How can I config nginx proxy manager to forward to 444 instead of 443?

My router ISP doesn’t have NAT Loopback neither permit me to port forward 443 port

Set the port in the add-on configuration, there is a Network section there that allows you to change the port configuration. You can also (if you router permits that) forward port 444 from the outside to 443 on the inside. Both are viable solutions.

Release v0.4.0

Full Changelog

This is a general maintenance release.

Changes

• Updates maintenance/license year to 2020
• Funding adjustments
• Fixes some spelling and grammar
• Upgrades add-on base image to v6.0.1
• Upgrades git to 2.24.1-r0
• Upgrades nodejs to 12.14.0-r0
• Upgrades python2 to 2.7.16-r3
• Upgrades yarn to 1.19.2-r0
• Upgrades certbot to 1.0.0-r0
• Upgrades nginx to 1.16.1-r4
• Upgrades mariadb to 10.4.10-r0
• Upgrades openssl to 1.1.1d-r3
• Hotfix for new Nginx paths
• Ensure new paths exists
• Fix MySQL init for new installations

Questions? Join our Discord server! https://discord.me/hassioaddons
Enjoying my add-ons? Consider supporting my work:
https://github.com/sponsors/frenck or https://patreon.com/frenck

I would like to use NPM but I also use Emulated Hue which has to have port 80 to work. Is there a way to set up a proxy-forward so that the local network requests go to port 80? The alternative is that I port forward 80 on my router to 8080 or some such port and keep 80 open on the pi for emulated hue. Is there a preferred method?

Can anyone share their configuration to get haaska working through this addon?

There’s nothing special about haaska, what’s the issue?

Sorry I should have updated. I think I expected an issue but there wasn’t one. I overcomplicated an extremely simple thing lol.

Hi, any advice on how to achieve this? I do have other sever in my LAN that requires a specific NGINX file, where would I need to put this configuration?

server {
    server_name scry.mydomain.com;  
    listen 443 ssl; # managed by Certbot
    ssl_certificate /etc/letsencrypt/live/scry.mydomain.com/fullchain.pem; # managed by Certbot
    ssl_certificate_key /etc/letsencrypt/live/scry.mydomain.com/privkey.pem; # managed by Certbot
    include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot
    ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot

    location / {
        ssi on;
        proxy_pass https://10.254.0.104/;
        proxy_set_header X-Forwarded-For $remote_addr;
        proxy_set_header Host $http_host;
    }
    # BOSH
    location /http-bind {
        proxy_pass http://10.254.0.104:5280/http-bind;
        proxy_set_header X-Forwarded-For $remote_addr;
        proxy_set_header Host $http_host;
    }

    # xmpp websockets
    location /xmpp-websocket {
        proxy_pass              http://10.254.0.104:5280/xmpp-websocket;
        proxy_http_version      1.1;
        proxy_set_header        Upgrade $http_upgrade;
        proxy_set_header        Connection "upgrade";
        proxy_set_header        Host $host;
        tcp_nodelay             on;
    }
}

anyone know how to use custom locations?

I’m testing this addon and I have one issue with the real IP of the visitor, ip_ban always detect the docker IP as the source. I tried with:

proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $remote_addr;
proxy_set_header X-Forwarded-Host $remote_addr;
real_ip_header X-Real-IP;
real_ip_recursive on;

With the same result. What are the correct configuration on this addon and the http section to get the real IP? Any ideas @frenck? Thanks in advance!

Has anyone had any success adding using an access list to a home assistant subdomain? It works fine for all my other subdomains but home assistant becomes unreachable if I try to set one for its page? I know you still have to login to the hass page but I would prefer both authentication types.

Subdomain (https://hass.domain.org) or subfolder (https://domain.org/hass)?

Subdomain. For example my “printer.example.com” works perfectly with my access list, asking for authentication before bringing me to the printer page login. But my “hass.example.com” suddenly stops loading if I add it to my access list.

I actually had the same problem when I was using the letsencrypt/nginx docker container for reverse proxy. Hass login doesnt seem to play nice with nginx authentication?

Works for me: initially I had the Access list set to Public (only relying on HA authentication) and now changed it to an Access list. First it asks for the NGINX user and password then HA’s user and password, and finally multi-factor authentication

Did you select “Websockets support”?

I asked about subfolder as it won’t be supported (https://github.com/home-assistant/architecture/issues/156#issuecomment-474528786)

I don’t fully get the issue I’m having:

• My main proxy forwards my domain to Hass, which fully works as expected.

• However I also want to add domain/pihole to forward to Pihole.

• This only works when entering domain/pihole/ and not domain/pihole

• Question 1: Maybe bit lazy, but why doesn’t it work without backslash?

• Question 2: And the domain shows as not Secure; expected that the https initial link to NGinx, would also make http address of pihole, show as being secured.

Screenshot 2020-02-23 13.54.08950×560 28.4 KB

I am trying to use the proxy manager with a wordpress site (apache) hosted on a pi3 seperate from my hassio install. The issue I am having is that the CSS is not coming across as secure. Wordpress’ solution is to add proxy_set_header X-Forwarded-Proto https; inside the location block. This doesn’t work in the advanced section of the config. Has anyone gotten this to work with wordpress?

Release v0.5.0

Full Changelog

This is a big major release!

This release upgrades the Nginx Proxy Manager to the latest and greatest, furthermore, it now leverages the official MariaDB add-on to store its data in.

Breaking change

This add-on now depends on and requires the official Home Assistant MariaDB add-on in order to run.

All data of the NGINX Proxy Manager is now stored in that add-on. This removes the need for the add-on to run and maintain its own database server. This reduces memory & CPU usages and makes it easier to maintain the add-on overall.

If you are upgrading, please make sure you have installed the MariaDB add-on (version 2.0 or higher). The NGINX Proxy Manager add-on will automatically migrate your existing data.

Changes

• Re-branding
• Update add-on documentation to use new YAML configuration format
• Fix Patreon link
• Update add-on config with new password & list features
• Updates for upstream Supervisor changes
• Upgrades nodejs to 12.15.0-r1
• Upgrades nginx to 1.16.1-r6
• Upgrades mariadb to 10.4.12-r0
• Upgrades nginx-proxy-manager to v2.1.1
• Remove unneeded eslint from build
• Upgrades add-on base image to v7.0.2
• Adds migration to official MariaDB add-on (#77)
• Update add-on instructions

Questions? Join our Discord server! https://discord.me/hassioaddons
Enjoying my add-ons? Consider supporting my work:
https://github.com/sponsors/frenck or https://patreon.com/frenck

Is there a way to add my own SSL certificate by pointing it to /ssl/fullchain.pem? The proxy manager let’s me upload a certificate, but I’d like to use the one already there as that’s a wildcard Let’s Encrypt SSL certificate (DNS challenge). When the certificate expires, I’d just have to restart the proxy manager and not re-upload certificates. I’m not exposing port 80 to allow Let’s Encrypt to do an http challenge.

Thanks!

Hi frenck! It works perfect. Thank you!

Hi frenck!
Why cann’t connect yyyy.duckdns.org with different network (remote access) in nginx proxy manager?
Plz: reply…
How can do?