Nginx Proxy Manager Is Not Receiving Local DNS Records from Pi-hole

I’m running DietPi with Pi-hole and Unbound, and recently moved my Nginx Proxy Manager from my NAS to a Docker container on the DietPi system for consolidation.

Previously, when Nginx was still on the NAS, I set Pi-hole’s local DNS records with FQDNs pointing to the NAS IP, and Nginx successfully reverse-proxied the requests. After moving Nginx to DietPi, setting local DNS records to the DietPi LAN IP or 127.0.0.1 doesn’t allow Nginx to catch and proxy requests.

What am I missing?

Edit: My nginx compose:

services:
  nginx-proxy-manager:
    image: jc21/nginx-proxy-manager:latest
    container_name: Nginx-Proxy-Manager
    healthcheck:
      test: timeout 10s bash -c ':> /dev/tcp/127.0.0.1/81' || exit 1
      interval: 10s
      timeout: 5s
      retries: 3
      start_period: 90s
    volumes:
      - /user/docker/npm/letsencrypt:/etc/letsencrypt:rw
      - /user/docker/npm/data:/data:rw
      - /user/docker/npm/config.json:/app/config/production.json
    environment:
      TZ: America/Seattle
      INITIAL_ADMIN_EMAIL: REDACTED
      INITIAL_ADMIN_PASSWORD: REDACTED
    ports:
      - 444:443     # HTTPS remapped from 443 to 444
      - 81:81       # NPM UI stays on 81
      - 8080:80     # HTTP remapped from 80 to 8080
    restart: on-failure:5

Maybe you can be more specific. Where exactly did you put what? Is it a DNS entry on the DietPi host itself or in the Docker container? And what exactly is not working now?

1 Like

Step 1: I installed docker/docker compose/portainer in dietpi-software

Step 2: I used the above docker compose in portainer to deploy nginx

Step 3: I went into the ‘local dns records’ tab in pihole to program my FQDN subdomains to forward to localhost since pihole and nginx are now both installed on diet alongside each other

Step 4: I went into nginx web interface and reverse proxied by subdomains to my services on my NAS

Result? Nothing. The Nginx service is not receiving the local dns records to be able to proxy them to their correct services.

I hope that’s more clear.

which IP address you entered? It needs to be the local network IP of your dietpi device and not localhost or 127.0.0.1

PiHole is not going to forward anything to NPM. It’s juts answering the DNS request of a network client. The network client will connect to NPM afterwards. Therefore, it would be the local network IP

1 Like

I just tried the LAN IP of the dietpi device, and it’s still not seeing the requests in Nginx.

do a nslookup on the network client side to see if it return the correct IP address of the device hosting NPM.

1 Like

Yes the server and address both show the correct values, however the port number under server says 53, and I’m not sure if that’s correct or not.

Pls be more specific, where do you see this?

What do you see where? You need to check this on a client like Windows PC or mobile phone.

1 Like

On my current debian desktop I executed nslookup of one of the domains programmed into piholes local dns records section.

The results it gives are for server and address values that it shows for the FQDN i queried.

The server value says the dietpi OS LAN IP address and address value is also the dietpi LAN IP, but it adds port 53 at the end of it.

pls can you share what you see?? I guess you misread the output.

1 Like

Edit: Typing that out keeps giving a 403 error on this discourse forum. Had to share it as a screenshot.

you could try using a code block :slight_smile:

root@DietPiProd:~# nslookup dietpi.com
Server:         9.9.9.9
Address:        9.9.9.9#53

Non-authoritative answer:
Name:   dietpi.com
Address: 188.114.96.3
Name:   dietpi.com
Address: 188.114.97.3
1 Like

Ah, the preformatted text usually works, but I’ll keep that in mind moving forward.

ok back to topic.

The first two lines, server and address are the information for the DNS server used. It has nothing to do with the domain you are looking for.

This information is provided below. After the name of the doamin you see the IP address provided by the DNS server. Ok this is pointing to your dietpi device as well. That’s good.

