Nginx Proxy Manager Raspberry Pi Install Instructions!

Today we are going to look at how to how to install Nginx Proxy Manager on a Raspberry Pi!

If you’re exposing any services on your network, using a reverse proxy is a great way to increase security and performance. A reverse proxy is a server that sits in front of your web servers and forwards client requests to the web servers. In layman’s terms, you only have to expose one server (using ports 80/443) and will be able to expose as many web services as you want.

This is an example of the network flow of a reverse proxy (simplified):

nginx proxy manager raspberry

This tutorial will utilize a Raspberry Pi, which is great for home use, but if you’re hosting anything with a lot of traffic, you’re probably better off using a more capable server. We will check the status of the application after it’s finished installing by using Portainer, but this isn’t required.

Instructions - Nginx Proxy Manager Raspberry Pi

Ensure that Docker is installed. If it’s not installed, you can learn how to install it here.

1. We need to use docker compose to create the Nginx Proxy Manager container. This requires us to install a few dependencies – run the install commands below in order.

sudo apt-get install -y libffi-dev libssl-dev
sudo apt-get install -y python3 python3-pip
sudo pip3 -v install docker-compose

2. After the commands finish installing, we need to create a folder where our config and docker-compose files will exist. We will then navigate to that folder and create a file named config.json.

mkdir nginx
cd nginx
nano config.json

3. Paste these contents into the config file.

{
  "database": {
    "engine": "mysql",
    "host": "db",
    "name": "npm",
    "user": "npm",
    "password": "npm",
    "port": 3306
  }
}

nginx proxy manager raspberry

4. Save the file and exit it. Create a new file named docker-compose.yml

nano docker-compose.yml

nginx proxy manager raspberry

5. Paste the contents below into the docker-compose file.

version: '3'
services:
  app:
    image: 'jc21/nginx-proxy-manager:latest'
    ports:
      - '80:80'
      - '81:81'
      - '443:443'
    volumes:
      - ./config.json:/app/config/production.json
      - ./data:/data
      - ./letsencrypt:/etc/letsencrypt
  db:
    image: 'yobasystems/alpine-mariadb:latest'
    environment:
      MYSQL_ROOT_PASSWORD: 'npm'
      MYSQL_DATABASE: 'npm'
      MYSQL_USER: 'npm'
      MYSQL_PASSWORD: 'npm'
    volumes:
      - ./data/mysql:/var/lib/mysql

nginx proxy manager raspberry

6. Save the file and exit. You should have two files that exist in the nginx folder. Run the command below to start the docker container.

sudo docker-compose up -d

nginx proxy manager raspberry

7. The container will download and install all the necessary files.

nginx proxy manager raspberry

8. We will now adjust both of the containers that Nginx Proxy Manager uses to automatically start when your Raspberry Pi is rebooted.

sudo docker update --restart always nginx_app_1
sudo docker update --restart always nginx_db_1


9. Restart your Raspberry Pi – very important!

sudo reboot now

10. After the reboot is complete, the container will take a few minutes to fully install. You can run the command below to check on the status of the container. When it reports “healthy”, you will be able to navigate to the Nginx Proxy Manager website. Alternatively, if you setup Portainer, you can open Portainer and check on the status of the container there.

sudo docker ps

11. Wait for the status to change to healthy.

nginx proxy manager raspberry

12. Navigate to the IP address of your Raspberry Pi and port 81.

http://[RASPBERRY_PI_IP]:81

13. The default email address is [email protected] and the password is changeme. When you log in, you will be asked to change this information.

14. At this point, Nginx Proxy Manager is fully installed. You will need to open ports 80/443 on your router to point to your Raspberry Pi. From there, you will have to configure Nginx Proxy Manager. The majority of people will use Nginx Proxy Manager as nothing more than a proxy manager. I’m not going to go through the process of configuring a service as this will be different for everyone, but check out the video if you’re interested in seeing how it can be used as I went through an example there!

Conclusion

If you’re exposing services on your network, using a reverse proxy is a great idea. A lot of people don’t have a need for a full server running Nginx Proxy Manager, so a Raspberry Pi is a great option in that case. It runs well and is somewhat simple to setup.

Thanks for reading the tutorial. If you have any questions, leave them in the comments!

This Post Has 109 Comments

  1. So I’m having an issue installing this on my Pi. My assumption here is that since I’m using this Pi as my Pi-hole, it’s also using port 80. Can these two programs exist with each other?

    I’m getting an error when it’s trying to create nginx_app_1 and the error states:
    ———————
    d225b9f0a): Error starting userland proxy: listen tcp 0.0.0.0:80: bind: address already in use

    ERROR: for app Cannot start service app: driver failed programming external connectivity on endpoint nginx_app_1 (1fe0035bcd8b1c50f442a975033e2c33830da44098745b6390d8f69d225b9f0a): Error starting userland proxy: listen tcp 0.0.0.0:80: bind: address already in use
    ERROR: Encountered errors while bringing up the project.
    ———————

    1. You are correct – this is kind of a band-aid solution, but you can change Pi-hole’s admin port using the instructions below:

      Edit the lighttpd file (change the server.port to something other than 80) and restart the service. This will break after updates to Pi-hole, but it’s a good short-term fix to get to the admin portal.

      sudo nano /etc/lighttpd/lighttpd.conf
      sudo service lighttpd restart

      Then, you can navigate to the address http://[RASPBERRYPI_IP]:[PORT]/admin

      Let me know if you have any questions! Thanks for checking out the tutorial!

  2. So I got everything working until I tried logging into the Nginx Reversee Proxy. The initial login and password is showing “No User auth available”. This was a clean install while I testing out the tutorial. Now really what the issue is as everything is showing healthy and working correctly. Also curious to know what the config.json is showing port 3306 but nothing is mentioned in the yml.

    1. I haven’t run into that error myself. You are using the default credentials from the tutorial, right?

      As for 3306, that’s the port that is used for the database. You shouldn’t ever need to reference that port, but you will need to access the web admin portal of Nginx Proxy Manager using port 81.

      Let me know and we can continue troubleshooting!

  3. Very nice tutorials. I’m very thankful 🙂 I have set up my pi 4 with docker and followed all you steps. Everything seems fine until I try to add proxy host in nginx. Status says offline with a red dot. Can’t get it to go online.

    Command failed: /usr/sbin/nginx -t -g “error_log off;”
    nginx: [emerg] BIO_new_file(“/etc/letsencrypt/live/npm-2/fullchain.pem”) failed (SSL: error:02001002:system library:fopen:No such file or directory:fopen(‘/etc/letsencrypt/live/npm-2/fullchain.pem’,’r’) error:2006D080:BIO routines:BIO_new_file:no such file)
    nginx: configuration file /etc/nginx/nginx.conf test failed

    Do you have any ideas why this is? Thanks!

    1. Thanks for checking out the tutorial!

      When you say it’s offline, do you mean in the proxy hosts list? If so, it would appear like Nginx Proxy Manager cannot find the server that you specified. Are you using the IP address or hostname? If you are using the hostname, please try with the IP address.

      Let me know how it goes and we can continue troubleshooting!

      1. Thanks for the reply. I actually wiped my pi and did fresh docker install so can’t say what the problem was anymore. This time everything runs great. nginx works and all proxy hosts are online and green. However It’s impossible to connect to any container over https. I got the certificate working but browser says host down. It’s the same with both IP and hostname. http works great. Guessing this is a docker problem now? I followed your docker install guide and installed three containers. portainer, nginx and airsonics but I can’t connect to any of them over https. Only http

        1. Glad to hear you were able to get it (mostly) working!

          So the containers are on the same Raspberry Pi? Can you check what type of network you’re using for them? Generally, the only way that containers can communicate with each other is if you’re using a bridge network. You might already be using that, so let me know if you are and we can continue troubleshooting!

          1. Yes. All containers are on the same Pi and containers are using bridge network. I don’t understand this. I’ve tried adding a bunch of new containers and I can’t connect to https on any of them. Not even on my local network.

