[GH-ISSUE #681] Running NPM and PiHole at the same time #576

New issue

Closed

opened 2026-02-26 06:33:28 +03:00 by kerem · 24 comments

kerem commented 2026-02-26 06:33:28 +03:00

Owner

Copy link

Originally created by @wschlotter on GitHub (Oct 30, 2020).
Original GitHub issue: https://github.com/NginxProxyManager/nginx-proxy-manager/issues/681

I am wondering what the solution would be to run both NPM and PiHole on the same computer? They both say to use port 80 and 443.

Originally created by @wschlotter on GitHub (Oct 30, 2020). Original GitHub issue: https://github.com/NginxProxyManager/nginx-proxy-manager/issues/681 I am wondering what the solution would be to run both NPM and PiHole on the same computer? They both say to use port 80 and 443.

kerem closed this issue 2026-02-26 06:33:29 +03:00

kerem commented 2026-02-26 06:33:29 +03:00

Author

Owner

Copy link

@aronwk-aaron commented on GitHub (Nov 1, 2020):

If you are using docker, you can just change the mapped ports on one (or in my case, both) of the containers

<!-- gh-comment-id:720007182 --> @aronwk-aaron commented on GitHub (Nov 1, 2020): If you are using docker, you can just change the mapped ports on one (or in my case, both) of the containers

kerem commented 2026-02-26 06:33:29 +03:00

Author

Owner

Copy link

@wschlotter commented on GitHub (Nov 2, 2020):

I understand that, but both say that is ill advised. I did have NPM running on a different port bu them me Lets Encrypt did renew the certificates.

<!-- gh-comment-id:720604009 --> @wschlotter commented on GitHub (Nov 2, 2020): I understand that, but both say that is ill advised. I did have NPM running on a different port bu them me Lets Encrypt did renew the certificates.

kerem commented 2026-02-26 06:33:29 +03:00

Author

Owner

Copy link

@jlnwlf commented on GitHub (Nov 3, 2020):

I came up with changing the port used by lighttpd for pi-hole (not in a container) from 80 to 8017 and made a proxy host entry in NPM to point to the lighttpd server on port 8017.

Depending on your requirements/network/use case, that might not be enough though...

<!-- gh-comment-id:721217288 --> @jlnwlf commented on GitHub (Nov 3, 2020): I came up with changing the port used by `lighttpd` for pi-hole (not in a container) from `80` to `8017` and made a proxy host entry in NPM to point to the lighttpd server on port `8017`. Depending on your requirements/network/use case, that might not be enough though...

kerem commented 2026-02-26 06:33:29 +03:00

Author

Owner

Copy link

@rastacalavera commented on GitHub (Nov 23, 2020):

I am in this situation. I want to run pihole rather than adguard home. I run all my docker containers on a pi4 and want to include pihole in this setup. I can get pihole running using this compose file

    container_name: pihole
    image: pihole/pihole:latest
    ports:
      - "6876:53/tcp"
      - "6877:53/udp"
      - "6879:67/udp"
      - "6880:80/tcp"
      - "6881:443/tcp"
    environment:
      TZ: 'America/Chicago'
      WEBPASSWORD: '1234'
      ServerIP: '192.168.0.140'
      PROXY_LOCATION: pihole'
      VIRTUAL_HOST: 'pihole.mydomain.net'
      VIRTUAL_PORT: '80'
      DNS1: '127.0.0.1'
      DNS2: '1.1.1.1'
   # Volumes store your data between container upgrades
    volumes:
      - './etc-pihole/:/etc/pihole/'
      - './etc-dnsmasq.d/:/etc/dnsmasq.d/'    # Recommended but not required (DHCP needs NET_ADMIN)
      https://github.com/pi-hole/docker-pi-hole#note-on-capabilities
   cap_add:
     - NET_ADMIN
    restart: unless-stopped

But when I have my router DHCP server use the pi address of 192.168.0.140 nothing on my network can resolve and it doesn't look like any traffic is moving through pi hole. I don't want to be able to access it remotely, I just want it to play nice with npm on my machine. Seems like it should be an easy thing to address, I just am not super experienced. Most of this compose file was taken from the pihole documentation, but I also added in some environment variables I saw on an other compose-file that used a reverse proxy.