Next in line will be NPM. How did you setup your proxy host entry? For me I use IP address of the target like this

1 Like

When editing the proxy host, I use the LAN IP of the device and the service’s port number. I’m familiar with this from using Nginx on my NAS, but after switching Nginx to DietPi, it’s not receiving requests, and I’m unsure why.

Is your Nginx installed on your dietpi device via docker alongside pihole and unbound just like mine?

yes I use the very same setup.

where do you know this? What happen if you try to reach your FQDN on a browser?

1 Like


I see this for every FQDN I try.

can you share following from your DietPi device

ss -alnp | grep LISTEN
1 Like
user@DietPi:~$ ss -alnp | grep LISTEN
u_str LISTEN 0      0                                                                        /run/unbound.ctl 412                    * 0          
u_str LISTEN 0      0                                                 /run/systemd/journal/io.systemd.journal 1225                   * 0          
u_str LISTEN 0      0                                                                    /run/systemd/private 5310                   * 0          
u_str LISTEN 0      0                                              /run/systemd/userdb/io.systemd.DynamicUser 5312                   * 0          
u_str LISTEN 0      0                                                       /run/systemd/io.system.ManagedOOM 5313                   * 0          
u_str LISTEN 0      0                                                              /run/systemd/fsck.progress 5324                   * 0          
u_str LISTEN 0      0                                                             /run/systemd/journal/stdout 5333                   * 0          
u_str LISTEN 0      0                                                          /run/tailscale/tailscaled.sock 541162                 * 0          
u_str LISTEN 0      0                                                   /run/containerd/containerd.sock.ttrpc 1284672                * 0          
u_str LISTEN 0      0                                                         /run/containerd/containerd.sock 1284673                * 0          
u_str LISTEN 0      0                                                                        /run/docker.sock 1284759                * 0          
u_str LISTEN 0      0                                            /var/run/docker/libnetwork/fb110b87e9ac.sock 1286072                * 0          
u_str LISTEN 0      0                                                            /var/run/docker/metrics.sock 1287064                * 0          
u_str LISTEN 0      0      /run/containerd/s/a8d12d53380a046194be8223f20e7d1a3e086a9b025b639951dd692320822aa4 1287918                * 0          
u_str LISTEN 0      0      /run/containerd/s/854c3f3a1b2a9f80764b514da8ae2e3b16ec7b73e83a268ce9252db4dd5d6fda 1332621                * 0          
u_seq LISTEN 0      0                                                                       /run/udev/control 5335                   * 0          
tcp   LISTEN 0      1000                                                                              0.0.0.0:1987             0.0.0.0:*          
tcp   LISTEN 0      200                                                                               0.0.0.0:8089             0.0.0.0:*          
tcp   LISTEN 0      4096                                                                              0.0.0.0:8080             0.0.0.0:*          
tcp   LISTEN 0      256                                                                             127.0.0.1:5335             0.0.0.0:*          
tcp   LISTEN 0      4096                                                                              0.0.0.0:9002             0.0.0.0:*          
tcp   LISTEN 0      4096                                                                              0.0.0.0:81               0.0.0.0:*          
tcp   LISTEN 0      32                                                                                0.0.0.0:53               0.0.0.0:*          
tcp   LISTEN 0      4096                                                                        100.65.126.85:53222            0.0.0.0:*          
tcp   LISTEN 0      4096                                                                              0.0.0.0:444              0.0.0.0:*          
tcp   LISTEN 0      200                                                                               0.0.0.0:8489             0.0.0.0:*          
tcp   LISTEN 0      1000                                                                                 [::]:1987                [::]:*          
tcp   LISTEN 0      4096                                                                                 [::]:8080                [::]:*          
tcp   LISTEN 0      4096                                                                                 [::]:9002                [::]:*          
tcp   LISTEN 0      4096                                                          [fd7a:115c:a1e0::c301:7e55]:49702               [::]:*          
tcp   LISTEN 0      4096                                                                                 [::]:81                  [::]:*          
tcp   LISTEN 0      32                                                                                   [::]:53                  [::]:*          
tcp   LISTEN 0      4096                                                                                 [::]:444                 [::]:*          
mptcp LISTEN 0      4096                                                                        100.65.126.85:53222            0.0.0.0:*