Don’t forget to forward ports 80 and 443 to the IP of the machine your Nginx Proxy Manager is on. Do this in your router or gateway. Find the IP by opening a terminal and type “ifconfig”. If that doesn’t work install net tools by typing “sudo apt install net-tools” then run the ifconfig command again. You can also use the ip addr command.

You just earned a sub for the ONE detail you included that no one else has mentioned: turning off the Cloudflare proxy temporarily until after adding the SSL!! I've been struggling with this for literally weeks. That one little thing suddenly made my setup work...thank you so much!

A million thumbs up, this is the 5th tutorial I've watched on setting up NGINX, the first one I got to work And I only needed to watch a single time,

3 month ago I tried to setup cloudflare but without success, now I get why. Thanks a lot I will try again with your tutorial in mind !

I know its been a couple of years now but thanks a ton for this video! I was so lost trying to complete setup and I was constantly making things more complicated than they needed to be. I gave it an honest try but your video did the job, thank you.

Thank you much! I followed your video today and got my Plex server online now! Most of my time has been spend on "Don’t forget to forward ports 80 and 443 to the IP of the machine your Nginx Proxy Manager is on. " I wish that I read the description before watching the video! LOL! Anyway, great video and please keep going!!!

Wasted almost 12hours in getting around this hack. You are a life saver. The port mappings were tricky for me. I went around almost all options except what you demonstrated. Cheers! 👌👌🤞🤞

Not going to lie, im trying to learn some stuff before I start tinkering on my machine and this video is by far the most comprehensive of all of the ones i saw

This was a super helpful and simple guide. I did an experiment where I booted up the NPM docker on an Unbuntu VM running on my Synology NAS' virtual machine manager and then passed traffic to an OwnCloud docker running on the Synology as well. The VM got its own IP (similar to how it would work with Proxmox) and I did not experience any collisions with the Synology port 80 and 443 issue. The only thing I ran into with that configuration was that the Owncloud docker image did not have SSL configured so I used cloudflare's SSL instead. Seems to work and the cert is valid.

9:32 omg 😳 these are the little things people fail to tell the tale of on why. Thank you extremely helpful.

Hey thanks! I broke a lot doing this tutorial, I learned how to fix more stuff and I got the original thing done using this tutorial lol! Thanks for the quality vid!!

you may not have a ton of subscribers yet but with the way you present you will. thanks for the great video

Thank you for sharing your time and expertise with us. Your delivery was clear and precise. No apology necessary. Much appreciated.

Great video, thanks. I would suggest you zoom webpages as much as you can so future "tutorials" like this are watchable on smaller screens or smaller windows so we can follow steps while watching

I loved this! Thank you! I am getting a 502 error but that means it is my set up officially this video helped me troubleshoot a lot, thank you.

Great Explanation! New to home lab and just stumbled across your channel. Bummed to see that you are not creating many new videos.

Finally someone who explains it correctly for a starter. Great video !

Great walktrough! Have you considered making more of these videos and have a deeper look into the rest of the settings in both cloudflare and NPM?

Great Video. While recording use a lower resolution setting for your screen or you will need to edit and focus on smaller windows so we can read properly. Thanks keep it up. Subscribed.

Thanks this is awesome! I wish I knew about Nginx Proxy Manager before. using that will make managing all my proxy servers so much easier vs manually editing each one.

Thanks for answering my last question and thanks for this whole video on the subject. Love the channel and content. Going with a RPI to try this out 🤙🏽

Really loving your content! Very well explained. Keep up the great content and I’ll keep smashing that like button!

Well. thanks to you i now have subdomains setup and working beautifully, thankyou for the amazing tutorial!

Nice video, thanks. So you mentioned that I need for turn off proxy in cloud flare before setting up the cert in nginx proxy manager. I’ve not done this and it seems to work fine. every once in a while I’ll get an error in nginx advising of an internal error when adding the cert but i try it again and it works fine. I didn’t know that they proxy should be off, what is the impact of of having proxy on when creating cloudflare entry?

Thank you for your kind explaination! I got it finally!

thanks for making a video for the rest of us!

This was a great and quick video. Exactly what I wanted to know!

Hello there. That tutorial is extremely clear and staightforward ! Thanks to you I was able to get the certificate ! Unfortunately, I still can't access my NAS (Nextcloud) and I'm probably still missing something but can't figure out what...

❤️❤️❤️ respect Sir it was awesome and full of knowledge...

