Reverse Proxy Nirvana with Nginx Proxy Manager and Hover DNS Automation July 15, 2025 by Addled Dev
Serve your services
On a good day, a self-hosted app stack is like a sleepy beehive—orderly, humming, and slightly dangerous if you poke it wrong. On a bad day? One misconfigured port or an expired TLS cert can turn your homelab into a flaming clown car on the digital autobahn.
That’s where Nginx Proxy Manager (NPM) comes in. And paired with a Hover DNS updater script? You’re looking at a nearly autonomous setup for self-hosting like an absolute degenerate genius. Here’s how I’m running it, and why I think this combo should be in every nerd’s toolkit.
🐳 The Setup (or: Docker Compose Your Life)
Let’s peek under the hood:
services:
nginxproxymanager:
image: jc21/nginx-proxy-manager:latest
container_name: nginxproxymanager
restart: unless-stopped
ports:
- "80:80"
- "443:443"
- "81:81" # Admin UI
environment:
DB_SQLITE_FILE: "/data/database.sqlite"
volumes:
- npm_data:/data
- npm_letsencrypt:/etc/letsencrypt
networks:
- nginx-reverse-proxy
- Port 80/443: Standard HTTP/HTTPS passthrough.
- Port 81: The web UI to manage your proxy rules and SSL certs. It’s like CPanel, but actually tolerable.
- Volumes: Persist your configs and Let’s Encrypt certs across restarts like a civilized human.
- Network: All my reverse-proxied services live on a dedicated
nginx-reverse-proxy
bridge. Isolation meets interoperability.
🔄 Now Add Hover Updater Magic
NPM is fantastic at routing requests and fetching certs—but it doesn’t update DNS. If you use Hover for domains like I do (because screw GoDaddy’s upselling nightmare), you’ll want to automate dynamic DNS.
That’s where the hover-updater
container comes in:
hover-updater:
build:
context: ./hover
container_name: hover-updater
volumes:
- ./hover:/hover
- ./nodeexp-textfile:/host/textfile_collector
working_dir: /hover
restart: always
networks:
- nginx-reverse-proxy
This script polls your public IP and updates your DNS records at Hover automatically. Paired with NPM, it means:
- 💡 No manual IP updates when your ISP re-rolls your address.
- ✅ Valid Let’s Encrypt certs even after an IP change.
- 🌍 Your self-hosted services (like Paperless-ngx, Home Assistant, or Grafana) stay available via human-readable URLs.
🔐 Why It Rocks
- TLS Certs Without Tears: NPM uses Let’s Encrypt under the hood, fetching and renewing certs with a click.
- Auto HTTPS Redirects: Set and forget. Every service can default to HTTPS without reconfiguring each container.
- Visual Routing Rules: The admin UI makes it trivial to point
paperless.mydomain.com
topaperless:8000
inside your stack. - Resilient to IP churn: With Hover DNS updates, your stack self-heals like Wolverine with a VPN.
🧠 Closing Thoughts (and one small rant)
I used to handcraft nginx configs in /etc/nginx/sites-available
like some damn artisan baker. But honestly? Life’s too short for proxy_pass
typos.
NPM and a Hover DNS updater aren’t just convenience—they’re reliability enablers for ADHD-brained sysadmins, neurospicy homelabbers, and anyone trying to run a fortress on Raspberry Pi money.
Want stability, flexibility, and a UI your future self will actually thank you for? This is the setup.
Want to see the full docker-compose.yml
or grab the Hover updater script? It’s all up on my GitHub. 🛠️
And if you enjoyed this and want more tech setups that don’t make you cry, visit addled.dev. It’s like if Stack Overflow and a coffee-fueled rant had a baby.