Vps, docker-compose and nginx proxy manager

1

Hi!
I use Nginx Proxy Manager
Created an address wg.blabla.com, directed it to the ip of my server.
My docker-compose.yml:

x-deploy: &default-deploy
  restart_policy:
    condition: unless-stopped
    delay: 5s
    window: 120s
  update_config:
    order: start-first

version: '3.7'

services:

  firezone:
    image: firezone/firezone
    container_name: firezone
    ports:
      - 51820:51820/udp
    env_file:
      - ${FZ_INSTALL_DIR:-.}/.env
    volumes:
      - ${FZ_INSTALL_DIR:-.}/firezone:/var/firezone
    cap_add:
      - NET_ADMIN
      - SYS_MODULE
    networks:
      default:
        ipv4_address: 172.5.0.250
    deploy:
      <<: *default-deploy

networks:
  default:
    external:
      name: application

Then - docker run --rm firezone/firezone bin/gen-env > .env
My .env (edited):

EXTERNAL_URL=https://wg.blabla.com
ADMIN_EMAIL=admin@blabla.com
DEFAULT_ADMIN_PASSWORD=8nMbAxEzuLCOOhert
GUARDIAN_SECRET_KEY=PBAgEesdGlvVmclpFChCxWqtLIwUUPi8Nl+goGAAXBhu3E61Nyhj75Rbf0eHVTNe
SECRET_KEY_BASE=pOleyR7hsDYaP/OmRPMtowAfaQ5AXN5F+NNHew+tPAdai7j8y/x4Ks+rWM2OFt9g
LIVE_VIEW_SIGNING_SALT=fX4TId/mjAUSVRPDBBXYf0crvqX9h003
COOKIE_SIGNING_SALT=VXfB+AKD
COOKIE_ENCRYPTION_SALT=ZddyQ6hl
DATABASE_ENCRYPTION_KEY=UYy+JpraNt/jTCbP+9UHrj2zeraP9pcJB13o+YkRz2A=
DATABASE_HOST=bla.bla.bla.bla
DATABASE_PORT=5090
DATABASE_USER=fedor
DATABASE_PASSWORD=blablabla
DATABASE_NAME=firezone
WIREGUARD_IPV6_ENABLED=false
WIREGUARD_IPV6_MASQUERADE=false
LOCAL_AUTH_ENABLED=true

Nginx Proxy Manager settings:

1
1493×531 28.4 KB

The certificate for the site was also installed in the settings Nginx Proxy Manager.

As a result, after entering the login-password -
Error signing in: invalid_credentials

Container log:

firezone   | 12:08:34.803 [info] Migrations already up
firezone   | 12:08:37.824 [info] Running FzHttpWeb.Endpoint with cowboy 2.9.0 at 0.0.0.0:13000 (http)
firezone   | 12:08:37.829 [info] Access FzHttpWeb.Endpoint at https://wg.blabla.com
firezone   | 12:09:01.367 request_id=FzQH_C6r9Mq29j0AAABD [info] GET /
firezone   | 12:09:02.316 request_id=FzQH_C6r9Mq29j0AAABD remote_ip=bla.bla.bla.bla [info] Sent 200 in 948ms
firezone   | 12:09:05.196 request_id=FzQH_RN4d8T0MyIAAABj [info] GET /auth/identity
firezone   | 12:09:05.250 request_id=FzQH_RN4d8T0MyIAAABj remote_ip=bla.bla.bla.bla [info] Sent 200 in 54ms
firezone   | 12:09:29.320 request_id=FzQIArFnRpH7nqcAAACD [info] POST /auth/identity/callback
firezone   | 12:09:29.946 request_id=FzQIArFnRpH7nqcAAACD remote_ip=bla.bla.bla.bla [info] Sent 200 in 625ms

Does not allow you to log in under any sauce.
Are there any instructions Firezone and Nginx Proxy Manager?

2

There are no answers yet. :slight_smile:
Okay. Then how can I change the port caddy from 443 to another?

3

I use HAProxy instead of NPM, and could only get it to work when I used TCP mode instead of HTTP(S) mode for the the tcp:443 traffic as per HTTPS via external (same network) HAProxy

4

Fixed it in the end. I’m surprised nobody pointed this - Wait about a minute for the services to boot, then create the first admin (docker compose exec firezone bin/create-or-reset-admin) - That I safely on haste did not see in the documentation.
Otherwise, this docker-compose.yml and nginxproxymanagers work.