I followed this tutorial to setup NGINX Proxy Manager for my home lab. It’s setup to only be accessible from within my network.

I have done the following:

  1. Purchased domain name from NameCheap
  2. Set the Nameservers in NameCheap to direct to my 2 Cloudflare Nameservers
  3. Set A and CNAME records in Cloudflare
  4. Configured SSL Certificate in Nginx Proxy Manager
  5. Added a Proxy Host

Here is my issue: when trying to go to [myDomain.com]; I get an error saying that it can’t be reached.

I’m running this via Docker on a Synology. I also run a pfSense firewall.

My docker container is using the ‘bridge’ network, which all of the other containers I’m running are using. None of the Docker containers can be reached if I set the Destination in NPM to my host’s IP address, or the Docker container name.

Any advice? I’m not sure where I went wrong here.

  • thekrautboy@alien.topB
    link
    fedilink
    English
    arrow-up
    1
    ·
    1 year ago

    DNS records need to point at LAN IP of the reverse proxy.

    If proxy and destination are both running as containers on the same host, then place them together in the same Docker network and use the container name of the destination as hostname, and use the internal port of the service, not the port you might have mapped to the host.

    Why not make this a lot easier and share exact details? NPM settings, Docker compose files, log output?

    Btw /r/NginxProxyManager exists for this.

  • arcadianarcadian@alien.topB
    link
    fedilink
    English
    arrow-up
    1
    ·
    1 year ago

    You have to set the docker container name as the destination, not the host IP.

    Test everything from the beginning.

    # check your FQDN is set up correctly.

    $ nslookup 1.1.1.1

    $ nslookup 8.8.8.8

    # Test your web host from out of the docker host.
    $ curl -v http://your_fqdn

    # test your web host on the host machine.
    $ curl -v -H “Host: your_fqdn” http://localhost
    # check if your port is exposed if you map it.

    docker ps | grep

    # check if your mapped port is listening on the docker host
    netstat -tlnp | grep

    #check if your container is reachable by NPM.

    docker exec -it bash

    [root@docker-278f29455e29:/app]# apt update && apt install netcat

    [root@docker-278f29455e29:/app]# nc -zv

    if NPM reaches docker, you’re OK.

    There are many things you have to check more, for example, NPM and your destination container should be in the same docker network.

    # docker inspect | grep NetworkID
    # docker inspect | grep NetworkID

    They should be equal.

    etc. etc.