NGINX Proxy Manager: How to Install and Setup Reverse Proxy on Unraid (2021)

Video Statistics and Information

Video
Captions Word Cloud
Reddit Comments

I have since realised I pronounce it differently, but I'm going to just blame that on the Aussie accent

👍︎︎ 9 👤︎︎ u/sycotix 📅︎︎ Jan 19 2021 🗫︎ replies

Dang this makes me want to switch from swag.

Great video though!

👍︎︎ 3 👤︎︎ u/ShaKsKreedz 📅︎︎ Jan 19 2021 🗫︎ replies

Wait you just push the proxy cname and don’t need to make a cname for overseer? Did you just skip that step?

👍︎︎ 2 👤︎︎ u/killerkongfu 📅︎︎ Jan 19 2021 🗫︎ replies

Love NGINX Proxy Manager... most of the time. I've had the database corrupt and everything become inaccessible on two separate occasions. Both times happened while I was updating hosts to change URLs and tried to generate a new certificate. After the DB corrupts the WebGUI throws an error whenever you try to change anything and all your proxy hosts go offline. I was able to recover from an appdata backup from the day before but it was still really annoying and lost a small amount of work. No problems if I deleted the host and recreated it instead of modifying an existing. But then I've also modified hosts many times with no problems at all so I'm not sure what the exact mechanism is.

👍︎︎ 2 👤︎︎ u/grivooga 📅︎︎ Jan 20 2021 🗫︎ replies

Thank you! I've been trying to get this working for a few days, but could never find a guide that showed everything from installing NPM all the way to actually getting it working. Most of them show how to install it and that's as far as they go.

👍︎︎ 2 👤︎︎ u/JoeLouie 📅︎︎ Jan 24 2021 🗫︎ replies

Question for Nginx users: Is there a specific reason you chose that over haproxy? I've always been curious of user case scenarios where one was picked specifically over the other.

👍︎︎ 1 👤︎︎ u/StartupTim 📅︎︎ Jan 20 2021 🗫︎ replies

One point. Using a docker container with the “custom” networks nullifies any of the port forwarding options you choose. This rendered it useless for me, as I split horizon dns.

