a small comparison of GeoIP blocking with Traefik and Nginx Proxy Manager. This is good example how is to "stretch" the functionality of smaller program like Nginx Proxy Manager compared to Traefik. Will it be better to use a bigger program like Traefik for this or is it possible to do it with Nginx Proxy Manager? Let's find out.

We need to enable GeoIP in Nginx Proxy Manager to block traffic from specific countries. To do this we need to configure or better wording is to enable it with a edit inside of docker compose file.

Here are two good guides for this:

• https://nginxproxymanager.com/advanced-config/#enabling-the-geoip2-module and
• True guid https://gist.github.com/bonelifer/765fdfce1af0df2a57fed4e62c7bdaf4
• Note : Github pull request from Jan 8, 2019 that adds GeoIP2 support to Nginx Proxy Manager https://github.com/NginxProxyManager/nginx-proxy-manager/issues/46