I’m running DietPi with Pi-hole and Unbound, and recently moved my Nginx Proxy Manager from my NAS to a Docker container on the DietPi system for consolidation.
Previously, when Nginx was still on the NAS, I set Pi-hole’s local DNS records with FQDNs pointing to the NAS IP, and Nginx successfully reverse-proxied the requests. After moving Nginx to DietPi, setting local DNS records to the DietPi LAN IP or 127.0.0.1 doesn’t allow Nginx to catch and proxy requests.
What am I missing?
Edit: My nginx compose:
services:
nginx-proxy-manager:
image: jc21/nginx-proxy-manager:latest
container_name: Nginx-Proxy-Manager
healthcheck:
test: timeout 10s bash -c ':> /dev/tcp/127.0.0.1/81' || exit 1
interval: 10s
timeout: 5s
retries: 3
start_period: 90s
volumes:
- /user/docker/npm/letsencrypt:/etc/letsencrypt:rw
- /user/docker/npm/data:/data:rw
- /user/docker/npm/config.json:/app/config/production.json
environment:
TZ: America/Seattle
INITIAL_ADMIN_EMAIL: REDACTED
INITIAL_ADMIN_PASSWORD: REDACTED
ports:
- 444:443 # HTTPS remapped from 443 to 444
- 81:81 # NPM UI stays on 81
- 8080:80 # HTTP remapped from 80 to 8080
restart: on-failure:5
Maybe you can be more specific. Where exactly did you put what? Is it a DNS entry on the DietPi host itself or in the Docker container? And what exactly is not working now?
1 Like
Step 1: I installed docker/docker compose/portainer in dietpi-software
Step 2: I used the above docker compose in portainer to deploy nginx
Step 3: I went into the ‘local dns records’ tab in pihole to program my FQDN subdomains to forward to localhost since pihole and nginx are now both installed on diet alongside each other
Step 4: I went into nginx web interface and reverse proxied by subdomains to my services on my NAS
Result? Nothing. The Nginx service is not receiving the local dns records to be able to proxy them to their correct services.
I hope that’s more clear.
which IP address you entered? It needs to be the local network IP of your dietpi device and not localhost
or 127.0.0.1
PiHole is not going to forward anything to NPM. It’s juts answering the DNS request of a network client. The network client will connect to NPM afterwards. Therefore, it would be the local network IP
1 Like
I just tried the LAN IP of the dietpi device, and it’s still not seeing the requests in Nginx.
do a nslookup
on the network client side to see if it return the correct IP address of the device hosting NPM.
1 Like
Yes the server and address both show the correct values, however the port number under server says 53, and I’m not sure if that’s correct or not.
Pls be more specific, where do you see this?
What do you see where? You need to check this on a client like Windows PC or mobile phone.
1 Like
On my current debian desktop I executed nslookup of one of the domains programmed into piholes local dns records section.
The results it gives are for server and address values that it shows for the FQDN i queried.
The server value says the dietpi OS LAN IP address and address value is also the dietpi LAN IP, but it adds port 53 at the end of it.
pls can you share what you see?? I guess you misread the output.
1 Like
Edit: Typing that out keeps giving a 403 error on this discourse forum. Had to share it as a screenshot.
you could try using a code block 
root@DietPiProd:~# nslookup dietpi.com
Server: 9.9.9.9
Address: 9.9.9.9#53
Non-authoritative answer:
Name: dietpi.com
Address: 188.114.96.3
Name: dietpi.com
Address: 188.114.97.3
1 Like
Ah, the preformatted text usually works, but I’ll keep that in mind moving forward.
ok back to topic.
The first two lines, server
and address
are the information for the DNS server used. It has nothing to do with the domain you are looking for.
This information is provided below. After the name
of the doamin you see the IP address provided by the DNS server. Ok this is pointing to your dietpi device as well. That’s good.
Next in line will be NPM. How did you setup your proxy host
entry? For me I use IP address of the target like this
1 Like
When editing the proxy host, I use the LAN IP of the device and the service’s port number. I’m familiar with this from using Nginx on my NAS, but after switching Nginx to DietPi, it’s not receiving requests, and I’m unsure why.
Is your Nginx installed on your dietpi device via docker alongside pihole and unbound just like mine?
yes I use the very same setup.
where do you know this? What happen if you try to reach your FQDN on a browser?
1 Like
I see this for every FQDN I try.
can you share following from your DietPi device
ss -alnp | grep LISTEN
1 Like
user@DietPi:~$ ss -alnp | grep LISTEN
u_str LISTEN 0 0 /run/unbound.ctl 412 * 0
u_str LISTEN 0 0 /run/systemd/journal/io.systemd.journal 1225 * 0
u_str LISTEN 0 0 /run/systemd/private 5310 * 0
u_str LISTEN 0 0 /run/systemd/userdb/io.systemd.DynamicUser 5312 * 0
u_str LISTEN 0 0 /run/systemd/io.system.ManagedOOM 5313 * 0
u_str LISTEN 0 0 /run/systemd/fsck.progress 5324 * 0
u_str LISTEN 0 0 /run/systemd/journal/stdout 5333 * 0
u_str LISTEN 0 0 /run/tailscale/tailscaled.sock 541162 * 0
u_str LISTEN 0 0 /run/containerd/containerd.sock.ttrpc 1284672 * 0
u_str LISTEN 0 0 /run/containerd/containerd.sock 1284673 * 0
u_str LISTEN 0 0 /run/docker.sock 1284759 * 0
u_str LISTEN 0 0 /var/run/docker/libnetwork/fb110b87e9ac.sock 1286072 * 0
u_str LISTEN 0 0 /var/run/docker/metrics.sock 1287064 * 0
u_str LISTEN 0 0 /run/containerd/s/a8d12d53380a046194be8223f20e7d1a3e086a9b025b639951dd692320822aa4 1287918 * 0
u_str LISTEN 0 0 /run/containerd/s/854c3f3a1b2a9f80764b514da8ae2e3b16ec7b73e83a268ce9252db4dd5d6fda 1332621 * 0
u_seq LISTEN 0 0 /run/udev/control 5335 * 0
tcp LISTEN 0 1000 0.0.0.0:1987 0.0.0.0:*
tcp LISTEN 0 200 0.0.0.0:8089 0.0.0.0:*
tcp LISTEN 0 4096 0.0.0.0:8080 0.0.0.0:*
tcp LISTEN 0 256 127.0.0.1:5335 0.0.0.0:*
tcp LISTEN 0 4096 0.0.0.0:9002 0.0.0.0:*
tcp LISTEN 0 4096 0.0.0.0:81 0.0.0.0:*
tcp LISTEN 0 32 0.0.0.0:53 0.0.0.0:*
tcp LISTEN 0 4096 100.65.126.85:53222 0.0.0.0:*
tcp LISTEN 0 4096 0.0.0.0:444 0.0.0.0:*
tcp LISTEN 0 200 0.0.0.0:8489 0.0.0.0:*
tcp LISTEN 0 1000 [::]:1987 [::]:*
tcp LISTEN 0 4096 [::]:8080 [::]:*
tcp LISTEN 0 4096 [::]:9002 [::]:*
tcp LISTEN 0 4096 [fd7a:115c:a1e0::c301:7e55]:49702 [::]:*
tcp LISTEN 0 4096 [::]:81 [::]:*
tcp LISTEN 0 32 [::]:53 [::]:*
tcp LISTEN 0 4096 [::]:444 [::]:*
mptcp LISTEN 0 4096 100.65.126.85:53222 0.0.0.0:*