Effortless Virtualized Selfhosting With Nginx Proxy Manager
06 May 2023Several years ago I stopped running my own Debian/mdadm based fileserver and replaced it with a Synology 4-bay NAS (a 916+ to be precise). Synology offers a very convenient UI to manage the machine and a one-click mechanism to install additional applications (Plex, Docker, Mailserver, etc.). I already got a static IP address from my ISP, so exposing services and mapping domains to a machine in my LAN was easy.
I’m using Synology’s Virtual Machine Manager package with one virtual machine to host some smaller Ruby on Rails applications. Lately I’m running out on disk space on the NAS, which causes Synology to wind down the VM to prevent data loss. The apps are not essential, so no big deal, but still an inconvenience. This was one of the reasons why I decided to dust off my Raspberry Pi and brush up on my Docker knowledge.
While setting up Docker/Portainer/PiHole/etc. I stumbled over the Nginx Proxy Manager project and thought it would be the perfect tool to have a single point of entry for the 80/443 ports. I created a a container with Portainer and made sure the ports are properly mapped to the host. It is essential to make sure that none of the port mappings from container to host don’t conflict with other containers. In the advanced settings of my router I setup port forwarding for 80/443 to the Rasperry Pi.
Now the power of Nginx Proxy Manager really started to shine: With one click I could map a hostname to a local address and add a Let’s Encrypt certificate to it. No more messing with Certbot on the command line, adapting Nginx/Apache configs, etc. — what a relieve!
I created a Matomo container so I can have GDPR compliant tracking for this blog, mapped a subdomain to my public static IP address and configured the proxy. I repeated the same process for the existing apps on the Synology NAS.
For even more convenience I setup a local DNS record in PiHole, so I could access the apps in my LAN under the same domain names and encrypted.
Here is a sketch of how the final layout roughly looks like.
The next steps will be to dockerize my Rails apps and actually host them on the Pi and then phase out my old virtual machine on the NAS to make it a dumber file server.