add standalone nginx proxy manager deployment

2026-04-27 04:13:47 -04:00 · 2026-04-27 04:13:47 -04:00 · ec79b457e4
commit ec79b457e4
parent 3b0c796ec7
4 changed files with 101 additions and 0 deletions
--- a/deployment/npm/.env.example
+++ b/deployment/npm/.env.example
@ -0,0 +1,4 @@
 TZ=Etc/UTC
 NPM_ADMIN_BIND_IP=100.87.130.79
 NPM_EDGE_NETWORK=nextcloud_edge
 NPM_SHARED_NETWORK=npm-shared
--- a/deployment/npm/.gitignore
+++ b/deployment/npm/.gitignore
@ -0,0 +1,3 @@
 data/
 letsencrypt/
 .env
--- a/deployment/npm/README.md
+++ b/deployment/npm/README.md
@ -0,0 +1,65 @@
 # Nginx Proxy Manager
 This stack runs Nginx Proxy Manager separately from the Nextcloud stack while preserving the existing proxy host database and certificates.
 ## Layout
 - `docker-compose.yml` defines the standalone NPM service.
 - `.env` holds only stack-local settings like `TZ` and the admin bind IP.
 - Runtime state lives in:
  - `./data`
  - `./letsencrypt`
 ## Networks
 This stack joins the same external Docker networks that the current proxy hosts depend on:
 - `nextcloud_edge` for `nextcloud-app` and `portainer`
 - `npm-shared` for Islandflow services like `web` and `api`
 Because the container name stays `nginx-proxy-manager`, the existing `proxy.deltaisland.io -> nginx-proxy-manager:81` host continues to work after migration.
 ### Upstream alias collisions
 This NPM instance is attached to multiple Docker networks. If two stacks both expose a generic alias like `api` or `web`, Nginx can resolve the wrong upstream.
 For Islandflow hosts, prefer explicit upstream hostnames in NPM:
 - `islandflow-vps-web-1` on port `3000`
 - `islandflow-vps-api-1` on port `4000`
 This avoids routing Islandflow traffic to similarly named containers from other stacks.
 ## Migration
 1. Copy `.env.example` to `.env` and adjust values if needed.
 2. Stop the old NPM service from `/home/delta/nextcloud`.
 3. Copy the existing state directories into this stack:
 ```bash
 cp -rf /home/delta/nextcloud/npm/data /home/delta/islandflow/deployment/npm/
 cp -rf /home/delta/nextcloud/npm/letsencrypt /home/delta/islandflow/deployment/npm/
 ```
 4. Start the new stack:
 ```bash
 docker compose up -d
 ```
 5. Verify the expected hosts still load:
 - `https://proxy.deltaisland.io`
 - `https://portainer.deltaisland.io`
 - `https://cloud.dpdrm.com`
 ## Current Live Proxy Hosts
 - `cloud.dpdrm.com` -> `nextcloud-app:80`
 - `portainer.deltaisland.io` -> `portainer:9000`
 - `proxy.deltaisland.io` -> `nginx-proxy-manager:81`
 Islandflow-specific host mapping should use explicit upstream container names whenever possible:
 - `flow.deltaisland.io` -> `islandflow-vps-web-1:3000`
 - `api.flow.deltaisland.io` -> `islandflow-vps-api-1:4000`
--- a/deployment/npm/docker-compose.yml
+++ b/deployment/npm/docker-compose.yml
@ -0,0 +1,29 @@
 name: nginx-proxy-manager
 services:
  npm:
    image: jc21/nginx-proxy-manager:2
    container_name: nginx-proxy-manager
    restart: unless-stopped
    ports:
      - "80:80"
      - "${NPM_ADMIN_BIND_IP:-100.87.130.79}:81:81"
      - "443:443"
    env_file:
      - ./.env
    environment:
      TZ: ${TZ}
    volumes:
      - ./data:/data
      - ./letsencrypt:/etc/letsencrypt
    networks:
      - edge
      - shared
 networks:
  edge:
    external: true
    name: ${NPM_EDGE_NETWORK:-nextcloud_edge}
  shared:
    external: true
    name: ${NPM_SHARED_NETWORK:-npm-shared}