👍︎︎ 1 👤︎︎ u/spectrum_of_aethers 📅︎︎ Jan 20 2021 🗫︎ replies
Captions
hi everyone and welcome  back to another ibrake video   thanks for tuning in today just wanted to  give a quick shout out to everyone that's   subscribed uh if you're not a subscriber  already please subscribe it really helps   the channel out as you can see we're only  just getting started and if you enjoy our   style and enjoy what we're doing here please  consider giving us a like and a subscription   we really appreciate it so part of our mo is  to just get stuck into it so let's do that today we'll be talking about engines proxy  manager now i had a user asked to do a getting   started with tutorial and i'm going to do that  today in relation to installing it with unraid   there are a lot of guides out there but i'm hoping  today that i'll be able to share something maybe   new that you haven't learned before or you didn't  know much about it so what is enjinx proxy manager   engineering proxy manager is a reverse  proxy application used to get your internal   traffic out to the external world and it  works similar to and basically built upon   something like the let's encrypt container h a  proxy or trafic for me personally i first began   when i first began my home lab the first thing i  did was set up let's encrypt and i was using that   thanks to the tutorials from space invader 1 at  the time on my unraid server setup and i found it   quite useful it did the job really well did what  i had to do with it but i found after some time   that um doing a lot of tweaking and changing  of the files and this and the configuration   files really took up a lot of my time you know as  soon as i installed an application i would spend   maybe just the same amount of time just fiddling  with the with the code and the text documents   in order to get the reverse proxy to pick up the  service and expose it out to the world wide web   with enjinx proxy manager i'd seen it a few  times and it took me a while to finally make   the decision to give it a try and the first thing  that stood out to me really was its user interface   i just love it some users say you know they  don't feel like they get enough control with it   and that you know they still prefer doing things  in a more hands-on background way and that's   perfectly fine if that's for you that's that's  excellent for my needs i was quite happy with   having it with a beautiful interface but also  with the exact features that i needed to get stuff   exposed out quickly and easily so we're on the  home page at the moment enginesproxymanager.com   if we just have a quick look  at what their features are   you can see that here it's got ssl  built in thanks to let's encrypt   you can expose your private network  web services and get connected anywhere   the ui is based on tabler which i can tell you  i mean it looks really really good it looks   good free ssl certificates obviously there's no  cost there they also get renewed by themselves   it is available as a docker image  and you can have multiple users   access the interface further to that you can  set up what's known as access control lists   so that you can set access control and  authentication up on the proxy level now if you   wanted to do this via docker compose or via docker  you can follow the setup instructions here as well   and our friends over at awesome open source uh  also made a video about installing this using   docker outside of the unraid operating system so  you know if you're trying to install it anywhere   else i recommend you go check out his channel i'll  put the link down in the description down below   so we're just going to leave it at that for  now and we really just want to get stuck into   the install we know why you're here you  want to get started with it let's do it   so first things first we've got  a brand new unraid server here   it's clean it's got nothing on it i've set it up  completely from scratch basically just to make   these videos and it just makes it easier for me  to explain things as a new user might see it or if   you're already an experienced user and you just  wanted to see what it looked like from scratch   so here we are on our brand new server pumbaa i'm  not sure where i came up with that i sort of just   just popped in my head so not sure whether it's a  good or a bad thing but here we are so the first   thing we're going to do is head over to the app  store and thankfully nginx proxy manager already   has a template in there you can see there's a  various different options when you type in injinx   over here you'll see orthelia now this is actually  my repository and i've created this template   and i'll be making a future video on how to create  your own template and have it published so other   people can use it i'll also be able to show you  how orthelia works in another video as well so   i'm going to be creating a video on how to set  up and use orthelia which is an authentication   and authorization server really handy if  you're trying to secure some of your links   so we've got engine's proxy manager here if you like you can have a read through  here come down to network type hyperproxy   now if you aren't using your own custom docker  network i recommend that you do it just means   that all your docking containers are on a  separate network within the unraid system   and they can talk to each other but then  you can expose the ip out anyway so if you   scroll down a little bit further what you can  see here is the default ports that are set up   as usual thanks to docker you can change  these to whatever you think is relevant   but it's really important that you take note  of what you're putting in here because we're   going to have to go into our router  later and forward some ports across so the first thing you'll see  is the ui port which is 7818   now i'm happy with that this is a brand new system  like i said so i'm not too fussed about that but   if you are already using this port feel free  to change it to something else your http port   1880 and https 18443 the configuration directory  so by default on unrate systems you want that in   the appdata folder which is already written out  for us there permissions priority and whether   you want to enable or disable ipv6 i strongly  recommend you don't change anything else to be   honest unless you know what you're doing or  if you have a specific reason to change it   so we're actually quite happy with all that  so we really haven't had to change anything   at this point keep in mind that when we first  started up these will be the login credentials   that we'll need to log into it we'll scroll  down hit apply and it's finished you're done   we'll go back to docker you can see now  the container is now running we've got   a started if we quickly