          2. It’s certainly a strange issue. When you say that it’s not working, can you use HTTPS to access them in a web browser? To clarify, certain web applications don’t have HTTPS out of the box, or they might even use a different port for HTTPS. If you can access them via HTTPS in a web browser, I’d need to do a little more research on why it’s not working with NPM. If they don’t work in a web browser, then the first step would be to get them to work with a web browser and then try NPM.

            Let me know and we can continue troubleshooting!

          3. Strange indeed. So if i attempt to access portainer in my browser for example on my local network 192.168.1.x:9000 it’s fine but when i put https:// in front it can’t connect to it at all. All containers are the same.
            When I set up my reverse proxy using my domain (using cloudflare with A record to IP and CNAME for sub domain) in nginx everything is fine I get the cert but when I redirect to SSL cloudflare tells me host is down. I do get the green lock with a valid cert from let’s encrypt so nginx and cloudflare should be configured correctly just that my local https is just not there…

            Sorry to bother you. Your tutorial is perfect. My problem seems to be something else. Cheers!

          4. Not a bother at all! This does make sense as not all web applications have HTTPS configurations by default. Some have both, HTTP/HTTPS but use different ports for each. I wouldn’t go crazy trying to encrypt the local traffic as the external traffic (that NPM/Cloudflare is managing for you) is using SSL which is the important part. Certainly doesn’t hurt to try and get it working internally but it’s not as important.

            Good luck and if I can answer any other questions, please let me know! Thanks for checking out the tutorial!

  4. Hi,

    Not sure what I have done wrong, but “sudo docker-compose up -d” is not working, any ideas? Thank you in advance.

    [email protected]:~/nginx $ sudo docker-compose up -d
    Traceback (most recent call last):
    File “/usr/lib/python3/dist-packages/urllib3/connectionpool.py”, line 600, in urlopen
    chunked=chunked)
    File “/usr/lib/python3/dist-packages/urllib3/connectionpool.py”, line 354, in _make_request
    conn.request(method, url, **httplib_request_kw)
    File “/usr/lib/python3.7/http/client.py”, line 1244, in request
    self._send_request(method, url, body, headers, encode_chunked)
    File “/usr/lib/python3.7/http/client.py”, line 1290, in _send_request
    self.endheaders(body, encode_chunked=encode_chunked)
    File “/usr/lib/python3.7/http/client.py”, line 1239, in endheaders
    self._send_output(message_body, encode_chunked=encode_chunked)
    File “/usr/lib/python3.7/http/client.py”, line 1026, in _send_output
    self.send(msg)
    File “/usr/lib/python3.7/http/client.py”, line 966, in send
    self.connect()
    File “/usr/local/lib/python3.7/dist-packages/docker/transport/unixconn.py”, line 43, in connect
    sock.connect(self.unix_socket)
    FileNotFoundError: [Errno 2] No such file or directory

    During handling of the above exception, another exception occurred:

    Traceback (most recent call last):
    File “/usr/lib/python3/dist-packages/requests/adapters.py”, line 449, in send
    timeout=timeout
    File “/usr/lib/python3/dist-packages/urllib3/connectionpool.py”, line 638, in urlopen
    _stacktrace=sys.exc_info()[2])
    File “/usr/lib/python3/dist-packages/urllib3/util/retry.py”, line 367, in increment
    raise six.reraise(type(error), error, _stacktrace)
    File “/usr/lib/python3/dist-packages/six.py”, line 692, in reraise
    raise value.with_traceback(tb)
    File “/usr/lib/python3/dist-packages/urllib3/connectionpool.py”, line 600, in urlopen
    chunked=chunked)
    File “/usr/lib/python3/dist-packages/urllib3/connectionpool.py”, line 354, in _make_request
    conn.request(method, url, **httplib_request_kw)
    File “/usr/lib/python3.7/http/client.py”, line 1244, in request
    self._send_request(method, url, body, headers, encode_chunked)
    File “/usr/lib/python3.7/http/client.py”, line 1290, in _send_request
    self.endheaders(body, encode_chunked=encode_chunked)
    File “/usr/lib/python3.7/http/client.py”, line 1239, in endheaders
    self._send_output(message_body, encode_chunked=encode_chunked)
    File “/usr/lib/python3.7/http/client.py”, line 1026, in _send_output
    self.send(msg)
    File “/usr/lib/python3.7/http/client.py”, line 966, in send
    self.connect()
    File “/usr/local/lib/python3.7/dist-packages/docker/transport/unixconn.py”, line 43, in connect
    sock.connect(self.unix_socket)
    urllib3.exceptions.ProtocolError: (‘Connection aborted.’, FileNotFoundError(2, ‘No such file or directory’))

    During handling of the above exception, another exception occurred:

    Traceback (most recent call last):
    File “/usr/local/lib/python3.7/dist-packages/docker/api/client.py”, line 205, in _retrieve_server_version
    return self.version(api_version=False)[“ApiVersion”]
    File “/usr/local/lib/python3.7/dist-packages/docker/api/daemon.py”, line 181, in version
    return self._result(self._get(url), json=True)
    File “/usr/local/lib/python3.7/dist-packages/docker/utils/decorators.py”, line 46, in inner
    return f(self, *args, **kwargs)
    File “/usr/local/lib/python3.7/dist-packages/docker/api/client.py”, line 228, in _get
    return self.get(url, **self._set_request_timeout(kwargs))
    File “/usr/lib/python3/dist-packages/requests/sessions.py”, line 546, in get
    return self.request(‘GET’, url, **kwargs)
    File “/usr/lib/python3/dist-packages/requests/sessions.py”, line 533, in request
    resp = self.send(prep, **send_kwargs)
    File “/usr/lib/python3/dist-packages/requests/sessions.py”, line 646, in send
    r = adapter.send(request, **kwargs)
    File “/usr/lib/python3/dist-packages/requests/adapters.py”, line 498, in send
    raise ConnectionError(err, request=request)
    requests.exceptions.ConnectionError: (‘Connection aborted.’, FileNotFoundError(2, ‘No such file or directory’))

    During handling of the above exception, another exception occurred:

    Traceback (most recent call last):
    File “/usr/local/bin/docker-compose”, line 10, in
    sys.exit(main())
    File “/usr/local/lib/python3.7/dist-packages/compose/cli/main.py”, line 67, in main
    command()
    File “/usr/local/lib/python3.7/dist-packages/compose/cli/main.py”, line 123, in perform_command
    project = project_from_options(‘.’, options)
    File “/usr/local/lib/python3.7/dist-packages/compose/cli/command.py”, line 69, in project_from_options
    environment_file=environment_file
    File “/usr/local/lib/python3.7/dist-packages/compose/cli/command.py”, line 132, in get_project
    verbose=verbose, version=api_version, context=context, environment=environment
    File “/usr/local/lib/python3.7/dist-packages/compose/cli/docker_client.py”, line 43, in get_client
    environment=environment, tls_version=get_tls_version(environment)
    File “/usr/local/lib/python3.7/dist-packages/compose/cli/docker_client.py”, line 170, in docker_client
    client = APIClient(**kwargs)
    File “/usr/local/lib/python3.7/dist-packages/docker/api/client.py”, line 188, in __init__
    self._version = self._retrieve_server_version()
    File “/usr/local/lib/python3.7/dist-packages/docker/api/client.py”, line 213, in _retrieve_server_version
    ‘Error while fetching server API version: {0}’.format(e)
    docker.errors.DockerException: Error while fetching server API version: (‘Connection aborted.’, FileNotFoundError(2, ‘No such file or directory’))

    1. Are you running the command from the same folder where the docker-compose file is? If you’re not, try that out and it should work!

      Let me know and we can continue troubleshooting if necessary!

      1. Thanks so much for getting back to me, Sorry for posting the second message! As soon as I did, this appeared along with your reply.

        1. Not a problem! Glad to hear that it worked. If you need anything else, please let me know!

  5. Hi,

    I posted a message / error last night when I was trying to “sudo docker-compose up -d” – but the message has now vanished? Anyway, I blew away my config and started again and it seemed to work ok this time?

