NGINX Proxy Manager: How to Install and Setup Reverse Proxy on Unraid (2021)

Video Statistics and Information

Video

Captions Word Cloud

Reddit Comments

I have since realised I pronounce it differently, but I'm going to just blame that on the Aussie accent

👍︎︎ 9 👤︎︎ u/sycotix 📅︎︎ Jan 19 2021 🗫︎ replies

Dang this makes me want to switch from swag.

Great video though!

👍︎︎ 3 👤︎︎ u/ShaKsKreedz 📅︎︎ Jan 19 2021 🗫︎ replies

Wait you just push the proxy cname and don’t need to make a cname for overseer? Did you just skip that step?

👍︎︎ 2 👤︎︎ u/killerkongfu 📅︎︎ Jan 19 2021 🗫︎ replies

Love NGINX Proxy Manager... most of the time. I've had the database corrupt and everything become inaccessible on two separate occasions. Both times happened while I was updating hosts to change URLs and tried to generate a new certificate. After the DB corrupts the WebGUI throws an error whenever you try to change anything and all your proxy hosts go offline. I was able to recover from an appdata backup from the day before but it was still really annoying and lost a small amount of work. No problems if I deleted the host and recreated it instead of modifying an existing. But then I've also modified hosts many times with no problems at all so I'm not sure what the exact mechanism is.

👍︎︎ 2 👤︎︎ u/grivooga 📅︎︎ Jan 20 2021 🗫︎ replies

Thank you! I've been trying to get this working for a few days, but could never find a guide that showed everything from installing NPM all the way to actually getting it working. Most of them show how to install it and that's as far as they go.

👍︎︎ 2 👤︎︎ u/JoeLouie 📅︎︎ Jan 24 2021 🗫︎ replies

Question for Nginx users: Is there a specific reason you chose that over haproxy? I've always been curious of user case scenarios where one was picked specifically over the other.

👍︎︎ 1 👤︎︎ u/StartupTim 📅︎︎ Jan 20 2021 🗫︎ replies

One point. Using a docker container with the “custom” networks nullifies any of the port forwarding options you choose. This rendered it useless for me, as I split horizon dns.