<!-- gh-comment-id:732346827 --> @rastacalavera commented on GitHub (Nov 23, 2020): I am in this situation. I want to run pihole rather than adguard home. I run all my docker containers on a pi4 and want to include pihole in this setup. I can get pihole running using this compose file ```pihole: container_name: pihole image: pihole/pihole:latest ports: - "6876:53/tcp" - "6877:53/udp" - "6879:67/udp" - "6880:80/tcp" - "6881:443/tcp" environment: TZ: 'America/Chicago' WEBPASSWORD: '1234' ServerIP: '192.168.0.140' PROXY_LOCATION: pihole' VIRTUAL_HOST: 'pihole.mydomain.net' VIRTUAL_PORT: '80' DNS1: '127.0.0.1' DNS2: '1.1.1.1' # Volumes store your data between container upgrades volumes: - './etc-pihole/:/etc/pihole/' - './etc-dnsmasq.d/:/etc/dnsmasq.d/' # Recommended but not required (DHCP needs NET_ADMIN) https://github.com/pi-hole/docker-pi-hole#note-on-capabilities cap_add: - NET_ADMIN restart: unless-stopped ``` But when I have my router DHCP server use the pi address of 192.168.0.140 nothing on my network can resolve and it doesn't look like any traffic is moving through pi hole. I don't want to be able to access it remotely, I just want it to play nice with npm on my machine. Seems like it should be an easy thing to address, I just am not super experienced. Most of this compose file was taken from the pihole documentation, but I also added in some environment variables I saw on an other compose-file that used a reverse proxy.

kerem commented 2026-02-26 06:33:29 +03:00

Author

Owner

Copy link

@crazybadger commented on GitHub (Nov 23, 2020):

I'm not convinced running them on the same machine is sensible, given one is trying to route external requests and the other is trying to block some internal ones. They work well on the same network given then own IP stack though!

<!-- gh-comment-id:732383744 --> @crazybadger commented on GitHub (Nov 23, 2020): I'm not convinced running them on the same machine is sensible, given one is trying to route external requests and the other is trying to block some internal ones. They work well on the same network given then own IP stack though!

kerem commented 2026-02-26 06:33:29 +03:00

Author

Owner

Copy link

@rastacalavera commented on GitHub (Nov 23, 2020):

I'm not convinced running them on the same machine is sensible, given one is trying to route external requests and the other is trying to block some internal ones. They work well on the same network given then own IP stack though!

Yeah I have used them separately before, it is just a nice attraction to consolidate onto a single machine. I dedicated my other pi to home assistant, and they have adguard as an extension but i prefer pihole.

<!-- gh-comment-id:732389808 --> @rastacalavera commented on GitHub (Nov 23, 2020): > I'm not convinced running them on the same machine is sensible, given one is trying to route external requests and the other is trying to block some internal ones. They work well on the same network given then own IP stack though! Yeah I have used them separately before, it is just a nice attraction to consolidate onto a single machine. I dedicated my other pi to home assistant, and they have adguard as an extension but i prefer pihole.

kerem commented 2026-02-26 06:33:29 +03:00

Author

Owner

Copy link

@crazybadger commented on GitHub (Nov 23, 2020):

You could run NPM as a Home Assistant Add On and then use your other Pi for Pi-Hole? I have NPM running on a Hass.io Pi and Pi-hole running on a FreeNAS VM.

