starred/nginx-proxy-manager-NginxProxyManager

Fork 0

mirror of https://github.com/NginxProxyManager/nginx-proxy-manager.git synced 2026-04-25 17:35:52 +03:00

[GH-ISSUE #1259] Add custom config for location / {} stanza in proxy_host.conf #1020

New issue

Closed

opened 2026-02-26 06:35:27 +03:00 by kerem · 2 comments

kerem commented

2026-02-26 06:35:27 +03:00

Owner

Originally created by @wizkidorg on GitHub (Jul 23, 2021).
Original GitHub issue: https://github.com/NginxProxyManager/nginx-proxy-manager/issues/1259

Is your feature request related to a problem? Please describe.
Ability to add custom config to each hosted site's default Location / { } stanza. This is to allow use of OAuth-Proxy to do OpenID auth without the need for major changes to NPM.

Describe the solution you'd like
Add a custom include to the /app/templates/proxy_host.conf file to include and additional config file at the end of the location / {} stanza.

Currently i am using a custom dockerfile in the npm-proxy build process:
RUN sed -i 's/# Proxy!/# Proxy!\n include \/data\/nginx\/custom\/proxy_location.conf;/' /app/templates/proxy_host.conf

This allows custom rules to be added to the default location / for each proxied host, to allow custom rules or plugins (in my case I'm using oauth2-proxy to utilize OpenID authentication. This is a simple addition after the above config is run in the docker for NPM.

Describe alternatives you've considered
Custom docker build.

Additional context
To Add OAuth2-Proxy to NPM after above change:
Add to docker-compose.yml:

  oauth2-proxy:
    image: 'bitnami/oauth2-proxy:latest'
    container_name: 'OAuth2-Proxy'
    environment:
      OAUTH2_PROXY_CLIENT_ID: 'openid-clientid'
      OAUTH2_PROXY_CLIENT_SECRET: 'openid-secret'
      OAUTH2_PROXY_EMAIL_DOMAINS: 'domain.org'
      OAUTH2_PROXY_COOKIE_SECRET: 'topsecretkey'
      OAUTH2_PROXY_COOKIE_SECURE: 'true'
      OAUTH2_PROXY_UPSTREAM: 'file:///dev/null'
    ports:
      - '8080:8080'
      - '4180:4180'

The config file i'm using for the proxy_location.conf:

    # Bypass Auth for internal IP's
    satisfy any;
    allow internalnetwork/24;
    deny all;
    # Required for Oauth2-Proxy.  This needs to be in the default location stanza (location /)
    auth_request /oauth2/auth;
    error_page 401 = /oauth2/start?rd=$uri;

This allows simplistic OpenID integration into NPM without any major rewrites, or similar changes to OAuth2's system.

Originally created by @wizkidorg on GitHub (Jul 23, 2021). Original GitHub issue: https://github.com/NginxProxyManager/nginx-proxy-manager/issues/1259 **Is your feature request related to a problem? Please describe.** Ability to add custom config to each hosted site's default Location / { } stanza. This is to allow use of OAuth-Proxy to do OpenID auth without the need for major changes to NPM. **Describe the solution you'd like** Add a custom include to the /app/templates/proxy_host.conf file to include and additional config file at the end of the location / {} stanza. Currently i am using a custom dockerfile in the npm-proxy build process: `RUN sed -i 's/# Proxy!/# Proxy!\n include \/data\/nginx\/custom\/proxy_location.conf;/' /app/templates/proxy_host.conf` This allows custom rules to be added to the default location / for each proxied host, to allow custom rules or plugins (in my case I'm using oauth2-proxy to utilize OpenID authentication. This is a simple addition after the above config is run in the docker for NPM. **Describe alternatives you've considered** Custom docker build. **Additional context** To Add OAuth2-Proxy to NPM after above change: Add to docker-compose.yml: ``` oauth2-proxy: image: 'bitnami/oauth2-proxy:latest' container_name: 'OAuth2-Proxy' environment: OAUTH2_PROXY_CLIENT_ID: 'openid-clientid' OAUTH2_PROXY_CLIENT_SECRET: 'openid-secret' OAUTH2_PROXY_EMAIL_DOMAINS: 'domain.org' OAUTH2_PROXY_COOKIE_SECRET: 'topsecretkey' OAUTH2_PROXY_COOKIE_SECURE: 'true' OAUTH2_PROXY_UPSTREAM: 'file:///dev/null' ports: - '8080:8080' - '4180:4180' ``` The config file i'm using for the proxy_location.conf: ``` # Bypass Auth for internal IP's satisfy any; allow internalnetwork/24; deny all; # Required for Oauth2-Proxy. This needs to be in the default location stanza (location /) auth_request /oauth2/auth; error_page 401 = /oauth2/start?rd=$uri; ``` This allows simplistic OpenID integration into NPM without any major rewrites, or similar changes to OAuth2's system.

kerem

2026-02-26 06:35:27 +03:00

closed this issue
added the
enhancement

stale
labels

kerem commented

2026-02-26 06:35:27 +03:00

Author

Owner

@github-actions[bot] commented on GitHub (Mar 7, 2024):

Issue is now considered stale. If you want to keep it open, please comment 👍

@github-actions[bot] commented on GitHub (Mar 7, 2024): Issue is now considered stale. If you want to keep it open, please comment :+1:

kerem commented

2026-02-26 06:35:27 +03:00

Author

Owner

@github-actions[bot] commented on GitHub (Apr 20, 2025):

Issue was closed due to inactivity.

@github-actions[bot] commented on GitHub (Apr 20, 2025): Issue was closed due to inactivity.

kerem referenced this issue

2026-02-26 07:38:56 +03:00

[PR #1020] [MERGED] Updated credentials for netcup dns challenge #3339

No milestone

No project

No assignees

1 participant

Notifications

Due date

The due date is invalid or out of range. Please use the format "yyyy-mm-dd".

No due date set.

Dependencies

No dependencies set.

Reference

starred/nginx-proxy-manager-NginxProxyManager#1020

No description provided.

Rows
Columns