Nginx proxy manager - tcp bind: address already in use

Hi fellow HA enthusiasts!

I try to get the nginx proxy manager add-on running. Unfortunately it does not start and pops an error in my logs, which I quite do not understand. Please see the logs below. I read that mariadb must be installed and running, which it does. Checking my add-ons and so far I can not see one of it using port 443. Also 443 is not opened on my router. So I ssh into my pi and executed sudo netstat -tulpn | grep LISTEN.There I saw is using 443.

This result left me a little confused, since I am not a crack on these things. What can I do from here? How do I get nginx proxy manager running?

I am using supervised HA (2021.03.6) on a raspberry 4b. Pretty standard installation, I assume. My router is a AVM Fritzbox 7590.

Any help is much appreciated!

21-03-17 18:25:52 ERROR (SyncWorker_3) [supervisor.docker] Can’t start addon_a0d7b954_nginxproxymanager: 500 Server Error for http+docker://localhost/v1.40/containers/b914b7c390096ddc51775fcb0aa904c9bf77dc7065dc46ca6903761e9af74a41/start: Internal Server Error (“driver failed programming external connectivity on endpoint addon_a0d7b954_nginxproxymanager (ccdcf2441fa9133cda330d3bbb1bb4ed6b84505e668060596fc65272847df25e): Error starting userland proxy: listen tcp bind: address already in use”)

Which other Addons do you have?

Have you got SSL enables in your ha config.

Do you mean this part in my configuration.yaml?

#  external_url: !secret https
#  internal_url: !secret base_url

I commented it out, thinking it would maybe cause issues while starting the nginx proxy manager the first time

Most of them are installed but not used (yet).

Samba share (9.3.0), Duck DNS (1.12.5), Check Home Assistant configuration (3.6.0), Node-RED (8.1.3), TasmoAdmin (0.14.0), Visual Studio Code (3.1.1), AdGuard Home (4.0.0), File editor (5.2.0), Git pull (7.12), InfluxDB (4.0.3), Grafana (6.1.3), WireGuard (0.5.0), ESPHome (1.16.2), Home Assistant Google Drive Backup (0.103.1), Bitwarden RS (0.8.0), SSH & Web Terminal (8.0.4), Grocy (0.11.1), Matrix (0.10.0), room-assistant (2.15.0), FTP (4.0.1), Let’s Encrypt (4.11.0), ADB - Android Debug Bridge (0.7.0), SQLite Web (3.0.1), Dnsmasq (1.4.4), motionEye (0.11.1), Mosquitto broker (5.1.1), MariaDB (2.2.2), Nginx Proxy Manager (0.10.0)

up and running:

Samba share (9.3.0), Duck DNS (1.12.5), TasmoAdmin (0.14.0), Visual Studio Code (3.1.1), AdGuard Home (4.0.0), ESPHome (1.16.2), Home Assistant Google Drive Backup (0.103.1), SSH & Web Terminal (8.0.4), ADB - Android Debug Bridge (0.7.0), Mosquitto broker (5.1.1), MariaDB (2.2.2)

What about the http: section?

You could track it down by simply browsing to your installation ip in https (https://your.home-assistant.ip) or typing “netstat -lptn” in console (requires root).

seems maybe one of your addons is using 443 already. might be adguard?

adguard is a dns server. I’d add my bet on TasmoAdmin https enabled.

that’s true, but even pi hole is listening on 443. so maybe adguard as well

pi-hole has admin interface on that port. it could be basicly any addon within external, web-based configuration interface.

maybe stop all addons and start ngnix to see if it will start.
after that start the other addons one by one

1 Like

Hi everyone,

thanks for replying to my issue - sorry for the delay - normal work day here.

I did what @deluxestyle suggested and stopped every add on and then restarted piece by piece. And you were also right: it was Adguard causing this trouble.
So now I can get nginx proxy manager up and running. Thanks again.

Hopefully I find a way to use both addons NPM and AG. Anything you guys would point out what I should be looking for/at or take care of to get it running simultaneously or should it be easy after configurating NPM?

Cheers and thx again!

I don’t use Adguard. but it might be that you can change the port in the config

change the port and proxy it through the proxy manager :+1:

1 Like

Thanks for your suggestion @bug . But how do I change the port of Adguard? :grimacing:

Do I find these under DNS settings or encryption settings? And do I understand you right, that I would e.g. change adguards port to e.g. 5, then register e.g. and then redirect to the IP and port of Adguard? Then I simply fill this new ip+port into my router settings?

Another thought: I would like to use encryption with Adguard. Normally I just pointed to the location of my ertificate which was /ssl/fullchain.pem but now the nginx proxy manager files the ssl certificate over lets encrypt and force every connection to use https. So where is my key and certificate located now? As I was trying to use my old settings in AdGuard in the encryption settings, it says Status: Certificate chain is invalid so the files must have changed their location

You could move the adguard to some high port (ex 8080). In normal use case, as the nginx and adguard ar running on same host, you don’t necessarily need encryption between (it is also possible but one more configuration step).

Do the following:
once adguard is on another port (let’s say 8080), make proxy manager to proxy the traffic to http://localhost:8080 and configure encryption to proxy manager (so browser to proxy is encrypted, proxy to adguard is not but in most cases it doesn’t matter as the traffic goes in localhost only).

you can use subdomains and possibly path’s to separate different endoints at proxy.