<!-- gh-comment-id:732418452 --> @crazybadger commented on GitHub (Nov 23, 2020): You could run NPM as a Home Assistant Add On and then use your other Pi for Pi-Hole? I have NPM running on a Hass.io Pi and Pi-hole running on a FreeNAS VM.

kerem commented 2026-02-26 06:33:29 +03:00

Author

Owner

Copy link

@jc21 commented on GitHub (Nov 23, 2020):

Wait hang on, I don't use pi-hole but from what I've read in their documentation it's just a DNS sinkhole with an optional VPN. As a DNS sinkhole, NPM does not conflict as it doesn't run a DNS server. There should not be an issue running them on the same machine. Pi-hole's web interface can run on any port, npm can proxy to it. Pi-hole's DNS server can run on the standard port 53 and NPM won't care.

Unless I'm missing something here?

In addition to running these together on the same machine: if you utilize docker networks and don't map pi-hole's ports to the docker host, you won't need to change ports and instead add a stream to forward 53 to pi-hole as well:

docker network create skynet

version: "3"
services:
  npm:
    image: jc21/nginx-proxy-manager:2
    container_name: npm
    restart: always
    ports:
      - 80:80
      - 81:81
      - 443:443
      - 53:53/tcp
      - 53:53/udp
    volumes:
      ...

  pihole:
    image: pihole/pihole:latest
    container_name: pihole
    environment:
      ...
    volumes:
      ...
    restart: unless-stopped

networks:
  default:
    external:
      name: skynet

Then add a proxy host for pi-hole with hostname pihole on either 80 or 443, then add a stream to pihole on port 53 udp/tcp. These services will be contained in the same virtual network named skynet and the only service being exposed directly is NPM. This is how I run all my services but once again I haven't tested this with pi-hole myself.

<!-- gh-comment-id:732485073 --> @jc21 commented on GitHub (Nov 23, 2020): Wait hang on, I don't use pi-hole but from what I've read in their documentation it's just a DNS sinkhole with an optional VPN. As a DNS sinkhole, NPM does not conflict as it doesn't run a DNS server. There should not be an issue running them on the same machine. Pi-hole's web interface can run on any port, npm can proxy to it. Pi-hole's DNS server can run on the standard port 53 and NPM won't care. Unless I'm missing something here? In addition to running these together on the same machine: if you utilize docker networks and don't map pi-hole's ports to the docker host, you won't need to change ports and instead add a stream to forward 53 to pi-hole as well: ```bash docker network create skynet ``` ```yml version: "3" services: npm: image: jc21/nginx-proxy-manager:2 container_name: npm restart: always ports: - 80:80 - 81:81 - 443:443 - 53:53/tcp - 53:53/udp volumes: ... pihole: image: pihole/pihole:latest container_name: pihole environment: ... volumes: ... restart: unless-stopped networks: default: external: name: skynet ``` Then add a proxy host for pi-hole with hostname `pihole` on either `80` or `443`, then add a stream to `pihole` on port `53` udp/tcp. These services will be contained in the same virtual network named `skynet` and the only service being exposed directly is NPM. This is how I run all my services but once again I haven't tested this with pi-hole myself.

kerem commented 2026-02-26 06:33:29 +03:00

Author

Owner

Copy link

@rastacalavera commented on GitHub (Nov 24, 2020):

Really appreciate the reply!
I decided to try everything on a fresh install of Ubuntu 20.04 on a raspberryPi 4.
There are some new errors that are cropping up.
Here are the errors I am seeing:

Creating pihole ... 
Creating ubuntu_db_1 ... 

ERROR: for pihole  UnixHTTPConnectionPool(host='localhost', port=None): Read timed out. (read timeout=60)

ERROR: for ubuntu_db_1  UnixHTTPConnectionPool(host='localhost', port=None): Read timed out. (read timeout=60)

ERROR: for pihole  UnixHTTPConnectionPool(host='localhost', port=None): Read timed out. (read timeout=60)

ERROR: for db  UnixHTTPConnectionPool(host='localhost', port=None): Read timed out. (read timeout=60)
ERROR: An HTTP request took too long to complete. Retry with --verbose to obtain debug information.
If you encounter this issue regularly because of slow network conditions, consider setting COMPOSE_HTTP_TIMEOUT to a higher value (current value: 60).
ubuntu@ubuntu:~$ docker ps
CONTAINER ID        IMAGE               COMMAND             CREATED             STATUS              PORTS               NAMES
ubuntu@ubuntu:~$ docker-compose up -d
Starting ubuntu_db_1 ... done
Starting pihole      ... done
Creating npm         ... 
Creating npm         ... error