👍︎︎ 1 👤︎︎ u/spectrum_of_aethers 📅︎︎ Jan 20 2021 🗫︎ replies

Captions

hi everyone and welcome back to another ibrake video thanks for tuning in today just wanted to give a quick shout out to everyone that's subscribed uh if you're not a subscriber already please subscribe it really helps the channel out as you can see we're only just getting started and if you enjoy our style and enjoy what we're doing here please consider giving us a like and a subscription we really appreciate it so part of our mo is to just get stuck into it so let's do that today we'll be talking about engines proxy manager now i had a user asked to do a getting started with tutorial and i'm going to do that today in relation to installing it with unraid there are a lot of guides out there but i'm hoping today that i'll be able to share something maybe new that you haven't learned before or you didn't know much about it so what is enjinx proxy manager engineering proxy manager is a reverse proxy application used to get your internal traffic out to the external world and it works similar to and basically built upon something like the let's encrypt container h a proxy or trafic for me personally i first began when i first began my home lab the first thing i did was set up let's encrypt and i was using that thanks to the tutorials from space invader 1 at the time on my unraid server setup and i found it quite useful it did the job really well did what i had to do with it but i found after some time that um doing a lot of tweaking and changing of the files and this and the configuration files really took up a lot of my time you know as soon as i installed an application i would spend maybe just the same amount of time just fiddling with the with the code and the text documents in order to get the reverse proxy to pick up the service and expose it out to the world wide web with enjinx proxy manager i'd seen it a few times and it took me a while to finally make the decision to give it a try and the first thing that stood out to me really was its user interface i just love it some users say you know they don't feel like they get enough control with it and that you know they still prefer doing things in a more hands-on background way and that's perfectly fine if that's for you that's that's excellent for my needs i was quite happy with having it with a beautiful interface but also with the exact features that i needed to get stuff exposed out quickly and easily so we're on the home page at the moment enginesproxymanager.com if we just have a quick look at what their features are you can see that here it's got ssl built in thanks to let's encrypt you can expose your private network web services and get connected anywhere the ui is based on tabler which i can tell you i mean it looks really really good it looks good free ssl certificates obviously there's no cost there they also get renewed by themselves it is available as a docker image and you can have multiple users access the interface further to that you can set up what's known as access control lists so that you can set access control and authentication up on the proxy level now if you wanted to do this via docker compose or via docker you can follow the setup instructions here as well and our friends over at awesome open source uh also made a video about installing this using docker outside of the unraid operating system so you know if you're trying to install it anywhere else i recommend you go check out his channel i'll put the link down in the description down below so we're just going to leave it at that for now and we really just want to get stuck into the install we know why you're here you want to get started with it let's do it so first things first we've got a brand new unraid server here it's clean it's got nothing on it i've set it up completely from scratch basically just to make these videos and it just makes it easier for me to explain things as a new user might see it or if you're already an experienced user and you just wanted to see what it looked like from scratch so here we are on our brand new server pumbaa i'm not sure where i came up with that i sort of just just popped in my head so not sure whether it's a good or a bad thing but here we are so the first thing we're going to do is head over to the app store and thankfully nginx proxy manager already has a template in there you can see there's a various different options when you type in injinx over here you'll see orthelia now this is actually my repository and i've created this template and i'll be making a future video on how to create your own template and have it published so other people can use it i'll also be able to show you how orthelia works in another video as well so i'm going to be creating a video on how to set up and use orthelia which is an authentication and authorization server really handy if you're trying to secure some of your links so we've got engine's proxy manager here if you like you can have a read through here come down to network type hyperproxy now if you aren't using your own custom docker network i recommend that you do it just means that all your docking containers are on a separate network within the unraid system and they can talk to each other but then you can expose the ip out anyway so if you scroll down a little bit further what you can see here is the default ports that are set up as usual thanks to docker you can change these to whatever you think is relevant but it's really important that you take note of what you're putting in here because we're going to have to go into our router later and forward some ports across so the first thing you'll see is the ui port which is 7818 now i'm happy with that this is a brand new system like i said so i'm not too fussed about that but if you are already using this port feel free to change it to something else your http port 1880 and https 18443 the configuration directory so by default on unrate systems you want that in the appdata folder which is already written out for us there permissions priority and whether you want to enable or disable ipv6 i strongly recommend you don't change anything else to be honest unless you know what you're doing or if you have a specific reason to change it so we're actually quite happy with all that so we really haven't had to change anything at this point keep in mind that when we first started up these will be the login credentials that we'll need to log into it we'll scroll down hit apply and it's finished you're done we'll go back to docker you can see now the container is now running