Nginx Proxy Manager

After years of just running small services, and poking 2,077 holes in my firewall almost that many I was determined to get some sort of sanity in place and learn some reverse proxy technology. With Traefik the Docker integration was pretty compelling, but not everything I use runs on one box; I have a few things split between a RaspberryPi 4 and my latest tinker toy - an old but solid HP Z220 workstation. Caddy seemed interesting, but I didn’t need an http server- I needed a proxy. Enter Nginx Proxy Manager - this fits the bill perfectly for what I need. Since I have a few domains laying around that I don’t use and still pay for- I figured its perfect. The biggest thing I had to wrap my head around was really how simple it was. It literally does EVERYTHING FOR YOU- my biggest fear of these tools was certificate management, but as you setup various proxy hosts, it automagically requests, installs and renews Let’s Encrypt certificates for all your web-exposed applications. This is particularly handy for applications that don’t offer any SSL services as you can wrap everything (and force) in SSL communications so you don’t accidentally send passwords in cleartext over the internet. The sample docker-compose.yml is a perfect starting point and once you open up ports 80 and 443 in your router you are done. Here is the file - be sure to change your passwords though!

version: '3'
services:
  app:
    image: 'jc21/nginx-proxy-manager:latest'
    ports:
      - '80:80'
      - '81:81'
      - '443:443'
    volumes:
      - ./config.json:/app/config/production.json
      - ./data:/data
      - ./letsencrypt:/etc/letsencrypt
  db:
    image: 'jc21/mariadb-aria:10.4'
    environment:
      MYSQL_ROOT_PASSWORD: 'npm'
      MYSQL_DATABASE: 'npm'
      MYSQL_USER: 'npm'
      MYSQL_PASSWORD: 'npm'
    volumes:
	- ./data/mysql:/var/lib/mysql

Be sure to checkout the quickstart guide and get proxying! I’m kicking myself for not doing it sooner.