In this tutorial I will be adding a Proxy Host in NGINX Proxy Manager (NPM) with NPM running in a Docker container on Unraid.
I am a newbie to NGINX Proxy Manager but it is hard to imagine using NPM without ever adding a Proxy Host. Anyway, I digress.
Pre-requisites
In this tutorial you will be adding a Proxy Host in NGINX Proxy Manager with an SSL certificate. Note: You can add a Proxy Host without a certificate if you want. With that out of the way, for this tutorial you require:
- Nginx Proxy Manager running on Unraid
- an SSL Certificate (optional)
SSL Certificate: If you don't have an SSL certificate we've got you covered as this tutorial also has that covered and even better you can request SSL certificates directly from NGINZ Proxy Manager. Link on how to get an SSL Certificate here.
Tutorial: Install NGINX Proxy Manager on Unraid. If you do not have NGINX Proxy Manager installed check out our tutorial here.
NGINX: Add Proxy Host
Anyway, here's is the nitty gritty. Thankfully NGINX Proxy Manager makes everything very simple.
Step 1: In NGINX click on the "Add Proxy Host" command button.
Fill in the form as per below noting:
- The unique domain name that will be used to access our web server on the internet and using our sub-domain of duckdns 'snowwhiteforeva'
- Scheme: https
- IP address: 192.168.1.111 (in our example that is the IP of the development PC running the NodeJS web server)
- Port: 8100 (the IP the web server is using)
Using this information it means that our web server will be available across the internet using the URL: test.snowwhiteforeva.duckdns.org.
Step 2 (optional): Add an SSL certificate: Under 'Edit proxy Host' click on 'SSL' then do the following (see image below):
- Select the wildcard SSL Certificate you created for *.snowwhiteforeva.duckdns.org
- Click on 'Force SSL'
- Click on 'Save'
Congratulations! You've created a "Proxy Host" in NGINX Proxy Manager.
Bonus Content: Proxy Host with or without an SSL certificate
If you wondered what is the difference between a Proxy Host with or without an SSL certificate please refer to the table below:
| Feature | No SSL Cert (HTTP only) | SSL Cert (HTTPS) |
|---|---|---|
| Listening port | 80 | 443 (+ optionally 80 → 443 redirect) |
| Encryption | None | TLS‑encrypted |
| Browser security indicator | “Not Secure” | Padlock (if valid cert) |
| Let’s Encrypt automation | No | Yes |
| HTTP/2 support | No | Yes |
| HSTS header injection | No | Yes (optional) |
| Use case | Internal/dev | Public/prod |
BONUS Content: Request an SSL Certificate with NGINX Proxy Manager
If you've never requested an SSL certificate before we've got you covered. The best thing? NGINX Proxy Manager makes this so simple. Yay!
We utilize NGINX to request an SSL Certificate from LetsEncrypt for our DuckDNS sub-domain. There are a few benefits of this approach:
- LetsEncrypt is FREE!
- We are already using NGINX for our reverse proxy
- NGINX handles auto renewing of certificates for us
- NGINX makes the process easy
High Level Process - SSL Certificate Request
- Open NGINX.
- Click on SSL Certificates then Add SSL Certificate then Let's Encrypt.
- Add your Sub-domain Name and other required information then submit request.
- Your SSL certificate and files are returned by Let's Encrypt and available in NGINX.
Step by Step Process
Step 1: Open NGINX.
Step 2: Click on SSL Certificates --> Add SSL Certificate --> Let's Encrypt.
Step 3: Add your Sub-domain Name
Enter your DuckDNS SubDomain Name with a prefix of *. and click on Add.
DuckDNS token: Have the token for your DuckDNS subdomain ready as this is required to get your SSL certificate.
Then enter:
- Email address.
- Turn ON "Use a DNS Challenge".
- Select DNS Provider "DuckDNS".
- In "Credentials File Content" enter your DuckDNS token.
- Click on "I Agree to the Let's Encrypt Terms of Service".
- Click on "Save".
Step 4: A SSL certificate will be created by Let's Encrypt. As the SSL certificate isn't yet being used it has a status of "Inactive".
Mission accomplished! You have a wildcard SSL certificate for your DuckDNS sub-domain.
Please support this channel: Have I saved you minutes, hours or even days of scouring the internet to find an actual working solution.
It takes me time and effort to both find a working solution and then write everything up. Please consider buying me a coffee so I can keep producing useful content, especially if I've made your life easier. Cheers!
Start using your SSL certificate: As the certificate was created using NGINX you can now use the certificate you created to add a Proxy Host.
Conversely, you can download the SSL certificate files if you are using NGINX as a tool to request the SSL certificates to be used elsewhere.
Downloaded SSL certificate files: At the time this post was written the downloaded zip files contains the following:
- cert1.pem
- chain1.pem
- fullchain1.pem
- privkey1.pem
0 Comments