we've got a started if we quickly check the logs doing a couple of setup items and we close the logs and we'll come back and open the web ui so there we go so i've got the web ui going so we'll put the default credentials in because this and change me as the password for the purpose of this video i'm going to keep this as it is but just remember that this is what you use to log into the application through the front end so just remember that the email address you set will be used same as your name so we'll just click save oh there you go we have to change it anyway so that's probably a good thing hey save we want to set a password so i'll go ahead and set one now keep in mind that this top one is the default one which was change me there you go so i mean you can already see we've already started up and we're in the application so it's taken us little to no effort really to get that started so welcome to engine's proxy manager now we'll get to installing and proxy forwarding something out but i'll just take you through a quick walkthrough of the interface just so you can get a quick understanding of what everything is because when i started it did take a little bit of time to sort of get my head around things proxy host is probably going to be the most used or definitely i would say be the most used part of this application for you but you might find other needs to use these other ones here so we'll start with proxy hosts which is also accessible at the top as you can see click on proxy hosts this is where you'll put in the basically the instructions that tells engines proxy manager where to send traffic through so let's discuss how this process works really quickly i wrote i created a quick image just to give you an example on what that looks like so if you give me for the uh sort of basic image here but you know it gets the point across you know we don't want to over complicate it it doesn't need to be so let's say you own a domain and the domain is called in my case ibracorp.io now if you are using your domain with your provider you will be able to set your dns settings there if you are using your domain and using dns elsewhere in which case i am for example with cloudflare you'll be creating a dns entry here dns entry you will create a c name or a record i use cnames in my case battlefield already is configured to say ibraker io is available at this ip address now this is a made up ip address it's not mine i then create a a record or a cname and i call that for example proxy.ibracorp.io cloudflare then says proxy.ibracorptoio send it to this ip address which will be your home internet connection i would assume if you're using it at home or business on the router we will have a port forwarding setting that port forwarding will say port 80 sends it to port 1880 port 443 send it to 18443 why did we pick these well if you remember back in our installation here these are the default ports that we've got configured and if you read it it says your router should be configured to forward port 80 to this port if it doesn't allow the setting destination internal p address this must be set to 80. so if your router doesn't allow you to port forward then you would have to set this manually to 80 and 443 in our case ours does so we're just going to continue with that so hi i'm user blah blah blah and uh i wanted to get to i've typed in your website wordpress.ibrik.io it's sent to request off hit your router the router says the traffic is on 80 which is http traffic or if it's https which we'll get to later 443. forward that traffic on to end jinx proxy manager so first the first thing you'll notice is that engine's proxy manager is the point of authority here we are not telling the application to talk directly to the router and then out to the internet instead engine's proxy manager is the man in the middle and it says yes pass to here no stay away or redirect or whatever the case might be and because of that you can have it as an internal application but engine's proxy manager will publish it out as a external address in this case wordpress.ibriccorp.io so at the npm level i will refer to this as npm just to save some time npm then says what address is this traffic coming from it's coming from wordpress.ibrace.io okay i know i have a rule in here that says wordpress dot ebrocopter io send it to this ip address and this port simple as that it really doesn't get any simpler than that guys so we have it installed but we've got nothing in it there's a couple more steps we need to do the first step is we need to forward some ports so log into your router whatever that router might be and i'm fairly sure that most routers these days allow you to forward a port in my case i'm using ddwrt firmware on my router you might have a netgear which is running netgear firmware you might have d-link whatever the case might be you will have a setting in there somewhere to forward ports and if you look up online i'm sure you'll find it very quickly so in this case i've gone to nut quality of service then support forwarding if you're using ddwrt and we have two rules in here and we've said i want i've named this npm https and npm http 443 and 80 respectively forward them to the ip address of our server that we're running engines proxy manager on change that port to 18443 so any traffic coming on 443 send it to 18443 any traffic on 80 send it to 1880 that's it so we've set up our port forwarding we've started up engines proxy manager what's next well now you need to enter the dns entry so on my dns which i use again i use cloudflare yours might be your domain provider's website whatever that might be godaddy for example or google domains if you're staying with google domains so this will be your dns section of that provider so in here you can see i've got a whole bunch of different c names and they're basically sub domains of what i want to proxy out in this case we want one called proxy so what do you do well we would go type c name name proxy in my case ibracorp.dns.org i already have that address in here so proxy so that part is done i just bring up the image again so now we've set up our dns we've set up the router to report to forward the ports and we've also started up engines proxy manager pretty simple right so now the next step is getting an application out to the internet now in this case you could install another application if we were to just take this out and you wanted to get something running externally you would install it normally let's say overseer from here for example we've got the port number we've got