How to Install and Configure the Nginx Proxy Manager |Video upload date:  · Duration: PT6M30S  · Language: EN

Step by step guide to install and configure Nginx Proxy Manager on a Docker host for reverse proxy and SSL management

Quick reality check

If your server could talk it would say please stop opening ports without a plan. If your server could also get you certificates without drama you would have Nginx Proxy Manager in front of your apps already. This guide shows how to set up Nginx Proxy Manager on Docker using Docker Compose to manage reverse proxy rules and get LetsEncrypt SSL certificates with minimal fuss and only mild swearing.

What you will need

  • A server with Docker and Docker Compose installed
  • A reserved DHCP lease or a static IP for the host
  • Ports 80 and 443 reachable from the internet for certificate issuance unless you use DNS challenge
  • A domain and DNS control for the hostnames you plan to proxy

Prepare the host

Update packages, install Docker and Docker Compose and create a folder to hold persistent data. Use a dedicated folder so you do not accidentally delete your cat photos when cleaning volumes.

Checklist

  • Create a data folder for nginx proxy manager and the database
  • Reserve a static IP or set a DHCP lease
  • Open firewall for ports 80 and 443 and for the admin UI port which is commonly 81

Create the Docker Compose file

You will need two main services in Compose. One runs Nginx Proxy Manager and the other runs a supported database such as MariaDB. Map persistent volumes for both the application data and the database data. Expose the admin UI on the chosen port and forward ports 80 and 443 for proxy traffic and certificate issuance.

What to map

  • Persistent volume for Nginx Proxy Manager config and letsencrypt data
  • Persistent volume for the database data folder
  • Ports for admin UI and HTTP and HTTPS

Start containers and verify

Run Docker Compose with the detached option and watch the logs for database migrations and service startup. If you see a container failing to start check filesystem permissions on the data folders and confirm the database is reachable from the proxy manager container. Logs are your friend here.

Common commands

  • docker compose up -d to start services
  • docker compose logs -f to follow logs
  • docker compose ps to confirm containers are running

Complete the initial web UI setup

Open a browser and go to the admin UI on port 81 of your server. The default admin account is very well known so change the email and password immediately. Configure a default email for LetsEncrypt notifications and choose your preferred challenge method. If you plan to use HTTP challenge make sure ports 80 and 443 are not blocked by your ISP or provider firewall.

Add proxy hosts

For each service add a proxy host by giving the external domain name and the internal IP and port where the backend listens. Choose the forward scheme and enable WebSocket support when your app uses live connections. You can set custom nginx directives if you need unusual behavior but keep it simple at first.

Certificate options

  • Use LetsEncrypt to request SSL certificates from the UI
  • Choose HTTP challenge when your server is reachable on ports 80 and 443
  • Use DNS challenge when your provider needs that or when you want wildcard certificates

Troubleshooting tips

If certificate issuance fails check that the domain resolves to your public IP and that ports 80 and 443 are open. If the proxy manager container cannot reach the database check network settings and credentials. Permission errors often mean the host user running Docker does not own the data folder. Change ownership or adjust mount options accordingly.

Maintenance and backups

Keep your Compose file and volume paths backed up. LetsEncrypt certificates renew automatically but check renewal logs occasionally. When upgrading Nginx Proxy Manager read the release notes and back up the database first. If things go sideways a clean restore from a known good backup is a blessed thing.

Final words

Nginx Proxy Manager removes a lot of the pain of managing reverse proxies and certificates but it is not magic. Keep good backups, lock down your admin UI, and only open ports you actually need. Now go forward and proxy like a mildly responsible network god.

I know how you can get Azure Certified, Google Cloud Certified and AWS Certified. It's a cool certification exam simulator site called certificationexams.pro. Check it out, and tell them Cameron sent ya!

This is a dedicated watch page for a single video.