I covered NPM in “NginX Proxy Manager in Incus” back in April of 2024. This time, I show a super easy way to host NPM in an OCI container.
If you are unfamiliar with Incus, you will want to watch my video entitled Incus Containers Step by Step first.
First create an incus network on the main LAN.
incus network create LAN --type=macvlan parent=bridge0
Make sure you are running at least Incus 6.5 for this tutorial.
incus version
If you are not running the latest version of incus, you can upgrade with this command:
sudo apt update && sudo apt upgrade -y
If this is the first time that you have ever created an incus OCI Docker container, you will need to add the docker repository to your incus server:
incus remote add docker https://docker.io --protocol=oci
You can see which repositories that your server knows about with:
incus remote list
We are going to create incus custom volumes to store the persistent data for the NPM application rather than mapping the persistent data to folders on the incus server.
Create the custom volumes for the persistent data using the following commands.
incus storage volume create default NPM-Data
incus storage volume create default NPM-Letsencrypt
Now create the container for the NPM application without starting it:
incus create docker:jc21/nginx-proxy-manager:latest NPM -c boot.autostart=true -c boot.autorestart=true --network=LAN
Note the new “-c boot.autorestart” switch that was added in Incus 6.5. This allows a docker OCI container that fails, to restart automatically, just like the restart policy in docker-compose.
Just as a reminder, the docker-compose way to accomplish this used to be mapping persistent volumes on the docker host and also mapping port numbers. We don’t need to do this with our Incus OCI container, but as a reminder, here’s how the docker-compose file used to look to host NPM.
It’s great not having to do that anymore!
Here are the simple commands to map our incus custom volumes to our incus OCI container for the NPM application.
incus storage volume attach default NPM-Data NPM /data
incus storage volume attach default NPM-Letsencrypt NPM /etc/letsencrypt
Since our NPM container has an address on the LAN, there is no reason for port remapping.
So, we just start our NPM container.
incus start NPM
Find out what the address of your NPM container is:
incus list
In my case:
You can now go to your web browser at the address you found with a “:81” at the end to access the NPM web interface.
If you are new to NginX Proxy Manager, watch my tutorial “NginX Proxy Manager in Incus”. That video describes how to nest the NPM docker container inside of an incus container which is more complex than required now that we have OCI containers.
Since we used the much simpler OCI container implementation in this tutorial which was not around when I did the initial video, just skip down to the part where I explained setting up the required port forwarding on your router, defining your subdomains on your DNS provider, and defining the proxy records in the NPM application.
It’s also very simple to update docker OCI containers. Suppose a newer version of NPM is released and you want to upgrade your installation.
incus stop NPM
incus rebuild docker:jc21/nginx-proxy-manager:latest NPM
incus start NPM
If you want to perform backups of the persistent volume data stored in your incus custom volumes:
incus storage volume export default NPM-Data NPM-Data.tar.gz
incus storage volume export default NPM-Letsencrypt NPM-Letsencrypt.tar.gz
If you want to perform point in time snapshots of volume data you can use these commands:
incus storage volume snapshot create default NPM-Data Snapshot1
incus storage volume snapshot create default NPM-Letsencrypt Snapshot1
I cover snapshots in my Tutorial Incus Container Snapshots. Snapshots are convenient ways to roll back to a previous state. Just be aware that snapshots are stored inside of a volume and so they make the volume larger. Whereas, “exports” are stored outside of incus.
We don’t bother performing a backup of the OCI container because its persistent data is all stored in the custom volumes.
This really is a simpler way to host NginX Proxy Manager in your Home Lab.