Reverse Proxy Nirvana with Nginx Proxy Manager and Hover DNS Automation July 15, 2025 by Addled Dev

Serve your services

On a good day, a self-hosted app stack is like a sleepy beehive—orderly, humming, and slightly dangerous if you poke it wrong. On a bad day? One misconfigured port or an expired TLS cert can turn your homelab into a flaming clown car on the digital autobahn.

That’s where Nginx Proxy Manager (NPM) comes in. And paired with a Hover DNS updater script? You’re looking at a nearly autonomous setup for self-hosting like an absolute degenerate genius. Here’s how I’m running it, and why I think this combo should be in every nerd’s toolkit.


🐳 The Setup (or: Docker Compose Your Life)

Let’s peek under the hood:

services:
  nginxproxymanager:
    image: jc21/nginx-proxy-manager:latest
    container_name: nginxproxymanager
    restart: unless-stopped
    ports:
      - "80:80"
      - "443:443"
      - "81:81"  # Admin UI
    environment:
      DB_SQLITE_FILE: "/data/database.sqlite"
    volumes:
      - npm_data:/data
      - npm_letsencrypt:/etc/letsencrypt
    networks:
      - nginx-reverse-proxy
  • Port 80/443: Standard HTTP/HTTPS passthrough.
  • Port 81: The web UI to manage your proxy rules and SSL certs. It’s like CPanel, but actually tolerable.
  • Volumes: Persist your configs and Let’s Encrypt certs across restarts like a civilized human.
  • Network: All my reverse-proxied services live on a dedicated nginx-reverse-proxy bridge. Isolation meets interoperability.

🔄 Now Add Hover Updater Magic

NPM is fantastic at routing requests and fetching certs—but it doesn’t update DNS. If you use Hover for domains like I do (because screw GoDaddy’s upselling nightmare), you’ll want to automate dynamic DNS.

That’s where the hover-updater container comes in:

hover-updater:
    build:
      context: ./hover
    container_name: hover-updater
    volumes:
      - ./hover:/hover
      - ./nodeexp-textfile:/host/textfile_collector
    working_dir: /hover
    restart: always
    networks:
      - nginx-reverse-proxy

This script polls your public IP and updates your DNS records at Hover automatically. Paired with NPM, it means:

  • 💡 No manual IP updates when your ISP re-rolls your address.
  • ✅ Valid Let’s Encrypt certs even after an IP change.
  • 🌍 Your self-hosted services (like Paperless-ngx, Home Assistant, or Grafana) stay available via human-readable URLs.

🔐 Why It Rocks

  • TLS Certs Without Tears: NPM uses Let’s Encrypt under the hood, fetching and renewing certs with a click.
  • Auto HTTPS Redirects: Set and forget. Every service can default to HTTPS without reconfiguring each container.
  • Visual Routing Rules: The admin UI makes it trivial to point paperless.mydomain.com to paperless:8000 inside your stack.
  • Resilient to IP churn: With Hover DNS updates, your stack self-heals like Wolverine with a VPN.

🧠 Closing Thoughts (and one small rant)

I used to handcraft nginx configs in /etc/nginx/sites-available like some damn artisan baker. But honestly? Life’s too short for proxy_pass typos.

NPM and a Hover DNS updater aren’t just convenience—they’re reliability enablers for ADHD-brained sysadmins, neurospicy homelabbers, and anyone trying to run a fortress on Raspberry Pi money.

Want stability, flexibility, and a UI your future self will actually thank you for? This is the setup.


Want to see the full docker-compose.yml or grab the Hover updater script? It’s all up on my GitHub. 🛠️

And if you enjoyed this and want more tech setups that don’t make you cry, visit addled.dev. It’s like if Stack Overflow and a coffee-fueled rant had a baby.

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.