How were you able to configure your sites with access lists to read your actual ip and not the proxied ip that cloudflare has you connecting as? When I put an access list on a site that only allows my public ip, I am still unable to access the site because of the cloudflare proxy making my ip appear as one of cloudflares many ips. I guess I am also asking if you proxy the sites which you have an access list on. How are you getting nginx pm to recognize your IP when you try to connect to your site behind cloudflare proxies?

this video introduces me to nginx proxy manager :-) thank you

Awesome tutorial! keep up the amazing work!

Thanks for your effort. Can I substitute truenas for snology nas in this case ?

Hi thanks for the video, but a couple of questions arose: - If you request a lets encrypt cert with npm and turn on the proxy mode afterwards on cloudflare, will the automatic cert renew work properly? - After enabling the proxy mode and visiting the domain for which you created an A record, which certificate is used the cloudflare one or the lets encrypt one? If the cloudflare one is used anyway (due to proxyied mode) why bother with lets encrypt?

Very good tutorial, nice work

Interesting vid - why the added complexity of Cloudflare and Docker though? Why not just install direct on the Linux box?

Thank you so much this helped!

Great video! I ran into the same problem with the Cloudflare proxy needing to be disabled for the certs to get provisioned. One question though, does the enabling of proxy in Cloudflare DNS prevent the certs from being renewed? Any feedback will be appreciated :)

It was really great sir 👍🏻

I used this guide to loosely finish up my Jellyfin install, but when I try to connect via a subdomain, I get a 504 error (gateway time-out). I had no A recoed for www, but I've added it. Should the content be my public IP? Any help would be appreciated.

Heya, about Synology: while you're right that :80 and :443 are reserved on the Synology and a real hassle to change, if you're behind a ISP router, you can just redirect :80 and :443 on your router to something else. And run NPM in docker on your Synology. About snapshots: that's also possible on your Synology with snapshot replication. Just target your \volume1\docker folder and restore if needed.

Thanks, this was super helpful!

I was curious to know which distribution you use on the desktop.

6:04 not working. error all over the place. there is a very importand step missing.

What if I wanted to change the ports from 5:39 AFTER it's already been configured? I can't seem to find the .conf file within docker.

Thank you , this is a life saver

Very clear thanks! a lot! one question can you use the nginx proxy manger as an load balancer or?

thanks, helped figure out the issue why nginx proxy manager was not getting SSL cert behind cloudflare!

Nice video. Not sure about the super simple bit, though. Thanks!

Great tutorials. I'm trying to following your NPM video, however I need to get docker running on a Ubuntu server. I'm using Proxmox and trying to place docker in LXC running Ubuntu. I'm getting all sorts of error that docker-ce has failed to load. I followed other videos that say it should work but I can't seem to get it working. I tried 20.4 and 18.04 and get the same error. Should I hang up trying to use the LXC and attempt the setup in Proxmox VM? Thanks for these tutorials they are helping me slowly get my Homelab up and running.

Great vid thanks for doing this

This stuff hurts my brain so much. So, does cloudflare work hand in hand with the ssl cert you get from letsencrypt? I assume there are now 2 certs? one for cloudfare and one for nginx?

I couldn't find the written guide.. It looks like you migrated to "noted" did you omit this one for a reason, or will it show back up in the future?

Could you use a free hostname from No-IP as a home domain instead, with Cloudflare?

So what is the "DDNS route" that you mentioned at 9:25?

When attempting to make the SSL cert at the 11minute mark I keep getting an error saying it is already in use????? Where did I go wrong?

Can you highlight specific benefits from using NGINX proxy manager via docker vs using the built-in DSM Proxy management if any? I do like the GUI of the NGINX proxy panel but I'd also like to avoid installation bloat in case it's not needed. Thanks :-)

I just found your video, Thank you I was always missing the whole "how to setup external domain". My question is once I set this up can I use this internally as well? So Pihole(Local DNS provider) would direct traffic to cloudflare DNS which would give my ISP's IP and back inside my network. I guess I could just try it and see if it works.

With nginx proxy manager you can even have it connect to your cloudflare account to create dns records for you so you dont have to do both manually.

it's also a good advice to run a fail2ban docker container which allows cloudflare to block rouge like IP's for enhanced protection of your services

Honestly super detailed video and incredibly helpful sadly I can't make a ssl certifcate for whatever reason but still great video

Everything was going great except I get an "Internal Error" in NGINX when trying to save with a Let's Encrypt certificate. Any ideas?

Thanks for the video it's extremely helpful and I was able to get my setup working. I'm rather new to web security so I don't quite understand why it's necessary to have Let'sEncrypt and cloudflare both supplying certificate security. Couldn't Cloudflare do it alone? or couldn't Let'sEncrypt do it alone? Still wrapping my head around the role each component plays. In any case I appreciate the video!