  6. [11/6/2020] [9:45:42 PM] [Express ] › ⚠ warning Command failed: /usr/bin/certbot certonly –non-interactive –config “/etc/letsencrypt.ini” –cert-name “npm-2” –agree-tos –email “[email protected]” –preferred-challenges “dns,http” –domains “ha.isytec.net”

    Saving debug log to /var/log/letsencrypt/letsencrypt.log

    Plugins selected: Authenticator webroot, Installer None

    Obtaining a new certificate

    Performing the following challenges:

    http-01 challenge for ha.isytec.net

    Using the webroot path /data/letsencrypt-acme-challenge for all unmatched domains.

    Waiting for verification…

    Challenge failed for domain ha.isytec.net

    http-01 challenge for ha.isytec.net

    Cleaning up challenges

    Some challenges have failed.

    1. Did you port forward ports 80/443 to the Nginx Proxy Manager server? Generally, those are the reasons why the Let’s Encrypt portion doesn’t work.

      Let me know and we can continue troubleshooting!

      1. HI I continue to get the Interal error when trying to get the ssl certificate. Anyone have a fix for it?

  7. Hi, can’t get this working. Getting the same errors as @baggy when running the sudo docker-compose up -d command. Running the command from the nginx directory, and both files have been created with the correct syntax exactly as in the tutorial. Wondered if you could provide any help please, i’m baffled.

    Traceback (most recent call last):
    File “/usr/lib/python3/dist-packages/urllib3/connectionpool.py”, line 600, in urlopen
    chunked=chunked)
    File “/usr/lib/python3/dist-packages/urllib3/connectionpool.py”, line 354, in _make_request
    conn.request(method, url, **httplib_request_kw)
    File “/usr/lib/python3.7/http/client.py”, line 1244, in request
    self._send_request(method, url, body, headers, encode_chunked)
    File “/usr/lib/python3.7/http/client.py”, line 1290, in _send_request
    self.endheaders(body, encode_chunked=encode_chunked)
    File “/usr/lib/python3.7/http/client.py”, line 1239, in endheaders
    self._send_output(message_body, encode_chunked=encode_chunked)
    File “/usr/lib/python3.7/http/client.py”, line 1026, in _send_output
    self.send(msg)
    File “/usr/lib/python3.7/http/client.py”, line 966, in send
    self.connect()
    File “/usr/local/lib/python3.7/dist-packages/docker/transport/unixconn.py”, line 43, in connect
    sock.connect(self.unix_socket)
    FileNotFoundError: [Errno 2] No such file or directory

    During handling of the above exception, another exception occurred:

    Traceback (most recent call last):
    File “/usr/lib/python3/dist-packages/requests/adapters.py”, line 449, in send
    timeout=timeout
    File “/usr/lib/python3/dist-packages/urllib3/connectionpool.py”, line 638, in urlopen
    _stacktrace=sys.exc_info()[2])
    File “/usr/lib/python3/dist-packages/urllib3/util/retry.py”, line 367, in increment
    raise six.reraise(type(error), error, _stacktrace)
    File “/usr/lib/python3/dist-packages/six.py”, line 692, in reraise
    raise value.with_traceback(tb)
    File “/usr/lib/python3/dist-packages/urllib3/connectionpool.py”, line 600, in urlopen
    chunked=chunked)
    File “/usr/lib/python3/dist-packages/urllib3/connectionpool.py”, line 354, in _make_request
    conn.request(method, url, **httplib_request_kw)
    File “/usr/lib/python3.7/http/client.py”, line 1244, in request
    self._send_request(method, url, body, headers, encode_chunked)
    File “/usr/lib/python3.7/http/client.py”, line 1290, in _send_request
    self.endheaders(body, encode_chunked=encode_chunked)
    File “/usr/lib/python3.7/http/client.py”, line 1239, in endheaders
    self._send_output(message_body, encode_chunked=encode_chunked)
    File “/usr/lib/python3.7/http/client.py”, line 1026, in _send_output
    self.send(msg)
    File “/usr/lib/python3.7/http/client.py”, line 966, in send
    self.connect()
    File “/usr/local/lib/python3.7/dist-packages/docker/transport/unixconn.py”, line 43, in connect
    sock.connect(self.unix_socket)
    urllib3.exceptions.ProtocolError: (‘Connection aborted.’, FileNotFoundError(2, ‘No such file or directory’))

    During handling of the above exception, another exception occurred:

    Traceback (most recent call last):
    File “/usr/local/lib/python3.7/dist-packages/docker/api/client.py”, line 205, in _retrieve_server_version
    return self.version(api_version=False)[“ApiVersion”]
    File “/usr/local/lib/python3.7/dist-packages/docker/api/daemon.py”, line 181, in version
    return self._result(self._get(url), json=True)
    File “/usr/local/lib/python3.7/dist-packages/docker/utils/decorators.py”, line 46, in inner
    return f(self, *args, **kwargs)
    File “/usr/local/lib/python3.7/dist-packages/docker/api/client.py”, line 228, in _get
    return self.get(url, **self._set_request_timeout(kwargs))
    File “/usr/lib/python3/dist-packages/requests/sessions.py”, line 546, in get
    return self.request(‘GET’, url, **kwargs)
    File “/usr/lib/python3/dist-packages/requests/sessions.py”, line 533, in request
    resp = self.send(prep, **send_kwargs)
    File “/usr/lib/python3/dist-packages/requests/sessions.py”, line 646, in send
    r = adapter.send(request, **kwargs)
    File “/usr/lib/python3/dist-packages/requests/adapters.py”, line 498, in send
    raise ConnectionError(err, request=request)
    requests.exceptions.ConnectionError: (‘Connection aborted.’, FileNotFoundError(2, ‘No such file or directory’))

    During handling of the above exception, another exception occurred:

    Traceback (most recent call last):
    File “/usr/local/bin/docker-compose”, line 10, in
    sys.exit(main())
    File “/usr/local/lib/python3.7/dist-packages/compose/cli/main.py”, line 67, in main
    command()
    File “/usr/local/lib/python3.7/dist-packages/compose/cli/main.py”, line 123, in perform_command
    project = project_from_options(‘.’, options)
    File “/usr/local/lib/python3.7/dist-packages/compose/cli/command.py”, line 69, in project_from_options
    environment_file=environment_file
    File “/usr/local/lib/python3.7/dist-packages/compose/cli/command.py”, line 132, in get_project
    verbose=verbose, version=api_version, context=context, environment=environment
    File “/usr/local/lib/python3.7/dist-packages/compose/cli/docker_client.py”, line 43, in get_client
    environment=environment, tls_version=get_tls_version(environment)
    File “/usr/local/lib/python3.7/dist-packages/compose/cli/docker_client.py”, line 170, in docker_client
    client = APIClient(**kwargs)
    File “/usr/local/lib/python3.7/dist-packages/docker/api/client.py”, line 188, in __init__
    self._version = self._retrieve_server_version()
    File “/usr/local/lib/python3.7/dist-packages/docker/api/client.py”, line 213, in _retrieve_server_version
    ‘Error while fetching server API version: {0}’.format(e)
    docker.errors.DockerException: Error while fetching server API version: (‘Connection aborted.’, FileNotFoundError(2, ‘No such file or directory’))

    1. By any chance, would you be able to set up a new instance of Raspberry Pi OS and try again? If you have other things configured on your Raspberry Pi, don’t worry about trying it, but if you’re using this for Nginx Proxy Manager exclusively, I know that reinstalling Raspberry Pi OS fixed it for other people.

      Let me know if you can’t do that and I will see if I can try and replicate the issue!

      1. Hi, I have this same problem and I’m not able to set up a new instance of Raspberry Pi OS. Any new ideas of what might be wrong?

        1. I had the exact same error as you. The issue was that I hadn’t installed Docker… I thought it would be installed with docker-compose (I have never used Docker before, probably obvious to regular users that you need to install Docker itself first). I followed these instructions to install Docker https://docs.docker.com/engine/install/ and now it’s working properly.

