Bare metal / VM install instructions - not the entire world is docker

[netchild]

Is your feature request related to a problem? Please describe.

The world is not docker. There are use cases for it, but there are a lot of uses cases where docker is not the best solution. Just providing install instructions for docker leaves out those situations where something else than docker is required / needed / decided upon / forced, nginx runs on a lot of platforms, not only on docker. There may be unsupported architectures in use (risc-v, cheri, powerpc, ...), there may be unsupported OS in use (*BSDs), there may be a requirement that it runs in a VM (no matter if because of policy, security reasons, or whatever), and so on... where your project would run simply fine. It also prevents an OS specific package management to pickup your project as an easy package install. There may also be a security requirement that the software bill of materials is easily inspectable and that open source stuff has to be manually fixable independently from the original developer, that no pre-build image from an unknown source is allowed to be installed.

The dockerfile is not an install instruction. You are locking yourself into a niche instead of opening yourself to the entire open source ecosystem.

Describe the solution you'd like

Provide bare metal install instructions (list of requirements, initial config, where to install what from your repo).

[B0F1B0]

Hi netchild,

if you have Proxmox, you can easy install NPM - Nginx Proxy Manager in an LXC Container with the [Proxmox VE Helpder-Scripts](https://community-scripts.github.io/ProxmoxVE/scripts?id=nginxproxymanager).

Default settings:
OS: Debian 12
CPU: 2vCPU
RAM: 1GB
HDD: 4GB

The Proxmox VE Helper script executes this script, among others.

I have adapted this script that the following script will do perform a "bare metal" installation (Version 2.12.3).
Since I am currently still on version 2.11.3 and would like to upgrade to 2.12.XXX, but version 2.12.3 (latest) is not working properly for me (streams not working), I also added version 2.12.0 till 2.12.2 as a comment in the script.

Search for Keyword: ######LATETEST RELEASE there you can comment out/in the necessary Version.

#!/usr/bin/env bash


echo "Installing Dependencies"
apt-get update
apt-get -y install \
  sudo \
  mc \
  curl \
  gnupg \
  make \
  gcc \
  g++ \
  ca-certificates \
  apache2-utils \
  logrotate \
  build-essential \
  git
echo "Installed Dependencies"

echo "Installing Python Dependencies"
apt-get install -y \
  python3 \
  python3-dev \
  python3-pip \
  python3-venv \
  python3-cffi \
  python3-certbot \
  python3-certbot-dns-cloudflare
rm -rf /usr/lib/python3.*/EXTERNALLY-MANAGED
pip3 install certbot-dns-multi
python3 -m venv /opt/certbot/
echo "Installed Python Dependencies"

VERSION="$(awk -F'=' '/^VERSION_CODENAME=/{ print $NF }' /etc/os-release)"

echo "Installing Openresty"
wget -qO - https://openresty.org/package/pubkey.gpg | gpg --dearmor -o /etc/apt/trusted.gpg.d/openresty-archive-keyring.gpg
echo -e "deb http://openresty.org/package/debian bullseye openresty" >/etc/apt/sources.list.d/openresty.list
apt-get update
apt-get -y install openresty
echo "Installed Openresty"

echo "Installing Node.js"
bash <(curl -fsSL https://raw.githubusercontent.com/nvm-sh/nvm/v0.39.7/install.sh)
source ~/.bashrc
nvm install 16.20.2
ln -sf /root/.nvm/versions/node/v16.20.2/bin/node /usr/bin/node
echo "Installed Node.js"

echo "Installing pnpm"
npm install -g [email protected]
echo "Installed pnpm"

######LATETEST RELEASE
RELEASE=$(curl -s https://api.github.com/repos/NginxProxyManager/nginx-proxy-manager/releases/latest |
  grep "tag_name" |
  awk '{print substr($2, 3, length($2)-4) }')

wget -q https://codeload.github.com/NginxProxyManager/nginx-proxy-manager/tar.gz/v${RELEASE} -O - | tar -xz

#RELEASE=2.12.2
##wget -q https://codeload.github.com/NginxProxyManager/nginx-proxy-manager/tar.gz/v${RELEASE} -O - | tar -xz
#RELEASE=2.12.1
##wget -q https://codeload.github.com/NginxProxyManager/nginx-proxy-manager/tar.gz/v${RELEASE} -O - | tar -xz
#RELEASE=2.12.0
##wget -q https://codeload.github.com/NginxProxyManager/nginx-proxy-manager/tar.gz/v${RELEASE} -O - | tar -xz


cd ./nginx-proxy-manager-${RELEASE}
echo "Downloaded Nginx Proxy Manager v${RELEASE}"

echo "Setting up Environment"
ln -sf /usr/bin/python3 /usr/bin/python
ln -sf /usr/bin/certbot /opt/certbot/bin/certbot
ln -sf /usr/local/openresty/nginx/sbin/nginx /usr/sbin/nginx
ln -sf /usr/local/openresty/nginx/ /etc/nginx

sed -i "s|\"version\": \"0.0.0\"|\"version\": \"$RELEASE\"|" backend/package.json
sed -i "s|\"version\": \"0.0.0\"|\"version\": \"$RELEASE\"|" frontend/package.json

