How to Install Portainer for Docker Management with Nginx Proxy Manager on Ubuntu

Este post também está disponível em: Português (Portuguese (Brazil))

Portainer is an open source container management solution for Docker, Kubernetes and Nomad that makes it easy to start, build and run containers. Portainer provides a web-based control panel to manage containers, images, networks and volumes. It also includes a selection of templates (apps)

In this tutorial, we will install and configure the portainer on a Linux server with Ubuntu 20.04 lts and use it to create and manage docker containers to run different applications. Let’s still learn how to put the Portainer behind the NGINX Reverse Proxy Proxy Manager.

1- Set the firewall

Make sure the firewall is active and enable if necessary.

ufw status
ufw enable

Open ports 80, 443, 9443, 81, 22

ufw allow 80
ufw allow 443
ufw allow 9443
ufw allow 81
ufw allow 22

reload on firewall

ufw reload

2- Docker installation

apt install ca-certificates curl gnupg lsb-release
curl -fsSL https://download.docker.com/linux/ubuntu/gpg | sudo gpg --dearmor -o /usr/share/keyrings/docker-archive-keyring.gpg
echo "deb [arch=$(dpkg --print-architecture) signed-by=/usr/share/keyrings/docker-archive-keyring.gpg] https://download.docker.com/linux/ubuntu \
  $(lsb_release -cs) stable" | sudo tee /etc/apt/sources.list.d/docker.list > /dev/null
apt update
apt install docker-ce docker-ce-cli containerd.io -y

Enable the Docker service

systemctl start docker --now

3 – Install the docker compose

curl -L https://github.com/docker/compose/releases/download/v$(curl -Ls https://www.servercow.de/docker-compose/latest.php)/docker-compose-$(uname -s)-$(uname -m) > /usr/local/bin/docker-compose

Apply executable permission to the binary

chmod +x /usr/local/bin/docker-compose

3 – Portainer installation

Create a directory for the portainer and go to

mkdir ~/portainer
cd ~/portainer

Create the file below for Docker-Compose

nano docker-compose.yaml

Paste the code below in the file

version: "3.3"
services:
    portainer:
      image: portainer/portainer-ce:latest
      container_name: portainer
      restart: always
      privileged: true
      volumes:
        - ./data:/data:Z
        - /var/run/docker.sock:/var/run/docker.sock:Z
      ports:
        - 9443:9443

Save the file by pressing Ctrl + X and typing y when requested.

Start the portainer

docker-compose up -d

4 – Access and configure portainer

Open the URL https://<ip-your-server>:9443

You will see the following screen below. Create the Admin user, password and click “Create User”

You will be directed to the screen below. Click on the menu Home

In Home you will see “local” in which the portainer is being executed. Click local to start.

Most sections are self-explanatory. Stacks helps you build containers using Docker composite files. You can deploy containers directly using the Containers in the sidebar. You can configure the current docker environment through Hosts . App Templates come with pre-installed Docker compose files to install the most common apps. You can also create custom templates or use a list of external Templates such asTemplates App .

The Settings section allows you to configure various settings like add custom Docker registries, add multiple hosts for Docker swarm, configure user access, backup data, customize Portainer, Add new Template list.

5 – Portainer behind a reverse proxy using Nginx Proxy Manager

We will need a subdomain pointing to the server IP. Ex portainer.dominio.xx .Nginx Proxy Manager is a Docker application that provides a web management UI for configuring Nginx as a reverse proxy host. It can also be used as a redirect or a streaming host.

Install NPM
The first step is to create a network for the Nginx Proxy Manager (NPM). Open Networks and click the Add Network button to create a new network. Give it a name, keep the other fields unchanged.

Click on Create the Network

Click on Stacks and create a new Stack using the Add Stack button with name nginx-proxy-managernginx-proxy-manager. In Web Editor paste the code below:

version: "3.3"
services:
  npm-app:
    image: 'jc21/nginx-proxy-manager:latest'
    container_name: npm-app
    restart: unless-stopped
    ports:
      - '80:80' # Public HTTP Port
      - '443:443' # Public HTTPS Port
      - '81:81' # Admin Web Port
      # Add any other Stream port you want to expose
      # - '21:21' # FTP
    environment:
      DB_MYSQL_HOST: "npm-db"
      DB_MYSQL_PORT: 3306
      DB_MYSQL_USER: "npm"
      DB_MYSQL_PASSWORD: ${DB_MYSQL_PASSWORD}
      DB_MYSQL_NAME: "npm"
      # Uncomment the line below if IPv6 is not enabled on your host
      # DISABLE_IPV6: 'true'
    volumes:
      - ./npm-data:/data:Z
      - ./letsencrypt:/etc/letsencrypt:Z
    depends_on:
      - npm-db
    networks:
      - npm-network
      - npm-internal

  npm-db:
    image: 'mariadb:latest'
    container_name: npm-db
    restart: unless-stopped
    environment:
      MYSQL_ROOT_PASSWORD: ${MYSQL_ROOT_PASSWORD}
      MYSQL_DATABASE: 'npm'
      MYSQL_USER: 'npm'
      MYSQL_PASSWORD: ${DB_MYSQL_PASSWORD}
    volumes:
      - ./npm-data/mysql:/var/lib/mysql:Z
    networks:
      - npm-internal

networks:
  npm-internal:
  npm-network:
    external: true

Let’s add 2 variables in this Stack, one for mysql user and one for mysql root. Scroll down the page and click the “Add an environment variable” button 2 times.
The first field fill with DB_MYSQL_PASSWORD and the front in value , define a secure password.
The second field fill with MYSQL_ROOT_PASSWORD and the front in value, define a secure password.

Click Deploy the stack to create and start NPM Container.

Open URL http:// < serverip > :81
User: admin@example.com
Password: changeme

After logging in, change your username and password for your security.

In Nginx Proxy Manager

Visit Host >> Proxy Hosts and click the buttonAdd Proxy Host .
At this point we will use the subdomain pointing to the ip of the server.

Enter the domain name as portainer.yourdomain.com.
Choose the scheme as https.
Type the conteiner name as the forwarding host and 9443 as the forwarding port. Enable the Block Common Exploits and Websockets Support options.
Switch to SSL tab

In SSL Certificate change to “Request a new SSL Certificate”.
Enable Force SSL and HTTP/2 Support. In e-mail, enter your e-mail address.
Finally, enable I Agree to the Let’s Encrypt Terms of Service.
Click Save

We have configured the Proxy host, but the container is not yet connected to the NPM network.
Go back to the Portainer dashboard, visit the Containers and select the Portainer .

find the option Connected networks and in front of Join a network select npm-network. Click on the Join Network button

At this point you will be able to access the portainer with https://portainer.seudominio.com

Portainer possui muitos outros recursos que facilitam o trabalho com Docker, Kubernetes , Nomad com bastante documentação . Espero que tenha gostado desta iniciação.