ERROR: for npm  Cannot start service app: driver failed programming external connectivity on endpoint npm (be909651750d0150cb67602ba2cf0a63a99b3226b523988da8d0cbd579903e58): Error starting userland proxy: listen tcp 0.0.0.0:53: bind: address already in use

ERROR: for app  Cannot start service app: driver failed programming external connectivity on endpoint npm (be909651750d0150cb67602ba2cf0a63a99b3226b523988da8d0cbd579903e58): Error starting userland proxy: listen tcp 0.0.0.0:53: bind: address already in use
ERROR: Encountered errors while bringing up the project.

When I run sudo lsof -i :53 to see what is on port 53 here is the output:

sudo lsof -i :53
COMMAND     PID            USER   FD   TYPE DEVICE SIZE/OFF NODE NAME
systemd-r 19641 systemd-resolve   12u  IPv4  85100      0t0  UDP localhost:domain 
systemd-r 19641 systemd-resolve   13u  IPv4  85101      0t0  TCP localhost:domain (LISTEN)

This is my SECOND time attempting this, the first time I followed the directions here on how to get systemd-resolve to get off that port but then all of my apt commands were broken and I couldn't fix them and had to do a clean install again.

Here is the compose file

version: "3"
services:
  app:
    image: 'jc21/nginx-proxy-manager:latest'
    container_name: npm
    restart: always
    ports:
      # Public HTTP Port:
      - '80:80'
      # Public HTTPS Port:
      - '443:443'
      # Admin Web Port:
      - '81:81'
      #added from github open issues
      - 53:53/tcp
      - 53:53/udp
    environment:
      # These are the settings to access your db
      DB_MYSQL_HOST: "db"
      DB_MYSQL_PORT: 3306
      DB_MYSQL_USER: "npm"
      DB_MYSQL_PASSWORD: "npm"
      DB_MYSQL_NAME: "npm"
      # If you would rather use Sqlite uncomment this
      # and remove all DB_MYSQL_* lines above
      # DB_SQLITE_FILE: "/data/database.sqlite"
      # Uncomment this if IPv6 is not enabled on your host
      # DISABLE_IPV6: 'true'
    volumes:
      - ./data:/data
      - ./letsencrypt:/etc/letsencrypt
    depends_on:
      - db
  db:
    image: jc21/mariadb-aria:10.4
    restart: always
    environment:
      MYSQL_ROOT_PASSWORD: 'npm'
      MYSQL_DATABASE: 'npm'
      MYSQL_USER: 'npm'
      MYSQL_PASSWORD: 'npm'
    volumes:
#      - opt/appdata/mariadb/data/mysql:/var/lib/mysql
      - ./data/mysql:/var/lib/mysql
  pihole:
    image: pihole/pihole:latest
    container_name: pihole
    environment:
      TZ: 'America/Chicago'
      WEBPASSWORD: '1234'
    volumes:
      - '/opt/appdata/pihole/etc-pihole/:/etc/pihole/'
      - '/opt/appdata/pihole/etc-dnsmasq.d/:/etc/dnsmasq.d/'
    restart: unless-stopped

