3

I have set up an nginx reverse proxy on an Ubuntu 22.04 server and I have successfully obtained ssl certificate from lets encrypt. The two keys are stored here:

/etc/letsencrypt/live/test.ddns.net/fullchain.pem;
/etc/letsencrypt/live/test.ddns.net/privkey.pem

and in my default nginx config I have two paths helloworld and portainer. Both paths redirects to docker containers.

server {
    listen 80;
    listen [::]:80;
    server_name test.ddns.net;
    return 301 https://$host$request_uri;
}
server {
    listen 443 ssl;
    listen [::]:443 ssl;
    server_name test.ddns.net;
    ssl_certificate /etc/letsencrypt/live/test.ddns.net/fullchain.pem;
    ssl_certificate_key /etc/letsencrypt/live/test.ddns.net/privkey.pem;

location /helloworld {
    proxy_pass http://localhost:32768;
}

location /portainer {
    proxy_pass http://localhost:9000;
}

The helloworld path works as expected and loads an html page with https protocol (so my ngnix config is correct). But portainer path not. I tried port 9000, port 8000, port 9443. Non of them worked. I get 404 error, or request sent via http while expected https, or other errors. Does anyone by chance has the same setup and is able to help me?

Thanks.

George Wright
  • 33

1 Answers1

5
Regarding the ports you mentioned trying:

  • Port 8000 is used by Portainer Edge Agent to remotely manage and interact with edge devices and their services. Since you haven't mentioned anything about edge computing, this port is not necessary for your use case.

  • Port 9000 was used to establish a connection to the Portainer web UI, but is now only available for legacy reasons and it is highly recommended to avoid using it.

  • Portainer added support for https in mid-2021, making port 9443 the recommended option for secure connections to the Portainer web UI. Therefore, that's the one you should use.

Regarding your Nginx configuration:

You were close enough, but in order for Portainer to work on a subpath (like the one you want), you should add a trailing slash to both location and proxy_pass fields, as shown below:

location /portainer/ {
     proxy_pass https://localhost:9443/;
}

After you restart Nginx using the command sudo systemctl restart nginx, the 404 error should be resolved.

Artur Meinild
  • 31,035
Andreas Violaris
  • 170