  8. Have you tried to install a new instance of Raspberry Pi OS and go from there? It appears that the full re-installation of Docker will fix this, but since I’m not experiencing the issue, it’s hard to troubleshoot the exact command that could it fix it myself.

    Let me know and we can continue troubleshooting!

  9. I have a couple of questions if I may, and this is coming from a reverse proxy noob…..
    1) can I setup a proxy host to a subfolder and if so how?
    example, nginx has ports serverip:80,81,443 but on the same server I have apache2 running on ports serverip:18080,18443 and I want to redirect serverip:443 to serverip:18443/subfolder
    2) How do I change access list for any of the hosts so they require authentication rather than publicly accessible?

    1. The reverse proxy is only used for exposing internal services to the external internet. You can limit them by using access lists (like you mentioned), but they will still be exposed outside of your network.

      You cannot create a proxy host for a sub folder unless there is some sort of a web server in front of it exposing that specific folder. Think of a reverse proxy as a way to manage connections from outside clients to internal web servers. The service that you’re trying to access has to have a website that can be accessed inside of your local network. When you create the reverse proxy, you are then exposing that internal website to the outside internet.

      Hopefully this helps, but let me know if you have any other questions!

  10. Hi, Thanks for all your tutorials so far. It has been a real good help and fun! I am pretty new at this.
    I have a question. I have one raspberry pi and have installed Nginx and it works perfectly thanks to your video. Now I would like to add a Pi-Hole container next to it. I couldn’t figure this out because it shares the same port 80. I searched the internet but I couldn’t find a clear solution. Some say you need to make use of the reverse proxy, but I don’t know how that works. Do you have any idea?

    1. Thank you! You can certainly do this, but you will have to change port 80 to be something else. It is true that by default, they both use port 80, but changing port 80 and navigating to the management console using that port (8080 for example – http://IP_ADDRESS:8080) will avoid the port conflict entirely.

      Another option is to use a macvlan network interface. You can follow these instructions and everything should work properly! https://www.wundertech.net/how-to-set-up-pi-hole-on-openmediavault/

      Let me know if you have any questions!

  11. Please help, Im getting this error when I run the “sudo docker-compose up -d” and I have rebuild the image twice now with “RaspberryPi OS Lite” and both times I get the same error. Im guessing its the OS?

    All code was copied and pasted and nothing failed up till this point.

    [email protected]:~/nginx $ sudo docker-compose up -d
    Traceback (most recent call last):
    File “/usr/lib/python3/dist-packages/urllib3/connectionpool.py”, line 600, in urlopen
    chunked=chunked)
    File “/usr/lib/python3/dist-packages/urllib3/connectionpool.py”, line 354, in _make_request
    conn.request(method, url, **httplib_request_kw)
    File “/usr/lib/python3.7/http/client.py”, line 1244, in request
    self._send_request(method, url, body, headers, encode_chunked)
    File “/usr/lib/python3.7/http/client.py”, line 1290, in _send_request
    self.endheaders(body, encode_chunked=encode_chunked)
    File “/usr/lib/python3.7/http/client.py”, line 1239, in endheaders
    self._send_output(message_body, encode_chunked=encode_chunked)
    File “/usr/lib/python3.7/http/client.py”, line 1026, in _send_output
    self.send(msg)
    File “/usr/lib/python3.7/http/client.py”, line 966, in send
    self.connect()
    File “/usr/local/lib/python3.7/dist-packages/docker/transport/unixconn.py”, line 43, in connect
    sock.connect(self.unix_socket)
    FileNotFoundError: [Errno 2] No such file or directory

    During handling of the above exception, another exception occurred:

    Traceback (most recent call last):
    File “/usr/lib/python3/dist-packages/requests/adapters.py”, line 449, in send
    timeout=timeout
    File “/usr/lib/python3/dist-packages/urllib3/connectionpool.py”, line 638, in urlopen
    _stacktrace=sys.exc_info()[2])
    File “/usr/lib/python3/dist-packages/urllib3/util/retry.py”, line 367, in increment
    raise six.reraise(type(error), error, _stacktrace)
    File “/usr/lib/python3/dist-packages/six.py”, line 692, in reraise
    raise value.with_traceback(tb)
    File “/usr/lib/python3/dist-packages/urllib3/connectionpool.py”, line 600, in urlopen
    chunked=chunked)
    File “/usr/lib/python3/dist-packages/urllib3/connectionpool.py”, line 354, in _make_request
    conn.request(method, url, **httplib_request_kw)
    File “/usr/lib/python3.7/http/client.py”, line 1244, in request
    self._send_request(method, url, body, headers, encode_chunked)
    File “/usr/lib/python3.7/http/client.py”, line 1290, in _send_request
    self.endheaders(body, encode_chunked=encode_chunked)
    File “/usr/lib/python3.7/http/client.py”, line 1239, in endheaders
    self._send_output(message_body, encode_chunked=encode_chunked)
    File “/usr/lib/python3.7/http/client.py”, line 1026, in _send_output
    self.send(msg)
    File “/usr/lib/python3.7/http/client.py”, line 966, in send
    self.connect()
    File “/usr/local/lib/python3.7/dist-packages/docker/transport/unixconn.py”, line 43, in connect
    sock.connect(self.unix_socket)
    urllib3.exceptions.ProtocolError: (‘Connection aborted.’, FileNotFoundError(2, ‘No such file or directory’))

    During handling of the above exception, another exception occurred:

    Traceback (most recent call last):
    File “/usr/local/lib/python3.7/dist-packages/docker/api/client.py”, line 214, in _retrieve_server_version
    return self.version(api_version=False)[“ApiVersion”]
    File “/usr/local/lib/python3.7/dist-packages/docker/api/daemon.py”, line 181, in version
    return self._result(self._get(url), json=True)
    File “/usr/local/lib/python3.7/dist-packages/docker/utils/decorators.py”, line 46, in inner
    return f(self, *args, **kwargs)
    File “/usr/local/lib/python3.7/dist-packages/docker/api/client.py”, line 237, in _get
    return self.get(url, **self._set_request_timeout(kwargs))
    File “/usr/lib/python3/dist-packages/requests/sessions.py”, line 546, in get
    return self.request(‘GET’, url, **kwargs)
    File “/usr/lib/python3/dist-packages/requests/sessions.py”, line 533, in request
    resp = self.send(prep, **send_kwargs)
    File “/usr/lib/python3/dist-packages/requests/sessions.py”, line 646, in send
    r = adapter.send(request, **kwargs)
    File “/usr/lib/python3/dist-packages/requests/adapters.py”, line 498, in send
    raise ConnectionError(err, request=request)
    requests.exceptions.ConnectionError: (‘Connection aborted.’, FileNotFoundError(2, ‘No such file or directory’))

    During handling of the above exception, another exception occurred:

    Traceback (most recent call last):
    File “/usr/local/bin/docker-compose”, line 10, in
    sys.exit(main())
    File “/usr/local/lib/python3.7/dist-packages/compose/cli/main.py”, line 67, in main
    command()
    File “/usr/local/lib/python3.7/dist-packages/compose/cli/main.py”, line 123, in perform_command
    project = project_from_options(‘.’, options)
    File “/usr/local/lib/python3.7/dist-packages/compose/cli/command.py”, line 69, in project_from_options
    environment_file=environment_file
    File “/usr/local/lib/python3.7/dist-packages/compose/cli/command.py”, line 132, in get_project
    verbose=verbose, version=api_version, context=context, environment=environment
    File “/usr/local/lib/python3.7/dist-packages/compose/cli/docker_client.py”, line 43, in get_client
    environment=environment, tls_version=get_tls_version(environment)
    File “/usr/local/lib/python3.7/dist-packages/compose/cli/docker_client.py”, line 170, in docker_client
    client = APIClient(**kwargs)
    File “/usr/local/lib/python3.7/dist-packages/docker/api/client.py”, line 197, in __init__
    self._version = self._retrieve_server_version()
    File “/usr/local/lib/python3.7/dist-packages/docker/api/client.py”, line 222, in _retrieve_server_version
    ‘Error while fetching server API version: {0}’.format(e)
    docker.errors.DockerException: Error while fetching server API version: (‘Connection aborted.’, FileNotFoundError(2, ‘No such file or directory’))

    1. That’s certainly a bunch of strange errors. Did the initial libraries and Docker Compose install properly? Any weird errors when you installed them? Is the config.json and docker-compose.yml file in the ~/nginx folder?