the config file you know where it's all going to be saved no problem click apply start it up and that's installed click done now if we go back you can see we've got our new application installed and ready to go we open up the web ui it takes us to our main page fantastic that's working highly recommended that you set it up completely so i would you know go in click log in with plex blah blah blah set it up so that you have your admin account created and that it's secure before you continue to the next step because this is just for this video i'm not going to bother with this but let's say you finished configuring this application and you're like you know what now i'm ready to access this remotely no problem so let's come back to engine's proxy manager go into proxy hosts add a proxy host and put in the information that you want now if i go back to my dns i believe i have one here or over cl already let's say over here make sure you click on the item or hit tab otherwise it won't validate put in the ip address of the server then the port in this case it's 5.05 these are extra options that you have in engines proxy manager so you can cache assets so if it's something that loads static images or study content it would probably save you a lot of bandwidth if you were to hit that i use cloudflare as well so that i believe does a lot of caching anyway but it doesn't hurt to turn it on if you think it's relevant for you obviously you want to block common exploits i'm not going to allow websocket support but sometimes you might want that certain applications need web sockets to function correctly and it's publicly accessible so this is what i'll swarm out with access list we'll come back to that custom locations if you are used to using something like let's encrypt to manage your engines configuration you'll know that a lot of times you'll need a lot of custom content this is where you would enter that information so you can say at this path and this is from organizer in organizer you need to add a couple of extra details you know blah blah blah and so that you can tell it where to go for authentication in this case we don't need anything extra so we're just going to ignore that then we're going to head into ssl this is the part that makes it really easy right request a new ssl certificate we're going to say force it using cloudflare i have hsts enabled so i'll just stick that as well if you do not know or if you don't use hsts leave it unchecked and then test and then come back we're not going to bother with a dns challenge but you can turn it on if you like it's going to ask you for an email address so make sure you put one in there that you actually do check because it will send you a reminder and say you know you've got 30 days left on your ssl certificate for example click i agree and just hit save so now we'll wait and that's it and if we just click this link there you go that's it so now this is accessible externally to anybody in the world and that's how easy it is now if you've used let's encrypt before or had to use those files for engines you'll know exactly what i'm talking about the amount of time that it that it took to get something going um you know okay it wasn't major but you could be spending that time elsewhere maybe configuring the application itself you know spending that time making sure that everything is working the way you want instead of messing with this file the other issue that i found is that if you have a simple mistake in there that will throw off the entire setup that you've worked on so you'll find that some reason it won't work anymore you'll be messing around with the application by the time you realize that it's just one spelling mistake in the configuration of njinx you know it could have saved you a lot of time believe me i've been there many many times so you've got your access list which i touched on earlier and if i just click this icon here access lists provide a blacklist or whitelist of specific client ip addresses along with authentication for the proxy hosts via basic http auth so if you have an application that doesn't have a login system built into it and it's completely exposed you probably and you want to proxy that out you know this is something that you would implement an engine's proxy manager lets you lay that over the top ssl certificates apart from let's encrypt if you have your own certificates you can also add them here as well so i use mine for example from from cloudflare which allows end-to-end encryption from me to cloudflare and then cloudflare out your users as well as an audit log so you can track everything that's happened which is pretty cool in case you forget if you click the view details this is what's happening in the background so this is the stuff that you would normally have to do manually if you're still using those files maybe perhaps not to this degree because this might be specific to the actual application as well but you know a lot of that sort of work has been taken away and taken out in the settings you've got yours congratulations page 404 redirect or a custom page so you can put one in there when something hits the endings and doesn't have a host a couple other options there redirection host so you can basically tell it to redirect traffic let you read that streams and that really comes in handy for ftp and 404 hosts so if you know that it's going to hit a page that is a 404 you can tell it to redirect to this or show this page instead so that's engine's proxy manager i hope that was helpful it's really easy to get started with it which is why i love it and i'm a big advocate of it um if you enjoyed please like and subscribe really helps you know the deal and i hope to see you in the next video soon we'll be coming up with one for installing orthelia that'll be our next video so we look forward to sharing that with you as well thank you and see you next time

Info

Channel: IBRACORP

Views: 27,477

Rating: undefined out of 5

Keywords: Nginx, Nginx proxy manager, authelia, ibracorp, nginx configuration, nginx for beginners, nginx proxy, nginx proxy manager docker, nginx proxy manager tutorial, nginx proxy manager unraid, nginx reverse proxy, nginx reverse proxy configuration, nginx tutorial, nginx tutorial for beginners, proxy server, reddit, reverse proxy, reverse proxy nginx, reverse proxy setup, reverse proxy tutorial, spaceinvaderone, swag, unraid, unraid setup, what is nginx, what is proxy server, cloudflare

Id: h1a4u72o-64

Channel Id: undefined

Length: 22min 24sec (1344 seconds)

Published: Tue Jan 19 2021