nginx_proxy_manager_behind_cloudflare

Differences

This shows you the differences between two versions of the page.

Link to this comparison view

Next revision		 Previous revision
nginx_proxy_manager_behind_cloudflare [07.03.2025 00:11] – created Pascal Suternginx_proxy_manager_behind_cloudflare [07.03.2025 00:59] (current) Pascal Suter
Line 19: Line 19:
   * now fix the client ip address, for this we need to tell to nginx proxy manager who can send X-Forwarded-For headers to provide real client ips.    * now fix the client ip address, for this we need to tell to nginx proxy manager who can send X-Forwarded-For headers to provide real client ips. 
  
-I have created a script to automatically write a include file, which can be included in the host configuration on nginx proxy manager under Advanced --> Custom Nginx Configuration. add <code></code> in the text field and make sure to adjust the path in the following script to point to the same location (note that the path in the custom config is what the path is inside your nginx proxy manager container, and in the update script it will be the path of the host server). +I have created a script to automatically write a include file, which can be included in the host configuration on nginx proxy manager under Advanced --> Custom Nginx Configuration. add <code>include /data/nginx/custom/cloudflare[.]conf;</code> in the text field and make sure to adjust the path in the following script to point to the same location (note that the path in the custom config is what the path is inside your nginx proxy manager container, and in the update script it will be the path of the host server). 
  
 here is the script that generates the include:  here is the script that generates the include: 
Line 45: Line 45:
 adjust the $liveconf path and the name of the nginx proxy manager app for docker-compose to reload "nxapp" in my example. if  you are not using docker-compose, use some other method to run the reload command in your docker container here.  adjust the $liveconf path and the name of the nginx proxy manager app for docker-compose to reload "nxapp" in my example. if  you are not using docker-compose, use some other method to run the reload command in your docker container here. 
  
 +  * setup [[https://developers.cloudflare.com/ssl/origin-configuration/authenticated-origin-pull/set-up/zone-level/|authenticated origin pulls]]
 +
 +add custom config to nginx proxy manager host config
 +  ssl_verify_client on;
 +  ssl_client_certificate /data/nginx/cloudflare.pem;
 +
 +download cloudflare certificate from https://developers.cloudflare.com/ssl/static/authenticated_origin_pull_ca.pem and save it as /data/nginx/cloudflare.pem 
 +
 +finally enable authenticated origin pulls in cloudflare admin console under "SSL/TLS --> Origin Server"
  
  • nginx_proxy_manager_behind_cloudflare.1741302673.txt.gz
  • Last modified: 07.03.2025 00:11
  • by Pascal Suter