Would be possible to give your hdd a new identity (virtualise it) and use it from outside (proxmox/docker)?

Very informative video. If you could zoom in on the content a little bit that would be perfect.

Thank you so much for your mentioning at 9:52 why my Proxy manager SSL cert assigning wouldn't work. It could not see the wan IP because of Cloudflare proxy ... man I feel dumb

Thanks for the guide :) Do I need to enter in cloudflare DNS management the external IP address of the synology, or the local address of the nas?

@13:20 - this "Proxied" mode, does it work when you need to renew your certificates ???

Very helpful!

So how do I forward different machines from my router to nginx? Do I just setup a portforward of 80 and 443 for each IP of all the machines I want exposed? That's hella confusing

Awesome guide! do you know how we could switch from using Mysql to Mongo DB or Couch DB NoSQL data base?

Problem i found with cloudflare after following all the steps and it all worked perfectly but cloudflare has kind of a limit 100mb so if u login to the synology nas on synology photos it'll login but if you try to upload a videos thats bigger than 100mb u'll get an error and it wont upload I've followed same steps using wix domain i have and mobile upload worked again

Why not CNAME ? You added as A what's different?

how about using the CF cert for your domain when you do NOT want to expose anything to the internet? I just want trusted certs on all my internal devices and not rely on self signed. I tried to generate an origin cert and upload to NPM, and using a private IP DNS record. Workflow wise this works, but my browser doesn't like it, I probably messed something up. Is there any way to accomplish this (I'm not even a fan of the tunnel option for just myself), without having to setup my whole CA in house?

That music is enjoying ^^

hello, i tried, follow all the step but it does'nt work. Always a 522 error. Don't understand why.

Hello, will this option work when my ISP assigns multiple users to one IP?

nginx proxy manager vs traefik Which do you prefer or is better? I heard that traefik can easily and seamlessly tie into a k8's cluster.

Just FYI you can do the cert in NGINX proxy manager with CloudFlare proxy enabled.

so I'm running nginx on a home assistant VM in proxmox, but when I go to the subdomains I create it just takes me to the login page of nginx, any suggestions?

I keep getting a 502 error. I am hosting this docker container on the same system that i am trying to proxy. Would that cause an issue?

9:08 So what do I do if I'm behind carrier-grade NAT? (the IP my ISP tells me I have is different from the one the rest of the internet actually sees)

is there a link to the text that needs to be copied? And where to copy it?

is it possible to do this senario using linode vps brother !?

doesn't enabling the cloudflare proxy again on the A record make it impossible for the acme client to renew your ssl certificate?

No matter how many times I do this, as soon as I turn on Proxy it stops working?

under "Improve security"i only have "Automatic HTTPS Rewrites" i have no options to set to full. Or is it the same thing? :)

i kept getting 502 Bad Gateway on my vps .. try to forward docker container

Great video! I followed along and everything seems to function, as in pages load. I was able to get the SSL cert to generate, cloudflare set to full and my A record is set to proxied. I chose to expose Seafile. I still get the "Your connection to this site isn't fully secure" error. Any suggestions?

Another question I'm getting internal error with NPM when requesting a cert from LetsinEncrypt. Do I need to open ports on my home router?

What is the difference between your nginx and the standard nginx container?

You quickly mentioned that you used a VM in Proxmox. Is there any reason why you didn't use a Ubuntu container? I am trying to avoid the overhead of a VM because my system resources are limited and I use my Proxmox for many other services. For some reason I cannot get NPM to work in a container. If you could share some light on this, maybe a VM would be the only way to go.

I am subscribed to you. Can you increase your font size of the text on the website you are displaying in your future videos. Hit the control button then click the plus sign on your keyboard to increase the font size. Thanks.

Hey! Just tried this, but when i connect the orange proxy in Cloudflare, this stops working. I opened the 80,443 ports, and the 2000 port thats redirecting to my service. dont know where it might went wrong. Any help?

I've found Cloudlared Argo Tunnels to be an effective way of exposing services.

So I cant use a proxied cloudflare record?

Came here because my ssl certificate was failing, who knew you had to temporally toggle the proxy status to make it work.

why NginX Proxy Manager works with apps in docker (in same docker where is npm)? with other servers still i need to put ports with domain name? (servers are other VMs with diffrent ip address) can You explain me that? what im doing wrong?

after adding the domain to cloudflare in this way and redirecting the service via ngiex proxy manager, I keep getting error Origin is unreachable Error code 523 I will add that the domain is correctly redirected to cloudflare servers thunk you help:)

I've been trying to get dsm working behind npm for a few days and no success, every time i get error 502, however for anything but dsm it works great. Does anyone have any idea what the problem might be?