      1. I dont see any issue with it,
        [email protected]:~/nginx $ sudo apt-get install -y libffi-dev libssl-dev
        Reading package lists… Done
        Building dependency tree
        Reading state information… Done
        libffi-dev is already the newest version (3.2.1-9).
        libssl-dev is already the newest version (1.1.1d-0+deb10u4+rpt1).
        0 upgraded, 0 newly installed, 0 to remove and 27 not upgraded.
        [email protected]:~/nginx $ sudo apt-get install -y python3 python3-pip
        Reading package lists… Done
        Building dependency tree
        Reading state information… Done
        python3 is already the newest version (3.7.3-1).
        python3-pip is already the newest version (18.1-5+rpt1).
        0 upgraded, 0 newly installed, 0 to remove and 27 not upgraded.
        [email protected]:~/nginx $ sudo pip3 -v install docker-compose
        Created temporary directory: /tmp/pip-ephem-wheel-cache-2jbvu0fw
        Created temporary directory: /tmp/pip-req-tracker-5gpcpx_2
        Created requirements tracker ‘/tmp/pip-req-tracker-5gpcpx_2’
        Created temporary directory: /tmp/pip-install-sfbgkbok
        Looking in indexes: https://pypi.org/simple, https://www.piwheels.org/simple
        Requirement already satisfied: docker-compose in /usr/local/lib/python3.7/dist-packages (1.27.4)
        Requirement already satisfied: docopt=0.6.1 in /usr/local/lib/python3.7/dist-packages (from docker-compose) (0.6.2)
        Requirement already satisfied: dockerpty=0.4.1 in /usr/local/lib/python3.7/dist-packages (from docker-compose) (0.4.1)
        Requirement already satisfied: docker[ssh]=4.3.1 in /usr/local/lib/python3.7/dist-packages (from docker-compose) (4.4.1)
        Installing extra requirements: ‘ssh’
        Requirement already satisfied: cached-property=1.2.0 in /usr/local/lib/python3.7/dist-packages (from docker-compose) (1.5.2)
        Requirement already satisfied: python-dotenv=0.13.0 in /usr/local/lib/python3.7/dist-packages (from docker-compose) (0.15.0)
        Requirement already satisfied: requests=2.20.0 in /usr/lib/python3/dist-packages (from docker-compose) (2.21.0)
        Requirement already satisfied: websocket-client=0.32.0 in /usr/local/lib/python3.7/dist-packages (from docker-compose) (0.57.0)
        Requirement already satisfied: PyYAML=3.10 in /usr/local/lib/python3.7/dist-packages (from docker-compose) (5.3.1)
        Requirement already satisfied: texttable=0.9.0 in /usr/local/lib/python3.7/dist-packages (from docker-compose) (1.6.3)
        Requirement already satisfied: distro=1.5.0 in /usr/local/lib/python3.7/dist-packages (from docker-compose) (1.5.0)
        Requirement already satisfied: jsonschema=2.5.1 in /usr/local/lib/python3.7/dist-packages (from docker-compose) (3.2.0)
        Requirement already satisfied: six>=1.3.0 in /usr/lib/python3/dist-packages (from dockerpty=0.4.1->docker-compose) (1.12.0)
        Requirement already satisfied: paramiko>=2.4.2; extra == “ssh” in /usr/local/lib/python3.7/dist-packages (from docker[ssh]=4.3.1->docker-compose) (2.7.2)
        Requirement already satisfied: setuptools in /usr/lib/python3/dist-packages (from jsonschema=2.5.1->docker-compose) (40.8.0)
        Requirement already satisfied: pyrsistent>=0.14.0 in /usr/local/lib/python3.7/dist-packages (from jsonschema=2.5.1->docker-compose) (0.17.3)
        Requirement already satisfied: importlib-metadata; python_version < "3.8" in /usr/local/lib/python3.7/dist-packages (from jsonschema=2.5.1->docker-compose) (3.3.0)
        Requirement already satisfied: attrs>=17.4.0 in /usr/local/lib/python3.7/dist-packages (from jsonschema=2.5.1->docker-compose) (20.3.0)
        Requirement already satisfied: pynacl>=1.0.1 in /usr/local/lib/python3.7/dist-packages (from paramiko>=2.4.2; extra == “ssh”->docker[ssh]=4.3.1->docker-compose) (1.4.0)
        Requirement already satisfied: bcrypt>=3.1.3 in /usr/local/lib/python3.7/dist-packages (from paramiko>=2.4.2; extra == “ssh”->docker[ssh]=4.3.1->docker-compose) (3.2.0)
        Requirement already satisfied: cryptography>=2.5 in /usr/lib/python3/dist-packages (from paramiko>=2.4.2; extra == “ssh”->docker[ssh]=4.3.1->docker-compose) (2.6.1)
        Requirement already satisfied: typing-extensions>=3.6.4; python_version < "3.8" in /usr/local/lib/python3.7/dist-packages (from importlib-metadata; python_version jsonschema=2.5.1->docker-compose) (3.7.4.3)
        Requirement already satisfied: zipp>=0.5 in /usr/local/lib/python3.7/dist-packages (from importlib-metadata; python_version jsonschema=2.5.1->docker-compose) (3.4.0)
        Requirement already satisfied: cffi>=1.4.1 in /usr/local/lib/python3.7/dist-packages (from pynacl>=1.0.1->paramiko>=2.4.2; extra == “ssh”->docker[ssh]=4.3.1->docker-compose) (1.14.4)
        Requirement already satisfied: pycparser in /usr/local/lib/python3.7/dist-packages (from cffi>=1.4.1->pynacl>=1.0.1->paramiko>=2.4.2; extra == “ssh”->docker[ssh]=4.3.1->docker-compose) (2.20)
        Cleaning up…
        Removed build tracker ‘/tmp/pip-req-tracker-5gpcpx_2’

        1. Can you try a different docker-compose file to see if it works? It’s hard for me to troubleshoot this specific issue as you’re getting generic errors that don’t have much information. As long as the docker-compose file and the database file are in the same folder, docker-compose should work. The error you’re getting is specifically stating that it can’t find the docker compose file or the config.json file.

          Let me know any other information that you can provide!

  12. what OS my I use, i get the impression it maybe related. tried 5 times now…

    1. I use the Raspberry Pi OS Lite operating system normally (previously Raspbian Lite). What OS are you using?

      1. same, I dont know what to do. I do notice alot of API errors,

        Error while fetching server API version: (‘Connection aborted.’, FileNotFoundError(2, ‘No such file or directory’))

        1. Have you tried with a fresh install of Raspberry Pi OS?

          1. Still no joy, same as above. Im using Raspberry Pi Lite (installing with Raspberry Pi Image) and it still gives me the same error. I kind of feel like the OS is missing componnents. What OS and what services should be installed other than the suggested,

            libffi-dev libssl-dev
            python3 python3-pip
            docker-compose

          2. From what I’m finding online, it’s a docker issue. If you type both commands below, what are the outputs? You might have to either upgrade or downgrade docker.

            which docker
            docker version

          3. Python 3.7.3 (default, Jul 25 2020, 13:03:44)
            docker-compose version 1.27.4, build unknown
            docker-py version: 4.4.1
            CPython version: 3.7.3
            OpenSSL version: OpenSSL 1.1.1d 10 Sep 2019

  13. Hi great tutorial, thnx

    I ran in some issues with latest docker version (5:20) not working on pi 4, but finally managed to install docker 5:19.03.14
    – I have pointed my dns to my IP-address. eg. demo.mydomain.com
    – my router is unifi mgt software running on the same pi (not in docker yet) and I created an forward rule to the ipaddress of the pi
    where nginx is running in docker
    – in nginx manager I created an host for demo.mydomain.com and set up this settings:
    * Scheme: http
    * ipaddress: the local 192.16.xxx.xxx address of the server
    * port: the correct port the server is listening
    * In the SSL tab force SSL

    When I use the addres https://demo.mydomain.com I am NOT redirected to the correct server in my network, but see this message:
    “Bad Request This combination of host and port requires TLS.”
    I also get in the chrome url “not secure”, but when I click on this I can see it us showing the lets encrypt certificate.