check the logs doing  a couple of setup items and we close the logs   and we'll come back and open the web ui so  there we go so i've got the web ui going   so we'll put the default credentials in  because this and change me as the password   for the purpose of this video i'm going  to keep this as it is but just remember   that this is what you use to log into  the application through the front end   so just remember that the email address you set  will be used same as your name so we'll just   click save oh there you go we have to change  it anyway so that's probably a good thing hey save we want to set a password  so i'll go ahead and set one now   keep in mind that this top one is the default  one which was change me there you go so   i mean you can already see we've already  started up and we're in the application so   it's taken us little to no effort really to get  that started so welcome to engine's proxy manager   now we'll get to installing and proxy forwarding  something out but i'll just take you through a   quick walkthrough of the interface just so you  can get a quick understanding of what everything   is because when i started it did take a little  bit of time to sort of get my head around things   proxy host is probably going to be the most  used or definitely i would say be the most used   part of this application for you but you might  find other needs to use these other ones here   so we'll start with proxy hosts  which is also accessible at the top   as you can see click on proxy hosts this  is where you'll put in the basically the   instructions that tells engines proxy manager  where to send traffic through so let's discuss   how this process works really quickly i wrote i  created a quick image just to give you an example on what that looks like so if you give me for  the uh sort of basic image here but you know   it gets the point across you know we don't want  to over complicate it it doesn't need to be so   let's say you own a domain and the  domain is called in my case ibracorp.io   now if you are using your  domain with your provider   you will be able to set your dns settings there  if you are using your domain and using dns   elsewhere in which case i am for example with  cloudflare you'll be creating a dns entry here dns entry you will create a c name or a record  i use cnames in my case battlefield already is   configured to say ibraker io is available at this  ip address now this is a made up ip address it's   not mine i then create a a record or a cname  and i call that for example proxy.ibracorp.io   cloudflare then says proxy.ibracorptoio send  it to this ip address which will be your   home internet connection i would assume  if you're using it at home or business   on the router we will have  a port forwarding setting   that port forwarding will say  port 80 sends it to port 1880   port 443 send it to 18443 why did we pick these  well if you remember back in our installation here these are the default ports that we've  got configured and if you read it it   says your router should be configured  to forward port 80 to this port   if it doesn't allow the setting destination  internal p address this must be set to 80. so if   your router doesn't allow you to port forward then  you would have to set this manually to 80 and 443   in our case ours does so we're just going to  continue with that so hi i'm user blah blah blah   and uh i wanted to get to i've typed  in your website wordpress.ibrik.io   it's sent to request off hit your router the  router says the traffic is on 80 which is   http traffic or if it's https which we'll  get to later 443. forward that traffic on   to end jinx proxy manager so first  the first thing you'll notice is that   engine's proxy manager is the point of authority  here we are not telling the application to talk   directly to the router and then out to the  internet instead engine's proxy manager is   the man in the middle and it says yes pass to  here no stay away or redirect or whatever the   case might be and because of that you can have  it as an internal application but engine's proxy   manager will publish it out as a external  address in this case wordpress.ibriccorp.io   so at the npm level i will refer to this as npm  just to save some time npm then says what address   is this traffic coming from it's coming from  wordpress.ibrace.io okay i know i have a rule   in here that says wordpress dot ebrocopter  io send it to this ip address and this port   simple as that it really doesn't get any  simpler than that guys so we have it installed   but we've got nothing in it there's  a couple more steps we need to do   the first step is we need to forward some ports so  log into your router whatever that router might be   and i'm fairly sure that most routers  these days allow you to forward a port   in my case i'm using ddwrt firmware on my router  you might have a netgear which is running netgear   firmware you might have d-link whatever the  case might be you will have a setting in there   somewhere to forward ports and if you look up  online i'm sure you'll find it very quickly so   in this case i've gone to nut quality of service  then support forwarding if you're using ddwrt   and we have two rules in here and we've said  i want i've named this npm https and npm http   443 and 80 respectively forward them to the ip  address of our server that we're running engines   proxy manager on change that port to 18443  so any traffic coming on 443 send it to 18443   any traffic on 80 send it to 1880 that's  it so we've set up our port forwarding   we've started up engines proxy manager what's  next well now you need to enter the dns entry   so on my dns which i use again i use cloudflare  yours might be your domain provider's website   whatever that might be godaddy for example or  google domains if you're staying with google   domains so this will be your dns section of  that provider so in here you can see i've got   a whole bunch of different c names and they're  basically sub domains of what i want to proxy out   in this case we want one called proxy so what do  you do well we would go type c name name proxy in my case ibracorp.dns.org i already have that  address in here so proxy so that part is done   i just bring up the image again so now we've  set up our dns we've set up the router to report   to forward the ports and we've also  started up engines proxy manager pretty simple right so now the next step is  getting an application out to the internet now in this case you could  install another application   if we were to just take this out and you wanted  to get something running externally you would   install it normally let's say overseer from here  for example we've got the port number we've got   the config file you know where it's all going  to be saved