networks:
  default:
    external:
      name: skynet

<!-- gh-comment-id:733075735 --> @rastacalavera commented on GitHub (Nov 24, 2020): Really appreciate the reply! I decided to try everything on a fresh install of Ubuntu 20.04 on a raspberryPi 4. There are some new errors that are cropping up. Here are the errors I am seeing: ``` Creating pihole ... Creating ubuntu_db_1 ... ERROR: for pihole UnixHTTPConnectionPool(host='localhost', port=None): Read timed out. (read timeout=60) ERROR: for ubuntu_db_1 UnixHTTPConnectionPool(host='localhost', port=None): Read timed out. (read timeout=60) ERROR: for pihole UnixHTTPConnectionPool(host='localhost', port=None): Read timed out. (read timeout=60) ERROR: for db UnixHTTPConnectionPool(host='localhost', port=None): Read timed out. (read timeout=60) ERROR: An HTTP request took too long to complete. Retry with --verbose to obtain debug information. If you encounter this issue regularly because of slow network conditions, consider setting COMPOSE_HTTP_TIMEOUT to a higher value (current value: 60). ubuntu@ubuntu:~$ docker ps CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES ubuntu@ubuntu:~$ docker-compose up -d Starting ubuntu_db_1 ... done Starting pihole ... done Creating npm ... Creating npm ... error ERROR: for npm Cannot start service app: driver failed programming external connectivity on endpoint npm (be909651750d0150cb67602ba2cf0a63a99b3226b523988da8d0cbd579903e58): Error starting userland proxy: listen tcp 0.0.0.0:53: bind: address already in use ERROR: for app Cannot start service app: driver failed programming external connectivity on endpoint npm (be909651750d0150cb67602ba2cf0a63a99b3226b523988da8d0cbd579903e58): Error starting userland proxy: listen tcp 0.0.0.0:53: bind: address already in use ERROR: Encountered errors while bringing up the project. ``` When I run sudo lsof -i :53 to see what is on port 53 here is the output: ``` sudo lsof -i :53 COMMAND PID USER FD TYPE DEVICE SIZE/OFF NODE NAME systemd-r 19641 systemd-resolve 12u IPv4 85100 0t0 UDP localhost:domain systemd-r 19641 systemd-resolve 13u IPv4 85101 0t0 TCP localhost:domain (LISTEN) ``` This is my SECOND time attempting this, the first time I followed the directions [here](https://www.linuxuprising.com/2020/07/ubuntu-how-to-free-up-port-53-used-by.html) on how to get systemd-resolve to get off that port but then all of my apt commands were broken and I couldn't fix them and had to do a clean install again. Here is the compose file ``` version: "3" services: app: image: 'jc21/nginx-proxy-manager:latest' container_name: npm restart: always ports: # Public HTTP Port: - '80:80' # Public HTTPS Port: - '443:443' # Admin Web Port: - '81:81' #added from github open issues - 53:53/tcp - 53:53/udp environment: # These are the settings to access your db DB_MYSQL_HOST: "db" DB_MYSQL_PORT: 3306 DB_MYSQL_USER: "npm" DB_MYSQL_PASSWORD: "npm" DB_MYSQL_NAME: "npm" # If you would rather use Sqlite uncomment this # and remove all DB_MYSQL_* lines above # DB_SQLITE_FILE: "/data/database.sqlite" # Uncomment this if IPv6 is not enabled on your host # DISABLE_IPV6: 'true' volumes: - ./data:/data - ./letsencrypt:/etc/letsencrypt depends_on: - db db: image: jc21/mariadb-aria:10.4 restart: always environment: MYSQL_ROOT_PASSWORD: 'npm' MYSQL_DATABASE: 'npm' MYSQL_USER: 'npm' MYSQL_PASSWORD: 'npm' volumes: # - opt/appdata/mariadb/data/mysql:/var/lib/mysql - ./data/mysql:/var/lib/mysql pihole: image: pihole/pihole:latest container_name: pihole environment: TZ: 'America/Chicago' WEBPASSWORD: '1234' volumes: - '/opt/appdata/pihole/etc-pihole/:/etc/pihole/' - '/opt/appdata/pihole/etc-dnsmasq.d/:/etc/dnsmasq.d/' restart: unless-stopped networks: default: external: name: skynet ```

kerem commented 2026-02-26 06:33:29 +03:00

Author

Owner

Copy link

@rastacalavera commented on GitHub (Nov 24, 2020):

Ok i think I am getting closer. I made some changes to the Docker-Compose file and that will be included last.
Now I have access to the NPM and PiHole Web GUIs but I am not confident that I am setting up the host or stream in NPM. Here are some images to show the setup.
I have never done a stream before. . .

