This project comes as a pre-built docker image that enables you to easily forward to your websites running at home or otherwise, including free SSL, without having to know too much about Nginx or Letsencrypt.
Project Goal
I created this project to fill a personal need to provide users with a easy way to accomplish reverse proxying hosts with SSL termination and it had to be so easy that a monkey could do it. This goal hasn't changed. While there might be advanced options they are optional and the project should be as simple as possible so that the barrier for entry here is low.
Features
- Beautiful and Secure Admin Interface based on Tabler
- Easily create forwarding domains, redirections, streams and 404 hosts without knowing anything about Nginx
- Free SSL using Let's Encrypt or provide your own custom SSL certificates
- Access Lists and basic HTTP Authentication for your hosts
- Advanced Nginx configuration available for super users
- User management, permissions and audit log
New Features
- HTTP/3 (QUIC) Support if you enable HTTP/2 (can not be enabled separate)
- Fix Proxy Hosts, if origin only accepts TLSv1.3
- Only use TLSv1.2 and TLSv1.3
- Uses OCSP Stapling
- Needs manual migration if you use custom certificates, just upload the CA/Intermediate Certificate (file name:
chain.pem) in the/opt/npm/custom_ssl/npm-[certificate-id]folder
- Needs manual migration if you use custom certificates, just upload the CA/Intermediate Certificate (file name:
- Smaller then the original
- Runs the admin interface on port 81 with ssl (https)
- Default page runs also with ssl (https)
- Uses fancyindex if you use the npm directly as webserver
- Expose INTERNAL backend api only to localhost
- Easy security headers, see here, enabled by default if you enable hsts
- Access Log disabled
- Error Log written to console
Soon
- more
- I will try to create a pr to contribute to the original project
Hosting your home network
I won't go in to too much detail here but here are the basics for someone new to this self-hosted world.
- Your home router will have a Port Forwarding section somewhere. Log in and find it
- Add port forwarding for port 80 and 443 to the server hosting this project
- Configure your domain name details to point to your home, either with a static ip or a service like DuckDNS or Amazon Route53
- Use the Nginx Proxy Manager as your gateway to forward to your other web based services
Quick Setup
- Install Docker and Docker Compose
- Create a compose.yaml file similar to this:
version: "3"
services:
nginx-proxy-manager:
container_name: nginx-proxy-manager
image: zoeyvid/nginx-proxy-manager
restart: always
network_mode: host
volumes:
- "/opt/npm:/data"
- "/opt/npm-letsencrypt:/etc/letsencrypt" # Only needed for first time migration from original nginx-proxy-manager to this fork
- "/var/www:/var/www" # optional, if you want to use it as webserver for html
environment:
- "TZ=Europe/Berlin"
# - "NGINX_LOG_NOT_FOUND=true" # Allow logging of 404 errors
# - "NPM_LISTEN_LOCALHOST=true" # Bind the NPM Dashboard on Port 81 only to localhost
- Bring up your stack by running
docker compose up -d
- Log in to the Admin UI
When your docker container is running, connect to it on port 81 for the admin interface.
Sometimes this can take a little bit because of the entropy of keys.
Default Admin User:
Email: admin@example.com
Password: 9KcvfmAvcVonB7YOMqdjJGsTG2JL058Rx6xFNMintAeaGETsRBRlSbfXdi1inoCa
Immediately after logging in with this default user you will be asked to modify your details and change your password.
Contributors
Special thanks to all of our contributors.