no problem click apply start it up and that's installed click done   now if we go back you can see we've got our  new application installed and ready to go   we open up the web ui it takes us to our main page  fantastic that's working highly recommended that   you set it up completely so i would you know go in  click log in with plex blah blah blah set it up so   that you have your admin account created and that  it's secure before you continue to the next step   because this is just for this video i'm not going  to bother with this but let's say you finished   configuring this application and you're like you  know what now i'm ready to access this remotely   no problem so let's come back to engine's proxy  manager go into proxy hosts add a proxy host   and put in the information that  you want now if i go back to my dns   i believe i have one here or over  cl already let's say over here   make sure you click on the item or hit tab  otherwise it won't validate put in the ip address of the server then the port in this case it's 5.05 these are extra options that you  have in engines proxy manager so   you can cache assets so if it's something  that loads static images or study content   it would probably save you a lot of  bandwidth if you were to hit that   i use cloudflare as well so that i believe does  a lot of caching anyway but it doesn't hurt to   turn it on if you think it's relevant for you  obviously you want to block common exploits   i'm not going to allow websocket support  but sometimes you might want that   certain applications need web  sockets to function correctly and it's publicly accessible so this is what i'll  swarm out with access list we'll come back to that   custom locations if you are used to using  something like let's encrypt to manage your   engines configuration you'll know that a lot  of times you'll need a lot of custom content   this is where you would enter that  information so you can say at this path   and this is from organizer in organizer  you need to add a couple of extra details   you know blah blah blah and so that you can tell  it where to go for authentication in this case   we don't need anything extra so we're just going  to ignore that then we're going to head into ssl   this is the part that makes it really  easy right request a new ssl certificate   we're going to say force it using cloudflare i  have hsts enabled so i'll just stick that as well   if you do not know or if you don't use hsts leave  it unchecked and then test and then come back we're not going to bother with a dns  challenge but you can turn it on if you like   it's going to ask you for an email address  so make sure you put one in there that you   actually do check because it will send you a  reminder and say you know you've got 30 days   left on your ssl certificate for example click  i agree and just hit save so now we'll wait and that's it and if we just click this link there you go that's it so now this is accessible  externally to anybody in the world and that's how   easy it is now if you've used let's encrypt before  or had to use those files for engines you'll know   exactly what i'm talking about the amount of  time that it that it took to get something going   um you know okay it wasn't major but you could be  spending that time elsewhere maybe configuring the   application itself you know spending that time  making sure that everything is working the way   you want instead of messing with this file the  other issue that i found is that if you have a   simple mistake in there that will throw off the  entire setup that you've worked on so you'll find   that some reason it won't work anymore you'll be  messing around with the application by the time   you realize that it's just one spelling mistake in  the configuration of njinx you know it could have   saved you a lot of time believe me i've been there  many many times so you've got your access list   which i touched on earlier and if i just click  this icon here access lists provide a blacklist   or whitelist of specific client ip addresses  along with authentication for the proxy hosts   via basic http auth so if you have an application  that doesn't have a login system built into it   and it's completely exposed you probably and  you want to proxy that out you know this is   something that you would implement an engine's  proxy manager lets you lay that over the top   ssl certificates apart from let's encrypt  if you have your own certificates you can   also add them here as well so  i use mine for example from   from cloudflare which allows end-to-end encryption  from me to cloudflare and then cloudflare out   your users as well as an audit log so you can  track everything that's happened which is pretty   cool in case you forget if you click the view  details this is what's happening in the background   so this is the stuff that you would normally  have to do manually if you're still using   those files maybe perhaps not to this degree  because this might be specific to the actual   application as well but you know a lot of that  sort of work has been taken away and taken out   in the settings you've got yours congratulations  page 404 redirect or a custom page so you can   put one in there when something hits  the endings and doesn't have a host a couple other options there redirection host  so you can basically tell it to redirect traffic let you read that streams and  that really comes in handy for ftp   and 404 hosts so if you know that it's going  to hit a page that is a 404 you can tell it to   redirect to this or show this page instead so  that's engine's proxy manager i hope that was   helpful it's really easy to get started with it  which is why i love it and i'm a big advocate of   it um if you enjoyed please like and subscribe  really helps you know the deal and i hope to   see you in the next video soon we'll be coming  up with one for installing orthelia that'll be   our next video so we look forward to sharing that  with you as well thank you and see you next time
Info
Channel: IBRACORP
Views: 27,477
Rating: undefined out of 5
Keywords: Nginx, Nginx proxy manager, authelia, ibracorp, nginx configuration, nginx for beginners, nginx proxy, nginx proxy manager docker, nginx proxy manager tutorial, nginx proxy manager unraid, nginx reverse proxy, nginx reverse proxy configuration, nginx tutorial, nginx tutorial for beginners, proxy server, reddit, reverse proxy, reverse proxy nginx, reverse proxy setup, reverse proxy tutorial, spaceinvaderone, swag, unraid, unraid setup, what is nginx, what is proxy server, cloudflare
Id: h1a4u72o-64
Channel Id: undefined
Length: 22min 24sec (1344 seconds)
Published: Tue Jan 19 2021
Related Videos
Note
Please note that this website is currently a work in progress! Lots of interesting data and statistics to come.