Nginx Proxy Manager

Complete macOS Setup Guide with Free SSL

Powered by Grok AI 🤖

Important Prerequisites
  • Registered domain name (from Namecheap, Cloudflare, etc.)
  • Docker Desktop for macOS installed
  • Static local IP or DHCP reservation on your Mac
  • Router access for port forwarding

STEP 1 Create Project Folder

Open Terminal and create a dedicated folder for Nginx Proxy Manager:

mkdir ~/npm && cd ~/npm

STEP 2 Create docker-compose.yml

Create the configuration file:

nano docker-compose.yml

Add this content:

version: '3.8'
services:
  app:
    image: docker.io/jc21/nginx-proxy-manager:latest
    restart: unless-stopped
    ports:
      - '80:80'    # Public HTTP
      - '443:443'  # Public HTTPS
      - '81:81'     # Admin interface
    environment:
      TZ: "Australia/Melbourne"
    volumes:
      - ./data:/data
      - ./letsencrypt:/etc/letsencrypt

Save: Ctrl+O → Enter → Ctrl+X

STEP 3 Start Nginx Proxy Manager

Launch the container:

docker compose up -d

Wait 30-90 seconds for first-time setup (downloads ~400-500MB).

Verify it's running:

docker compose ps
Container should show as "Up"

STEP 4 Access Admin Interface

Open your browser and go to:

http://localhost:81

Default Login (first time):

  • Email: admin@example.com
  • Password: changeme

You'll be forced to change your password immediately.

After login, change admin email to your real email for Let's Encrypt notifications.

STEP 5 Point Domain to Your Public IP

Find your public IP:

https://ifconfig.me

In your domain registrar DNS settings:

  • Create an A record
  • Name: myservice (or @ for root)
  • Value: YOUR_PUBLIC_IP
  • TTL: 300 (lowest)

Wait for DNS propagation (1-60 minutes).

Verify with: https://dnschecker.org

STEP 6 Port Forwarding (Critical)

Log into your router (usually 192.168.1.1) and create two port forwarding rules:

External Port Internal IP Internal Port Protocol
80 YOUR_MAC_IP 80 TCP
443 YOUR_MAC_IP 443 TCP
Security: Only port 80/443 needed. Never expose port 81 to the internet!

STEP 7 Add Proxy Host + SSL

In NPM Dashboard:

  1. Go to Proxy Hosts → Add Proxy Host

Details Tab:

  • Domain Names: yourdomain.com
  • Scheme: http
  • Forward Hostname/IP: 192.168.1.x (local service IP)
  • Forward Port: 3000 (or your service port)

SSL Tab:

  • SSL Certificate: Request a new certificate
  • Force SSL: ✓
  • HTTP/2 Support: ✓
  • Agree to Let's Encrypt Terms: ✓

Click Save

NPM will request Let's Encrypt cert via HTTP (port 80). Green shield = success!

STEP 8 Test Your Setup

Open your browser and visit:

https://yourdomain.com

You should see:

  • ✅ Your local service
  • ✅ Valid padlock (Let's Encrypt SSL)
  • ✅ Auto-renews every 60-80 days

Troubleshooting Checklist

  • Certificate fails? Check: Port 80/443 forwarded correctly? DNS points to current public IP?
  • Dynamic IP? Use DuckDNS + DNS-01 challenge in NPM
  • Firewall? Turn off Mac firewall or allow Docker in System Settings → Network → Firewall
  • Hide admin UI? Change port 81 mapping or use access list + basic auth
 Back to Top