Install Docker, Portainer & Nginx Proxy Manager

📝 Introduction

Setting up a robust and flexible server infrastructure doesn’t have to be complicated. Whether you’re hosting websites, managing containers, or organizing your network, a combination of Docker, Portainer, and Nginx Proxy Manager provides a powerful and user-friendly solution.

In this guide, we’ll walk you through the installation process step-by-step, using a Debian-based server. By the end, you’ll have a streamlined stack ready to handle containerized applications and manage reverse proxies with ease.

This tutorial is perfect for beginners exploring containerization or seasoned professionals seeking a quick reference. Let’s start!

⚙️ Requirements

• Debian or Ubuntu
• Terminal access (SSH)
• User with sudo privileges
• Static IP address
• Domain name

🚀 Before You Begin

Before proceeding, ensure your server is up to date. Run the following commands to update the package list and upgrade the system:

sudo apt update && sudo apt upgrade -y && sudo apt full-upgrade -y

🐋 Install Docker

Before installing Docker, you need to uninstall any conflicting packages. Your Linux distribution may provide unofficial Docker packages, which can conflict with the official packages. Remove these packages using:

for pkg in docker.io docker-doc docker-compose podman-docker containerd runc; do sudo apt-get remove $pkg -y; done

To install Docker, first set up its official repository:

# Add Docker's official GPG key:
sudo apt-get install -y ca-certificates curl
sudo install -m 0755 -d /etc/apt/keyrings
sudo curl -fsSL https://download.docker.com/linux/debian/gpg -o /etc/apt/keyrings/docker.asc
sudo chmod a+r /etc/apt/keyrings/docker.asc

# Add the Docker repository to Apt sources:
echo \
  "deb [arch=$(dpkg --print-architecture) signed-by=/etc/apt/keyrings/docker.asc] https://download.docker.com/linux/debian \
  $(. /etc/os-release && echo "$VERSION_CODENAME") stable" | \
  sudo tee /etc/apt/sources.list.d/docker.list > /dev/null

sudo apt-get update

Now, install Docker:

sudo apt install -y docker-ce docker-ce-cli containerd.io docker-buildx-plugin docker-compose-plugin

👤 Manage Docker as a Non-Root User

To avoid using sudo with Docker commands, create a docker group and add your user:

sudo groupadd docker
sudo usermod -aG docker $USER

Log out and log back in for the changes to take effect. Alternatively, use:

newgrp docker

🔑 Login to Docker

Log in to your Docker account to pull images:

docker login

Or, specify your credentials directly:

docker login -u <username>

If you have a Docker token, you can use it instead of your password.

🌐 Create a Docker Network

Create a network for the services to communicate:

docker network create nginx-proxy

🌍 Install Nginx Proxy Manager

Nginx Proxy Manager simplifies the process of managing reverse proxies, SSL certificates, and domains. Follow these steps:

docker run -d \
  --name=npm \
  --restart=always \
  -p 80:80 -p 81:81 -p 443:443 \
  --network nginx-proxy \
  -v npm_data:/data \
  -v npm_letsencrypt:/etc/letsencrypt \
  --network=nginx-proxy \
  jc21/nginx-proxy-manager:latest

🌐 Access Nginx Proxy Manager

Visit http://<server-ip>:81 in your browser to access the web UI. Use the default credentials:

• Username: admin@example.com
• Password: changeme

Update the credentials after logging in.

⚙️ Configure Proxy Host

Now that you have access to Nginx Proxy Manager, you can configure a proxy host. Go to Proxy -> Hosts -> Add Proxy Host

Fill in the details:

For each container added, the name will be configured in the Forward Host field, and the port will default to the container’s internal port, as no external port will be exposed for accessing the web interface.

If you already have an SSL certificate, you can upload it, or generate it from Nginx Proxy Manager.

Now that everything is set up, you can access Nginx Proxy Manager with the domain name you configured (https://npm.domain.tld).

🔒 Restricting Port Exposure

Now, we can un-expose the port 81 from the internet, only ports 80/443 should be exposed:

docker stop npm
docker rm npm

docker run -d \
  --name=npm \
  --restart=always \
  -p 80:80 -p 443:443 \
  --network nginx-proxy \
  -v npm_data:/data \
  -v npm_letsencrypt:/etc/letsencrypt \
  --network=nginx-proxy \
  jc21/nginx-proxy-manager:latest

At this point, Nginx Proxy Manager is only accessible from the internet through ports 443 (HTTPS), with port 81 no longer exposed.

📦 Install Portainer

Portainer provides a simple interface for managing Docker containers. Install it as follows:

docker volume create portainer_data

Run the Portainer container:

docker run -d \
  --name=portainer \
  --restart=always \
  --log-level=debug \
  --network nginx-proxy \
  -v /var/run/docker.sock:/var/run/docker.sock \
  -v portainer_data:/data \
  portainer/portainer-ce

Now, we just have to configure Portainer proxy host in Nginx Proxy Manager:

Visit https://portainer.domain.tld in your browser to access the Portainer interface.

Create your Portainer account and log in to the interface.

⚙️ Configure Portainer

After logging in, select Local and click Connect to manage the local Docker environment.

Docker has a pull rate limit for anonymous users, so you may need to log in to Docker Hub to pull images:

Go to Registry -> Add Registry -> Choose DockerHub and fill in your credentials.

🎉 Conclusion

Congratulations! You’ve successfully set up Docker, Portainer, and Nginx Proxy Manager on your server. This streamlined stack will make managing containerized applications and reverse proxies more efficient, secure, and user-friendly. You’re now ready to handle various web services with ease!

📚 Sources

• Docker Docs
• Portainer Docs
• NPM Docs

aefly

🌐 ʟɪᴠɪɴɢ ɪɴ ᴀ ᴠɪʀᴛᴜᴀʟ ᴡᴏʀʟᴅ.