    Now I change the scheme in NGINX manager to HTTPS and now the site is working, but it still shows “not secure”

    What did I do wrong, or what did I miss?

    thanx Manfred

    1. Did you request an SSL certificate from Let’s Encrypt? If you did, is it properly applied to the proxy host?

    2. The installs work fine, the issue is when I have to run “sudo docker-compose up -d”, there python errors, see above (1 Jan). I just dont get it. Your scipt at least runs, other tutorials I ahve used just fail stright up.

  14. Hi Frank – thank you for the tutorial!

    Sorry just a few quick questions:
    1) I see on picture 11 it looks like NGINX has the ability to manage multiple proxies?
    2) I have 3 dongles attached to a 4 port usb hub attached to the raspberry. If the above is correct, I just need to get them working as Port 10001, 10002, 10003 etc… correct?

    Many thanks Frank, your help is greatly appreciated!!

    1. Hello!

      1. Yes, you can use NPM to manage multiple proxies. You would basically apply a different domain name (generally, by service is best, so plex.yourdomain.com, jellyfin.yourdomain.com, etc), and that will allow you to manage as many services as you’d like.
      2. When you say dongles, what exactly do you mean? Ethernet dongles? If so, your services would each be assigned a different network port and you will have to assign the proxy host to the correct port.

      Hope this helps, but if I can answer anything else, please let me know!

  15. the moderation is a pain is a pain, can you do something about it please? I nerver know if the post is live

    1. Unfortunately, no. I get hit with tons and tons of spam and I’m actively trying to fix it. This is the only option I have right now. If you submitted your message, I received it, I just haven’t had a chance to look into it yet.

      I am currently researching your issue and I’m trying to find out anything that I can. Did you run the two commands from the last message? If so, what were the outputs?

  16. Hi
    Yes I use let’s encrypt.
    By accident I discovered the reason today.
    On the private (windows10) laptop I used to configure the PI and the certificates I got the message ‘not secure’
    This morning I rebooted my work (windows10) laptop, and there the connection for this website was directly secure. I directly opened my private laptop, which was not rebooted since I installed the certificates and even after ctrl + F5 is was still ‘not secure’
    So then I stopped the chrome browser, and all the chrome processes on the private laptop. I restarted chrome and now the site was directly secure

    I had no idea for certificates there is also a kind of cache in the browser.

    sorry for the inconvenience, but the problem is solved.

    1. Not a problem, glad to hear it’s resolved!

    1. Yes, Docker is required to use Docker Compose. I apologize for not being clearer initially (I updated the post to reflect this). This was a follow up to my prior tutorial on how to install Docker/Portainer on a Raspberry Pi, which is why it’s not specifically stated here.

      Glad you were able to fix it.

  17. Hi! wondering if its OK to leave the username, password as “npm” or do we have to change each value to be unique?

    1. I left that as default for the tutorial, but you’re free to change it to whatever you’d like!

  18. Hi, so I get to the point of running sudo docker-compose up -d and I also watched your YT video on this and my terminal did not finish like yours did. See Printscreen screenshot > http://prntscr.com/xzvmha < this is where it reboots its self and if I keep going with the next steps, it shows no such container. Code below. I checked portainer and they are not there was well.
    [email protected]:~/nginx $ sudo docker update –restart always nginx_app_1
    Error response from daemon: No such container: nginx_app_1
    [email protected]:~/nginx $ sudo docker update –restart always nginx_db_1
    Error response from daemon: No such container: nginx_db_1
    [email protected]:~/nginx $
    I couldn't find anything that sticks out in the syslog but also I'm not very advanced at Linux or Pi.
    Thank your help!

    1. Please note I do have a WordPress running on this same Pi. Possible conflict with it and already having a MySQL set up?

      1. That could very well be the issue, but I’m not positive since I’ve never seen that issue before. Are you using port 80/443 for WordPress? Do you have a different SD card that you can test with to see if the port conflict is the issue?

  19. Thanks for the tutorial – very helpful! I’m having a persistent problem with nginx, the nginx_app_1 is always reporting “unhealthy” even after waiting for so long and restarting the pi and the containers many times. Here’s what the log says:

    [cont-finish.d] executing container finish scripts…
    [cont-finish.d] done.
    [s6-finish] waiting for services.
    [s6-finish] sending all processes the TERM signal.
    [s6-finish] sending all processes the KILL signal and exiting.
    [s6-init] making user provided files available at /var/run/s6/etc…exited 0.
    [s6-init] ensuring user provided files have correct perms…exited 0.
    [fix-attrs.d] applying ownership & permissions fixes…
    [fix-attrs.d] done.
    [cont-init.d] executing container initialization scripts…
    [cont-init.d] 01_s6-secret-init.sh: executing…
    [cont-init.d] 01_s6-secret-init.sh: exited 267.
    !!!!!
    init-stage2 failed.
    !!!!!

    This block keeps repeating itself again and again with the same outcome. I have forwarded the ports 443 and 80 on TCP but this didn’t change anything and it was happening before and after I did that. Any suggestions?

    1. That error appears like it’s on the setup, so unfortunately, opening ports 80/443 wouldn’t help. Are you running anything else on the Raspberry Pi that could be causing conflicts?

      1. No. It’s a fresh install of Raspberry Pi OS (with desktop) and nothing else. I also checked if Apache2 exists since I heard it may cause that conflict but also it isn’t there. Any chance to get it working somehow or starting from scratch is the only option?

        1. I don’t want to say it’s the only option but it’s an option. If you have nothing else running on the Pi, it might be the easiest option, but if you have other things running, it might be worth it to take the time and try and isolate the issue.

  20. Hey WunderTech,

    Thanks for the great tutorials! I am trying to setup a self-hosted Bitwarden on my RPi4 using your tutorials, however, I ran into some issues while setting up the Nginx reverse proxy server.
    Additional info – I do have a nextcloud instance along a plex server running on the same RPi and I’m using apache2 as the webserver. I believe the errors I’m running into are because the port 443 is already in use by apache2 and hence the docker compose command fails for me. Below are the error messages I ran into –

    ERROR: for nginx_app_1 Cannot start service app: driver failed programming external connectivity on endpoint nginx_app_1 (12497ebf7da4
    Creating nginx_db_1 … done
    use

    ERROR: for app Cannot start service app: driver failed programming external connectivity on endpoint nginx_app_1 (12497ebf7da4af8c77cb5e4fd792eef9727e3acfcc15677ca86e1d93abfd9364): Error starting userland proxy: listen tcp4 0.0.0.0:443: bind: address already in use
    ERROR: Encountered errors while bringing up the project.
    [email protected]:~/nginx $ sudo netstat -ntulp | grep 443
    tcp6 0 0 :::443 :::* LISTEN 11707/apache2
    [email protected]:~/nginx $ docker ps
    CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
    f3cc55ba4618 yobasystems/alpine-mariadb:latest “/scripts/run.sh” 7 minutes ago Up 7 minutes 3306/tcp nginx_db_1
    72c3c0fc31cc bitwardenrs/server:latest “/usr/bin/dumb-init …” 19 minutes ago Up 19 minutes (healthy) 3012/tcp, 0.0.0.0:8080->80/tcp bitwarden
    12b600fdcfd6 portainer/portainer-ce:linux-arm “/portainer” 26 minutes ago Up 26 minutes 8000/tcp, 0.0.0.0:9000->9000/tcp xenodochial_cori

    Any help in resolving these?

