Home Assistant Community Add-on: Nginx Proxy Manager

Tried that, this is what I get now, kinda progress:

And I removed the /admin from the URL in the iframe config, I also tried with it but same issue:

panel_iframe:
  pihole:
    title: Pi-Hole
    icon: mdi:security-network
    url: 'https://pihole.mydomain.com/'

Even directly accessing https://pihole.mydomain.com/admin (or even without /admin) breaks with the same broken page above.
Once I remove the /admin from Forward Host then it works fine but then I have to use https://pihole.mydomain.com/admin

I did remove the Base URL in my config when setting NGINX… I will try that.

Also is there any way we can bypass the password for the embedded iFrames like for cloud9, Tautalli, Tranmission, etc? I get the standard authentication popups for these:

Is there a way to pass the authentication based on the iFrame URL? I.e.:

https://user:[email protected]/
https://cloud9.mydomain.com/?username=user&password=password

This would be quite neat as we still don’t have Ingress yet for all addons and the current ones can not be added to iFrame (or you get two HomeAssistant sidebards).

dear,
dont know much about implementing it without authentication,
but in 0.92 most probably
ingress addon means whatever addons available under ingress will available under iframe.
so better wait for 0.92.

I suspect this is not the case. I have a feeling that the ingress addition as an iframe is much the same as the custom panel “hack” we’re using now, which means that it will still be protected by the standard HA auth, so if you are accessing it outside of HA, you will still need to log in.

I was thinking on removing the password from my addons and using the NGINX access list.

##### What is an Access List?
Access Lists provide authentication for the Proxy Hosts via Basic HTTP Authentication.
You can configure multiple usernames and passwords for a single Access List and then apply that to a Proxy Host.
This is most useful for forwarded web services that do not have authentication mechanisms built in.

So it does work, I can do the authentication on NGINX when accessing externally and leave the door open for the addons on my LAN. Now I am still trying to figure out how to pass the username and password in the URL as per my last post. Any ideas on how to achieve this? Apparently this can be added in the options of web server used for NGINX but I have no idea where to start.

dear,
thats true if u want to access outside of HA than there must be requred authentication.
else, according to frenk the maker of hassio addons, this are going to be imply as iframe.
let see what comes next.

Hello! Can someone write a tutorial to addon nginx proxy manager? I have a probelm with it, probably it will be easy for you, not for me
I am using newest hassio in docker on ubuntu with duckdns (should I “accept_terms” set to true in this addon aswell? i did it) Somehow I configure it well and i can acces hassio by typing mydomain.duckdns.org . My ubuntu ip is 192.168.100.6. I just want to type in addres line (for example) mydomain.duckdns.org/nginx and be connected to 192.168.100.6:81 (nginx proxy manager) so i clicked edit in existing proxy host, moved to “custom locations” add location: /nginx , scheme https ip: 192.168.100.6 forward port: 81. And after that when i go mydomian.duckdns.org it says 502 bad gateway. If i change Scheme https to http i got blank white page. What i am doing wrong? I want to type mydomian.duckdns.org/router and be connected to 192.168.100.1:80 aswell.

Second question: Is there a possibility do add a config (i am very low with that) to acces nginx proxy manager without opening 81 port? I just want have a minimal amount of ports opened, to make proxy manager work i have 81, 443 opened only.

Thanks in advance

Just wondering if there is a way to reset this addon completely?

I have reinstalled it recently and it will not allow me to log in using the default username and password or the one i had set up when i had the addon installed before:

[4/23/2019] [1:55:47 PM] [Express ] › :warning: warning No relevant user found

3 Likes

It works great, so easy! Thanks a lot for porting this!

I only have an issue with creating a sub domain for the Pi-Hole addon. Other subdomains are working fine.

In Nginx Proxy Manager I created a poxy host as follows:

When I go to pihole.mydomain.com I get redirected to http://pihole.mydomain.com:4865/admin, but the page doesn’t load, I get an ERR_CONNECTION_REFUSED.

Does anyone have this working? Would love to set this up for Pi-Hole.

Thanks!

I also use caddy, but I like the look of this too.
I might trial a switch…

i’ve installed the addon but when i request a ssl certificate i got an internal error. The certificate is available but won’t work when i select it ?

I currently use the older Nginx Home Assistant SSL proxy add-on. Should I switch to this one? I started it, but I think they conflict with each other. I think it also disabled the older one after restarting… and I couldn’t access the backend… Just wondering if there was reasons I should get this one working overf the older one. Thanks

If your previous configuration is working and u wont add any other config there is no reason to change.

This addon provides nice ui and it is easier to work with than previous one.

2 Likes

have u used this x-forwarded

if yes, please guide how to add it

I have the same configuration but I have to use pihole.mydomain.com/admin then it works fine.
I don’t use any locations or custom configuration to redirect pihole.mydomain.com to yourip:4865/admin.
Just plain forward to 4865 and then I add the /admin location when I call the URL.

Thanks for replying. Strange, I have the exact same config, but it does not load for me. Also not with pihole.mydomain.com/admin

UPDATE: ESPHome is now available in the sidebar.

Here are my notes for how to set up Nginx Proxy Manager (NPM) for
hassio: 192.168.1.xxx:8123
other server: 192.168.1.yyy:zzzz

In DNS settings for mydomain.com - create a subdomain forward for hassio and other server (I used an A record + dynamicDNS)
forward @.mydomain.com to my home IP 123.45.67.89
forward other.mydomain.com to my home IP 123.45.67.89

In my router - send incoming traffic to hassio to be grabbed by NPM
forward port 80 to 192.168.1.123 Internal Port 80 TCP
forward port 443 to 192.168.1.123 Internal Port 443 TCP

In Nginx Proxy Manager
Create a Proxy Host for Hassio
Domain Names: mydomain.com
Scheme: http
Forward Hostname / IP: 192.168.1.xxx
Forward Port: 8123
Enable Websockets Support
SSL Request new Certificate

Create a Proxy Host for other server
Domain Names: other.mydomain.com
Scheme: http
Forward Hostname / IP: 192.168.1.yyy
Forward Port: zzzz
SSL Request new Certificate

Note: NPM / Let’s Encrypt does not handle wildcard SSL at this time. So request a new SSL Certificate for every subdomain

In Configuration.yaml, comment out the HTTP section if not already done
#http:
# base_url: http://mydomain.com:8123
# ssl_certificate: /ssl/fullchain.pem
# ssl_key: /ssl/privkey.pem

In add-on configs, confirm: “ssl”: false,

My add-on TasmoAdmin is unavailable from the “Open Web UI” link so I link to them directly with http://192.168.1.xxx:9541 etc. and accept the unsecure notice.

I had to set up Grafana as an other server because it does not support Hass.io Ingress, and I need https access to the graphs.

Cheers, Richard

9 Likes

I cant access grafana from internet,
I can access locally but not through internet.
What are nginx conf for grafana
Please guide
Is this right place to ask for guidance?

Dear,
I have one rpi3b+,
I had installed hassio with docker on raspbian.
What should I do to use grafana with https locally as well as from internet.
Guidance needed.
Please guide