Limour

Limour

临床医学在读。
HomeArchivesAListUptime

Deploying Nginx Proxy Manager with Docker

#docker#Nginx Proxy Manager195
AI Translation
This post is translated from Chinese into English through AI.View Original
AI-generated summary
Nginx Proxy Manager is a pre-built Docker image that allows you to easily forward websites running on your home or other locations to the outside world. It provides free SSL certificates without requiring extensive knowledge of Nginx or Letsencrypt. This project helps you manage and deploy websites more conveniently and improves their security. Whether you're a beginner or an experienced developer, this project offers a user-friendly experience. The instructions provide steps to set up the environment, deploy Nginx Proxy Manager, configure reverse proxy, apply wildcard domain certificates, and perform additional configurations such as basic authentication, access lists, and examples of proxying WordPress, serving text files, web UI, and random images.

Nginx Proxy Manager is a pre-built Docker image that allows you to easily forward websites running at home or elsewhere to the outside world, and provides free SSL certificates without requiring much knowledge about Nginx or Letsencrypt. In today's increasingly popular Internet, using this project can help you manage and deploy websites more conveniently, while also improving the security of your website. Whether you are a beginner or an experienced developer, this project will provide you with a convenient user experience.

Setting up the environment#

Deploy Nginx Proxy Manager#

version: '3'
services:
  app:
    image: 'jc21/nginx-proxy-manager:latest'
    restart: unless-stopped
    ports:
      - '80:80'
      - '81:81'
      - '443:443'
    volumes:
      - ./data:/data
      - ./letsencrypt:/etc/letsencrypt
    
networks:
  default:
    external: true
    name: ngpm

sudo docker network create ngpm
mkdir -p ~/base/NGPM && cd ~/base/NGPM && nano docker-compose.yml
sudo docker-compose up -d
# Log in to http://ip:81
# Email: [email protected]
# Password: changeme
# Reverse Proxy Nginx Proxy Manager

Apply for wildcard domain certificate#

  1. Obtain cloudflare API token
  2. Choose the API token template "Edit Zone DNS"
  3. Record the dns_cloudflare_api_token
  4. Go to the NGPM management page and add a certificate
    image
  5. When adding the certificate, choose DNS verification and enter the recorded dns_cloudflare_api_token
    image

Add basic authentication#

  1. Add Access List
    image
  2. Configure username and password
    image
  3. Configure basic authentication
    image

Example: Reverse Proxy WordPress#

version: '3.1'
services:
  wordpress:
    image: wordpress
    restart: always
    volumes:
      - ./www:/var/www/html
 
networks:
  default:
    external: true
    name: ngpm

mkdir -p ~/app/WordPress && cd ~/app/WordPress && nano docker-compose.yml
sudo docker-compose up -d
# Reverse proxy syntax: serviceName:port

image

  • Go to the wp-content directory
  • Download db.php (from the project wp-sqlite-db)
  • Rename wp-config-sample.php to wp-config.php
  • nano ~/app/WordPress/www/wp-config.php
  • Access salt and modify the corresponding salt
  • Add the following code to modify the database location
  • Access the website to complete the installation
define('DB_DIR', '/absolute/custom/path/to/directory/for/sqlite/database/file/');
define('DB_FILE', 'custom_filename_for_sqlite_database');
if(isset($_SERVER['HTTP_X_REAL_IP'])) {
    $list = explode(',',$_SERVER['HTTP_X_REAL_IP']);
    $_SERVER['REMOTE_ADDR'] = $list[0];
    $_SERVER['HTTPS']='on';   
    $_SERVER["SERVER_PORT"] = 443;
    define('WP_HOME', 'https://'.$_SERVER['HTTP_HOST']);
    define('WP_SITEURL', 'https://'.$_SERVER['HTTP_HOST']);
    define('WP_CONTENT_URL', 'https://'.$_SERVER['HTTP_HOST'].'/wp-content');
    define('FORCE_SSL_LOGIN', true);
    define('FORCE_SSL_ADMIN', true);
}

Additional: Proxy text file#

location /hello.txt {
  alias /data/hello.txt;
}
location = /baidu_verify_codeva.html {
    return 200 abcde;
}

Additional: Proxy web-ui#

location / {
    gzip on;
    gzip_min_length 256;
    gzip_comp_level 6;
    gzip_types text/plain text/xml application/javascript application/x-javascript text/css application/xml text/javascript application/x-httpd-php image/jpeg image/gif image/png application/vnd.ms-fontobject font/ttf font/opentype font/x-woff image/svg+xml;
    gzip_vary on;
    gzip_buffers 32 4k;
    root /data/web-ui;
    try_files $uri $uri.html $uri/index.html =404;
    error_page 404 /404.html;
}

Additional: Random image#

location = /randomImg {
	content_by_lua_block {
		local randomNumber = string.format("%02d", math.random(1, 10))
		local randomUrl = "https://img.limour.top/randImg/" .. randomNumber .. ".webp"
		ngx.status = 302
		ngx.header["Location"] = randomUrl
		ngx.exit(ngx.HTTP_MOVED_TEMPORARILY)
	}
}

location = /randomImg {
	content_by_lua_block {
		local redirectList = {
			"http://a.com",
			"http://b.com",
			"http://c.com"
		}
		local randomIndex = math.random(1, #redirectList)
		local randomUrl = redirectList[randomIndex]
		ngx.status = 302
		ngx.header["Location"] = randomUrl
		ngx.exit(ngx.HTTP_MOVED_TEMPORARILY)
	}
}

Additional: Port forwarding#

sudo apt install rinetd
sudo nano /etc/rinetd.conf
# Format: [source_address] [source_port] [destination_address] [destination_port]
sudo rinetd
sudo systemctl status rinetd.service
Loading...
Ownership of this post data is guaranteed by blockchain and smart contracts to the creator alone.