    1. You are correct. Is there any way that you can map port 443 to something else, then use the reverse proxy to expose that service if you’d like?

  21. Getting the following Error on the nginx app container:
    Can’t take lock to run migrations: Migration table is already locked
    If you are sure migrations are not running you can release the lock manually by deleting all the rows = require(migrations lock table: migrations_lock

    1. Okay, so I connected to the db container and deleted the lock, but now it’s having errors migrating. with a table already existing

      1. When you say you connected to the db container, what exactly do you mean? Can you also clarify what you mean when it says that a table already exists? Is that a database error and if so, where are you receiving it?

        1. I also had this problem. In addition to deleting all rows in table migrations_lock, I had to drop the auth and user tables as well. After restarting nginx_app_1 (I stopped it before messing with the db), it eventually changed to healthy.

          1. Thanks so much for sharing!!

  22. Thanks for the great tutorial. However I’m getting “no password auth for user” at nginx proxy manager log-in page it either doesn’t like the ‘changeme’ password or it’s not connected to database. This is another fresh installed Pi OS and everything appeared to be done correctly without errors. Only thing is that I can’t get nginx_db_1 container to become ‘healthy’ instead of ‘running’ in green color.
    In fact this is the 4th writeup I’m following and after hundreds of hours of failure I am so discouraged that I can’t even get one thing to work I had great success on Windows had been asking myself why fix things ain’t broke.

    1. It’s reporting as healthy or running? It should be running when the nginx proxy manager container is running. Also, you’re able to get to the web admin console, it just doesn’t let you login?

      1. Same issue here, portainer reports nginx_app_1 as healthy and nginx_db_1 as running and i can’t login to proxymanager 🙁

        1. Someone posted a solution here a few days ago in the comments. Do you think you can try that?

  23. t’s reporting ‘running’. Yes I’m at the log in page had a spinning ring when password was submitted and returned with this message ‘No password auth for user’.
    I have these errors in the log from last reboot:

    2021-03-07 11:44:31 0 [Note] /usr/bin/mysqld: Shutdown complete

    [i] mysqld already present, skipping creation

    [i] MySQL directory already present, skipping creation

    2021-03-07 11:45:00 0 [Note] /usr/bin/mysqld (mysqld 10.4.15-MariaDB) starting as process 1 …

    2021-03-07 11:45:01 0 [Note] InnoDB: Using Linux native AIO

    2021-03-07 11:45:01 0 [Note] InnoDB: Mutexes and rw_locks use GCC atomic builtins

    2021-03-07 11:45:01 0 [Note] InnoDB: Uses event mutexes

    2021-03-07 11:45:01 0 [Note] InnoDB: Compressed tables use zlib 1.2.11

    2021-03-07 11:45:01 0 [Note] InnoDB: Number of pools: 1

    2021-03-07 11:45:01 0 [Note] InnoDB: Using generic crc32 instructions

    2021-03-07 11:45:01 0 [Note] mysqld: O_TMPFILE is not supported on /var/tmp (disabling future attempts)

    2021-03-07 11:45:01 0 [Note] InnoDB: Initializing buffer pool, total size = 128M, instances = 1, chunk size = 128M

    2021-03-07 11:45:01 0 [Note] InnoDB: Completed initialization of buffer pool

    2021-03-07 11:45:01 0 [Note] InnoDB: If the mysqld execution user is authorized, page cleaner thread priority can be changed. See the man page of setpriority().

    2021-03-07 11:45:01 0 [Note] InnoDB: 128 out of 128 rollback segments are active.

    2021-03-07 11:45:01 0 [Note] InnoDB: Creating shared tablespace for temporary tables

    2021-03-07 11:45:01 0 [Note] InnoDB: Setting file ‘./ibtmp1’ size to 12 MB. Physically writing the file full; Please wait …

    2021-03-07 11:45:01 0 [Note] InnoDB: File ‘./ibtmp1’ size is now 12 MB.

    2021-03-07 11:45:01 0 [Note] InnoDB: Waiting for purge to start

    2021-03-07 11:45:01 0 [Note] InnoDB: 10.4.15 started; log sequence number 157165; transaction id 306

    2021-03-07 11:45:01 0 [Note] InnoDB: Loading buffer pool(s) from /var/lib/mysql/ib_buffer_pool

    2021-03-07 11:45:02 0 [Note] Plugin ‘FEEDBACK’ is disabled.

    2021-03-07 11:45:02 0 [Note] Server socket created on IP: ‘::’.

    2021-03-07 11:45:02 0 [Warning] ‘user’ entry ‘@5198337f35a6’ ignored in –skip-name-resolve mode.

    2021-03-07 11:45:02 0 [Warning] ‘proxies_priv’ entry ‘@% [email protected]’ ignored in –skip-name-resolve mode.

    2021-03-07 11:45:02 0 [Note] InnoDB: Buffer pool(s) load completed at 210307 11:45:02

    2021-03-07 11:45:02 0 [Note] Reading of all Master_info entries succeeded

    2021-03-07 11:45:02 0 [Note] Added new Master_info ” to hash table

    2021-03-07 11:45:02 0 [Note] /usr/bin/mysqld: ready for connections.

    1. These don’t appear to be errors. Are there actual errors anywhere? Have you checked the Docker container’s log files?

      1. nginx_app_1 log:
        finish: applet not found
        [cont-finish.d] executing container finish scripts…
        [cont-finish.d] done.
        [s6-finish] waiting for services.
        s6-svscanctl: fatal: unable to control /var/run/s6/services: supervisor not listening
        [s6-finish] sending all processes the TERM signal.
        [s6-finish] sending all processes the KILL signal and exiting.

        Portainer log:
        2021/03/08 22:07:05 Starting Portainer 2.1.1 on :9000
        2021/03/08 22:07:05 [DEBUG] [chisel, monitoring] [check_interval_seconds: 10.000000] [message: starting tunnel management process]
        2021/03/08 22:47:54 http error: Invalid JWT token (err=Invalid JWT token) (code=401)
        2021/03/08 22:47:55 http error: Unauthorized (err=Unauthorized) (code=401)
        2021/03/09 06:48:45 http error: Invalid JWT token (err=Invalid JWT token) (code=401)

        1. I’m sorry, it’s hard for me to help troubleshoot with this information. I would try and reinstall Raspberry Pi OS, start from scratch and see if everything works as expected.

          1. I start over with a new Pi and new card from scratch and got everything running except I got ‘internal error’ when requesting SSL from Lets Encrypt.
            Found out my domain provider which is name.com doesn’t support DDNS. Is there an work around? or it simply won’t work?
            I’m using DDNS feature offered by Asus Router WebUI, which also offer SSL. I can connect to BitWarden from WAN over 8080 port but no HTTPS available. Do I just simply change it to 443? If I later need Pi-hole and other services how do I go about other SSL requirement?

          2. Did you port forward ports 80/443 to your Raspberry Pi? Are you using a firewall that could be blocking those ports? As long as you can communicate over that port, you should be able to get an SSL certificate (assuming the domain provider is setup correctly).

  24. Hi i’ve found following log
    ~/nginx/data/logs$ cat error.log
    2021/03/08 22:10:40 [error] 262#262: *1 connect() failed (111: Connection refused) while connecting to upstream, client: 127.0.0.1, server: nginxproxymanager, request: “GET /api/ HTTP/1.1”, upstream: “http://127.0.0.1:3000/”, host: “127.0.0.1:81”
    2021/03/08 22:10:45 [error] 262#262: *3 connect() failed (111: Connection refused) while connecting to upstream, client: 127.0.0.1, server: nginxproxymanager, request: “GET /api/ HTTP/1.1”, upstream: “http://127.0.0.1:3000/”, host: “127.0.0.1:81”
    2021/03/08 22:10:50 [error] 262#262: *5 connect() failed (111: Connection refused) while connecting to upstream, client: 127.0.0.1, server: nginxproxymanager, request: “GET /api/ HTTP/1.1”, upstream: “http://127.0.0.1:3000/”, host: “127.0.0.1:81”

    1. It looks like it can’t access the database. Is the database properly running?

  25. hi great guide but I’m having a problem is it go to my modem login page if I type in my public IP address and port 80 eg 123.123.123.123:80 i have port forward both ports and tryed two diff modems but it always go to my login page what im i doing wrong.