#sed -i 's|"fork-me": ".*"|"fork-me": "Proxmox VE Helper-Scripts"|' frontend/js/i18n/messages.json
#sed -i "s|https://github.com.*source=nginx-proxy-manager|https://helper-scripts.com|g" frontend/js/app/ui/footer/main.ejs
sed -i 's+^daemon+#daemon+g' docker/rootfs/etc/nginx/nginx.conf
NGINX_CONFS=$(find "$(pwd)" -type f -name "*.conf")
for NGINX_CONF in $NGINX_CONFS; do
  sed -i 's+include conf.d+include /etc/nginx/conf.d+g' "$NGINX_CONF"
done

mkdir -p /var/www/html /etc/nginx/logs
cp -r docker/rootfs/var/www/html/* /var/www/html/
cp -r docker/rootfs/etc/nginx/* /etc/nginx/
cp docker/rootfs/etc/letsencrypt.ini /etc/letsencrypt.ini
cp docker/rootfs/etc/logrotate.d/nginx-proxy-manager /etc/logrotate.d/nginx-proxy-manager
ln -sf /etc/nginx/nginx.conf /etc/nginx/conf/nginx.conf
rm -f /etc/nginx/conf.d/dev.conf

mkdir -p /tmp/nginx/body \
  /run/nginx \
  /data/nginx \
  /data/custom_ssl \
  /data/logs \
  /data/access \
  /data/nginx/default_host \
  /data/nginx/default_www \
  /data/nginx/proxy_host \
  /data/nginx/redirection_host \
  /data/nginx/stream \
  /data/nginx/dead_host \
  /data/nginx/temp \
  /var/lib/nginx/cache/public \
  /var/lib/nginx/cache/private \
  /var/cache/nginx/proxy_temp

chmod -R 777 /var/cache/nginx
chown root /tmp/nginx

echo resolver "$(awk 'BEGIN{ORS=" "} $1=="nameserver" {print ($2 ~ ":")? "["$2"]": $2}' /etc/resolv.conf);" >/etc/nginx/conf.d/include/resolvers.conf

if [ ! -f /data/nginx/dummycert.pem ] || [ ! -f /data/nginx/dummykey.pem ]; then
  openssl req -new -newkey rsa:2048 -days 3650 -nodes -x509 -subj "/O=Nginx Proxy Manager/OU=Dummy Certificate/CN=localhost" -keyout /data/nginx/dummykey.pem -out /data/nginx/dummycert.pem &>/dev/null
fi

mkdir -p /app/global /app/frontend/images
cp -r backend/* /app
cp -r global/* /app/global
echo "Set up Enviroment"

echo "Building Frontend"
cd ./frontend
pnpm install
pnpm upgrade
pnpm run build
cp -r dist/* /app/frontend
cp -r app-images/* /app/frontend/images
echo "Built Frontend"

echo "Initializing Backend"
rm -rf /app/config/default.json
if [ ! -f /app/config/production.json ]; then
  cat <<'EOF' >/app/config/production.json
{
  "database": {
    "engine": "knex-native",
    "knex": {
      "client": "sqlite3",
      "connection": {
        "filename": "/data/database.sqlite"
      }
    }
  }
}
EOF
fi
cd /app
pnpm install
echo "Initialized Backend"

echo "Creating Service"
cat <<'EOF' >/lib/systemd/system/npm.service
[Unit]
Description=Nginx Proxy Manager
After=network.target
Wants=openresty.service

[Service]
Type=simple
Environment=NODE_ENV=production
ExecStartPre=-mkdir -p /tmp/nginx/body /data/letsencrypt-acme-challenge
ExecStart=/usr/bin/node index.js --abort_on_uncaught_exception --max_old_space_size=250
WorkingDirectory=/app
Restart=on-failure

[Install]
WantedBy=multi-user.target
EOF
echo "Created Service"

#??motd_ssh
#??customize

echo "Starting Services"
sed -i 's/user npm/user root/g; s/^pid/#pid/g' /usr/local/openresty/nginx/conf/nginx.conf
sed -r -i 's/^([[:space:]]*)su npm npm/\1#su npm npm/g;' /etc/logrotate.d/nginx-proxy-manager
sed -i 's/include-system-site-packages = false/include-system-site-packages = true/g' /opt/certbot/pyvenv.cfg
systemctl enable -q --now openresty
systemctl enable -q --now npm
echo "Started Services"

echo "Cleaning up"
rm -rf ../nginx-proxy-manager-*
systemctl restart openresty
apt-get -y autoremove
apt-get -y autoclean
echo "Cleaned"
echo "FINISH"

echo ""
echo ""

IP=$(ip -4 addr show eth0 | grep -oP '(?<=inet\s)\d+(\.\d+){3}')
PORT=81
echo "Open $IP:$PORT"
echo "Username: [email protected]"
echo "Password: changeme"

__--There we have the salad --__ 🤗

[mokhos]

Hi @B0F1B0,
may I ask if your setup works at all?

I'm using the latest version of NPM through the PVE Helper Scripts. But the proxy hosts are not working with my custom-ssl.
I even tried it without SSL, but the hosts are being redirects to https for some unknown reason and I get some ssl invalid end of file error.
I'm confused. I checked my configuration several times but I don't know if the problem is with the npm or not.

[B0F1B0]

Hi @B0F1B0, may I ask if your setup works at all?

I'm using the latest version of NPM through the PVE Helper Scripts. But the proxy hosts are not working with my custom-ssl. I even tried it without SSL, but the hosts are being redirects to https for some unknown reason and I get some ssl invalid end of file error. I'm confused. I checked my configuration several times but I don't know if the problem is with the npm or not.

Hi @mokhos

The latest PVE Helper Scripts install Version 2.12.3 and with that, i had no trouble with proxy-host and Let's Encrypt Certificates.
I did not use any custom ssl.
I had trouble with streams, so at the moment i am testing 2.12.2. There i had no trouble at the moment.

i even testet 2.12.3 without SSL-Certificates and it also worked, but only with firefox, because brave allways wants https.