Here is my new compose file. I had to change the DB (issue on this for RPi) and added in some environmental variables for PiHole. I did see way down in the documentation of PiHole that they say how to solve the port 53 issue on Ubuntu so shame on me for not reading everything :P I don't know if I needed the ports in PiHole but I couldn't get the the GUI without them.

version: "3"
services:
  app:
    image: 'jc21/nginx-proxy-manager:latest'
    container_name: npm
    restart: always
    ports:
      # Public HTTP Port:
      - '80:80'
      # Public HTTPS Port:
      - '443:443'
      # Admin Web Port:
      - '81:81'
      #added from github open issues
      - 53:53/tcp
      - 53:53/udp
    environment:
      # These are the settings to access your db
      DB_MYSQL_HOST: "db"
      DB_MYSQL_PORT: 3306
      DB_MYSQL_USER: "npm"
      DB_MYSQL_PASSWORD: "npm"
      DB_MYSQL_NAME: "npm"
      # If you would rather use Sqlite uncomment this
      # and remove all DB_MYSQL_* lines above
      # DB_SQLITE_FILE: "/data/database.sqlite"
      # Uncomment this if IPv6 is not enabled on your host
      # DISABLE_IPV6: 'true'
    volumes:
      - ./data:/data
      - ./letsencrypt:/etc/letsencrypt
    depends_on:
      - db
  db:
    image: yobasystems/alpine-mariadb:armhf
    restart: always
    environment:
      MYSQL_ROOT_PASSWORD: 'npm'
      MYSQL_DATABASE: 'npm'
      MYSQL_USER: 'npm'
      MYSQL_PASSWORD: 'npm'
    volumes:
#      - opt/appdata/mariadb/data/mysql:/var/lib/mysql
      - ./data/mysql:/var/lib/mysql
  pihole:
    image: pihole/pihole:latest
    container_name: pihole
    ports:
      - "6876:53/tcp"
      - "6877:53/udp"
      - "6879:67/udp"
      - "6880:80/tcp"
      - "6881:443/tcp"
    environment:
      TZ: 'America/Chicago'
      WEBPASSWORD: '1234'
      ServerIP: '192.168.0.140'
#      PROXY_LOCATION: pihole'
#      VIRTUAL_HOST: 'pihole.mydomain.net'
#      VIRTUAL_PORT: '80'
#      DNS1: '127.0.0.1'
#      DNS2: '1.1.1.1'
    volumes:
      - '/opt/appdata/pihole/etc-pihole/:/etc/pihole/'
      - '/opt/appdata/pihole/etc-dnsmasq.d/:/etc/dnsmasq.d/'
    restart: unless-stopped