    1. Did you properly open ports 80/443? Can you check an online port checker to confirm that they’re open?

      1. yes checked both open checked with two sites.

        1. What is the reverse proxy that you set up? Is it pointing to your router by any chance?

          1. No to the pi4 itself modem/router ip 192.168.0.1 pi 192.168.0.4
            Posted about this on my isp Webb page and another person that has not got Nginx or a pi tried his public IP and port 80 and he also opens the modems login page isp are looking into this I just tried installing nextcloud and when I click on the site I made it take me to the modems login page.

          2. Sounds like your ISP is blocking it then, unfortunately. Can you log in to the account and see if you can allow port 80 traffic?

  26. Hi there, I have an observation to share but first let me tell you HOW GRATEFUL I am for your tutorials! I have zero knowledge about coding or web stuff things, but you made it simple. I followed the Raspberry, the Docker, the Guacamole tutorials and now here I am with a fully functional Nginx and able to access to my desktop over the internet :). I’ve read your “About” page, and I can assure you that your goal is fully reached!

    Back to my observation (I’m a pragmatic person) : I didn’t managed to make Nginx work with your files, the “nginx_app_1” container was unhealthy with a “parse error: Invalid numeric literal at line 1, column 7 NOT OK” message.

    Maybe it has to do with the fact I adapted your tutorials for my computer running on Ubuntu (wanna try before buying a raspberry), but long story short I managed to make it work with the “docker-compose.yml” from the Nginx website (https://nginxproxymanager.com/setup/). With this, no need for a conf.json and it’s perfectly working. I’ll give another try to your configuration when I’ll get a Raspberry, I’ll let you know if there’s a difference. Won’t be before a while probably, until then stay safe and keep going with your great and helpful work!

    Best,
    Jerome

    1. A lot of people have been getting that error, so when I get some time, I have to go back and ensure that this still works like it used to. Either way, I’m glad to hear that you got it working and thanks for the feedback!

      1. Hi there!
        Small update to inform you that your method works perfectly on a Raspberry Pi 4!

        Cheers!

        1. Awesome, thanks so much for letting me know!

        2. Hi Jerome. I have tried to install on a PI 4 and failed. Can you tell me which OS you are using? And a question from a complete Linux newby: do I have to do the installation as root (su)?

  27. Hello and thanks for this tutorial!
    Could you tell me, how i can put nginx to a different IP?
    I wanna install PiHole on my raspberry too, but the Ports 80 and 443 are already reserved for Nginx.
    PiHole should be locally installed, so a different IP for Nginx and the DB would be perfect.
    Maybe you can help me!
    Greets from Austria

    1. It might be smarter to change the port for Pi-hole (if you can). Since most domains use 80/443, if you use a different port for Nginx, you will have to append that port to every domain name. If you use 443, you will only have to type in the domain name.

      1. Hmm.. But is it also possible to put nginx in a macvlan Network?

        1. Yes, you can use a macvlan network for NPM.

          1. Could you help me with that?
            Is there a way to let NPM only connect to the db and dont expose the Ports to public?

  28. Hello,

    after step 4
    enter the command

    sudo usermod -aG docker pi

    and continue the process

  29. HI, followed instructions. both containers for nginx are up, running and healthy. Browsing to page presents the familiar login banner.
    Enter [email protected] and pass changeme. Seems to work but I get the same page back again and never reach a point to change. Any suggestions?

    1. Have you tried restarting the container? Any other error messages? Anything in the docker logs?

  30. Hi, thanks for the great tutorial for an absolute newby. I follow it and the installation went all the way without problems. But no I’ve got the same problem that was reported by Mohammed a couple of weeks ago: NPM remains “unhealthy” and as such login isn’t possible: Error “Bad gateway” which is obvious.
    Any idea other than a full fresh install? It’s a Raspberry PI 3+ just to run Docker / NPM with Raspberry image

    1. I know this is a stupid question but have you tried to reboot? This error can be so many different things that a reinstall is normally the easiest, but not necessarily only way to fix it.

    2. Hey Lutz! Just a hint since I just made that mistake today on a Pi4. The other day my problem was that I used a Pi Zero W which has an unsupported arv6 CPU, so it kept doing that. Today I faced the same “unhealthy” issue along with the bad gateway (which I didn’t have before) because I accidentally changed the ‘db’ as a database name while I was changing the username/password in the config.json.
      Hope that helps!

      1. Hey Mohammed. Thanks for the tip but that does not appear to be the case here. I did a complete, fresh install right from the beginning exactly following all steps without changing anything. Problem still exists.
        It appears to be a problem when generating the dummy SSL certificate:

        >>>
        nginx: [emerg] cannot load certificate “/data/nginx/dummycert.pem”: BIO_new_file() failed (SSL: error:02001002:system library:fopen:No such file or directory:fopen(‘/data/nginx/dummycert.pem’,’r’) error:2006D080:BIO routines:BIO_new_file:no such file)
        <<>>
        Generating dummy SSL certificate…

        Generating a RSA private key

        ……………………

        #

        # Fatal error in , line 0

        # unreachable code

        #

        #

        #

        #FailureMessage Object: 0xbed0d1bc

        …/run: line 18: 28168 Illegal instruction (core dumped) node –abort_on_uncaught_exception –max_old_space_size=250 index.js

        .+++++

        ………………………..+++++

        writing new private key to ‘/data/nginx/dummykey.pem’

        —–

        3069420432:error:0D0D90AD:asn1 encoding routines:ASN1_TIME_adj:error getting time:crypto/asn1/a_time.c:330:

        Complete
        <<<

        Not knowing enough about Linux but is this an issue with the system clock???

        Thanks for any other help on this.
        Lutz

        1. When are you receiving the error? When you say dummy SSL certificate, what exactly do you mean?

          1. The error that can be seen above comes up as soon as the two nginx container start running. While the db is running fine the npm container is remains “unhealthy” with the above error message is written in the nginx container log file.
            As you can see in the above text blog it seems to me that the nginx container tries to generate an SSL certificate locally (as at this moment the host can’t be reached by LetsEncrypt from the outside through port 80.

            So he (nginx) seems to generate a local “dummy” key until nginx is able to generate a “true” certificate via LetsEncrypt.

            Thanks, Lutz

          2. I am getting the error while the container is starting. It remains in the “unhealthy” state and loops while “trying to install dummy keys”.
            I did an install on a PI3 using a 32-bit Ubunutu 20.04. LTS server image and everything worked fine.

          3. What OS are you getting the error on? I only use Raspberry Pi OS, so I can’t comment on how other OS’s work. It sounds like you got it working though, which is great!

  31. Hey there,
    I installed portainer and also bitwarden with your tutorials and that worked fine.
    Now I want to install nginx and I get the following erro when I start “sudo docker-compose up -d

    Starting nginx_app_1 …
    nginx_db_1 is up-to-date
    Starting nginx_app_1 … error

    ERROR: for nginx_app_1 Cannot start service app: driver failed programming external connectivity on endpoint nginx_app_1 (fd5f46de26be0be172e2b30fe4ffb0899886183b633cca03a9ab9e37a50fdfc1): Error starting userland proxy: listen tcp4 0.0.0.0:80: bind: address already in use

    In portainer I have the “nginx_db_1” running, “nginx_app_1” is only created.
    How can I fix that?

    1. It looks like you’re using port 80 for something on your Raspberry Pi. If you are, you will be better off changing that port on that container so you can use 80/443 for NPM.

Leave a Reply

Close Menu