[PR #32] nginx-ntlm-module module support #34

New issue

Open

opened 2026-02-27 15:37:54 +03:00 by kerem · 0 comments

kerem commented 2026-02-27 15:37:54 +03:00

Owner

Copy link

📋 Pull Request Information

Original PR: https://github.com/NginxProxyManager/docker-nginx-full/pull/32
Author: @jens-maus
Created: 8/9/2024
Status: 🔄 Open

Base: master ← Head: ntlm-module-support

---

📝 Commits (2)

• beb473f add nginx-ntlm module to openresty build
• 72dc0a1 Merge remote-tracking branch 'upstream/master' into ntlm-module-support

📊 Changes

1 file changed (+5 additions, -2 deletions)

View changed files

📝 scripts/build-openresty (+5 -2)

📄 Description

This PR adds https://github.com/gabihodoroaga/nginx-ntlm-module to the openresty build to address the following long-standing issues by implementing basic support for NTLM based single-sign-on proxying using nginx proxy manager:

https://github.com/NginxProxyManager/nginx-proxy-manager/issues/1117
https://github.com/NginxProxyManager/nginx-proxy-manager/issues/1138
https://github.com/NginxProxyManager/nginx-proxy-manager/issues/2037
https://github.com/NginxProxyManager/nginx-proxy-manager/issues/3181
https://github.com/NginxProxyManager/nginx-proxy-manager/issues/3797

In practice, the following steps are then required to get NTLM authentication successful running with NPM:

1. add the following section to the /data/nginx/custom/root_top.conf file to load the module:

load_module /usr/lib/nginx/modules/ngx_http_upstream_ntlm_module.so;

2. add the following to the /data/nginx/custom/http.conf file to define the NTLM aware upstream target:

upstream target {
  server 192.168.1.1:443;
  ntlm;
}

3. add the following to the proxy configuration in the Advanced tab:

location /  {
  proxy_http_version 1.1;
  proxy_set_header Connection "";
  proxy_pass https://target;
}

Then, the NTLM authentication should proceed and work nicely.

P.S.:
As a side note for users which cannot wait until a new nginx proxy manager version with this integrated NTLM module is out, one can also simply compile it using the docker-nginx-full repository and the local-build.sh script, then extract the ngx_http_upstream_ntlm_module.so file and put it into e.g. the /data/nginx/modules path and simply use the following load_module call in step 1 instead:

load_module /data/nginx/modules/ngx_http_upstream_ntlm_module.so;

---

_{🔄 This issue represents a GitHub Pull Request. It cannot be merged through Gitea due to API limitations.}

## 📋 Pull Request Information **Original PR:** https://github.com/NginxProxyManager/docker-nginx-full/pull/32 **Author:** [@jens-maus](https://github.com/jens-maus) **Created:** 8/9/2024 **Status:** 🔄 Open **Base:** `master` ← **Head:** `ntlm-module-support` --- ### 📝 Commits (2) - [`beb473f`](https://github.com/NginxProxyManager/docker-nginx-full/commit/beb473faadbf6539337b442ede7db8881a650b29) add nginx-ntlm module to openresty build - [`72dc0a1`](https://github.com/NginxProxyManager/docker-nginx-full/commit/72dc0a1a0730792216c7436e7c5420b72aef449b) Merge remote-tracking branch 'upstream/master' into ntlm-module-support ### 📊 Changes **1 file changed** (+5 additions, -2 deletions) <details> <summary>View changed files</summary> 📝 `scripts/build-openresty` (+5 -2) </details> ### 📄 Description This PR adds https://github.com/gabihodoroaga/nginx-ntlm-module to the openresty build to address the following long-standing issues by implementing basic support for NTLM based single-sign-on proxying using nginx proxy manager: https://github.com/NginxProxyManager/nginx-proxy-manager/issues/1117 https://github.com/NginxProxyManager/nginx-proxy-manager/issues/1138 https://github.com/NginxProxyManager/nginx-proxy-manager/issues/2037 https://github.com/NginxProxyManager/nginx-proxy-manager/issues/3181 https://github.com/NginxProxyManager/nginx-proxy-manager/issues/3797 In practice, the following steps are then required to get NTLM authentication successful running with NPM: 1. add the following section to the `/data/nginx/custom/root_top.conf` file to load the module: ``` load_module /usr/lib/nginx/modules/ngx_http_upstream_ntlm_module.so; ``` 2. add the following to the `/data/nginx/custom/http.conf` file to define the NTLM aware upstream target: ``` upstream target { server 192.168.1.1:443; ntlm; } ``` 3. add the following to the proxy configuration in the `Advanced` tab: ``` location / { proxy_http_version 1.1; proxy_set_header Connection ""; proxy_pass https://target; } ``` Then, the NTLM authentication should proceed and work nicely. P.S.: As a side note for users which cannot wait until a new nginx proxy manager version with this integrated NTLM module is out, one can also simply compile it using the `docker-nginx-full` repository and the `local-build.sh` script, then extract the `ngx_http_upstream_ntlm_module.so` file and put it into e.g. the `/data/nginx/modules` path and simply use the following `load_module` call in step 1 instead: ``` load_module /data/nginx/modules/ngx_http_upstream_ntlm_module.so; ``` --- _{🔄 This issue represents a GitHub Pull Request. It cannot be merged through Gitea due to API limitations.}

kerem added the

pull-request

label 2026-02-27 15:37:54 +03:00

kerem referenced this issue 2026-02-27 15:37:55 +03:00

[PR #34] [CLOSED] Add ModSecurity support incl. OWASP core ruleset #38

Sign in to join this conversation.

No Branch/Tag specified

Branches Tags

master

http3

certbot4

brotli

No results found.

Labels

Clear labels   

pull-request

Mirrored from GitHub Pull Request

No labels

pull-request

Milestone

Clear milestone

No items

No milestone

Projects

Clear projects

No items

No project

Assignees

Clear assignees

No assignees

1 participant

Notifications

Subscribe

Due date

The due date is invalid or out of range. Please use the format "yyyy-mm-dd".

No due date set.

Dependencies

No dependencies set.

Reference

starred/docker-nginx-full#34

No description provided.