networks:
  default:
    external:
      name: skynet

<!-- gh-comment-id:733128094 --> @rastacalavera commented on GitHub (Nov 24, 2020): Ok i think I am getting closer. I made some changes to the Docker-Compose file and that will be included last. Now I have access to the NPM and PiHole Web GUIs but I am not confident that I am setting up the host or stream in NPM. Here are some [images](https://imgur.com/a/8HHnqdc) to show the setup. I have never done a stream before. . . Here is my new compose file. I had to change the DB (issue on this for RPi) and added in some environmental variables for PiHole. I did see way down in the documentation of PiHole that they say how to solve the port 53 issue on Ubuntu so shame on me for not reading everything :P I don't know if I needed the ports in PiHole but I couldn't get the the GUI without them. ``` version: "3" services: app: image: 'jc21/nginx-proxy-manager:latest' container_name: npm restart: always ports: # Public HTTP Port: - '80:80' # Public HTTPS Port: - '443:443' # Admin Web Port: - '81:81' #added from github open issues - 53:53/tcp - 53:53/udp environment: # These are the settings to access your db DB_MYSQL_HOST: "db" DB_MYSQL_PORT: 3306 DB_MYSQL_USER: "npm" DB_MYSQL_PASSWORD: "npm" DB_MYSQL_NAME: "npm" # If you would rather use Sqlite uncomment this # and remove all DB_MYSQL_* lines above # DB_SQLITE_FILE: "/data/database.sqlite" # Uncomment this if IPv6 is not enabled on your host # DISABLE_IPV6: 'true' volumes: - ./data:/data - ./letsencrypt:/etc/letsencrypt depends_on: - db db: image: yobasystems/alpine-mariadb:armhf restart: always environment: MYSQL_ROOT_PASSWORD: 'npm' MYSQL_DATABASE: 'npm' MYSQL_USER: 'npm' MYSQL_PASSWORD: 'npm' volumes: # - opt/appdata/mariadb/data/mysql:/var/lib/mysql - ./data/mysql:/var/lib/mysql pihole: image: pihole/pihole:latest container_name: pihole ports: - "6876:53/tcp" - "6877:53/udp" - "6879:67/udp" - "6880:80/tcp" - "6881:443/tcp" environment: TZ: 'America/Chicago' WEBPASSWORD: '1234' ServerIP: '192.168.0.140' # PROXY_LOCATION: pihole' # VIRTUAL_HOST: 'pihole.mydomain.net' # VIRTUAL_PORT: '80' # DNS1: '127.0.0.1' # DNS2: '1.1.1.1' volumes: - '/opt/appdata/pihole/etc-pihole/:/etc/pihole/' - '/opt/appdata/pihole/etc-dnsmasq.d/:/etc/dnsmasq.d/' restart: unless-stopped networks: default: external: name: skynet ```

kerem commented 2026-02-26 06:33:29 +03:00

Author

Owner

Copy link

@rastacalavera commented on GitHub (Nov 24, 2020):

You could run NPM as a Home Assistant Add On and then use your other Pi for Pi-Hole? I have NPM running on a Hass.io Pi and Pi-hole running on a FreeNAS VM.

God how did I over look this? Thanks for that. If I can't get this issue figured out, that is the route I will take. I am just so far down the rabbit hole now I can't abandon ship until all my hair has been pulled out.

<!-- gh-comment-id:733220454 --> @rastacalavera commented on GitHub (Nov 24, 2020): > You could run NPM as a Home Assistant Add On and then use your other Pi for Pi-Hole? I have NPM running on a Hass.io Pi and Pi-hole running on a FreeNAS VM. God how did I over look this? Thanks for that. If I can't get this issue figured out, that is the route I will take. I am just so far down the rabbit hole now I can't abandon ship until all my hair has been pulled out.

kerem commented 2026-02-26 06:33:29 +03:00

Author

Owner

Copy link

@rastacalavera commented on GitHub (Nov 25, 2020):

So I spent most of the day playing with this and couldn't get it functional. I ended up finding a pi zero w that i forgot I had and put pihole on that. Love NPM, keep up the great work jc21!

<!-- gh-comment-id:733783839 --> @rastacalavera commented on GitHub (Nov 25, 2020): So I spent most of the day playing with this and couldn't get it functional. I ended up finding a pi zero w that i forgot I had and put pihole on that. Love NPM, keep up the great work jc21!

kerem commented 2026-02-26 06:33:29 +03:00

Author

Owner

Copy link

@johntdavis84 commented on GitHub (Dec 14, 2020):

I'm presently struggling with this as well. I'm trying to install NGINX Proxy Manager on top of docker on a Raspberry Pi 4B.

what I've read in their documentation it's just a DNS sinkhole with an optional VPN. As a DNS sinkhole, NPM does not conflict as it doesn't run a DNS server. There should not be an issue running them on the same machine. Pi-hole's web interface can run on any port, npm can proxy to it. Pi-hole's DNS server can run on the standard port 53 and NPM won't care.

@jc21 , I just tracked this down a few minutes ago, because I couldn't figure out why pi-hole needed 443, either. Apparently, according to the pi-hole GitHub, certain ads are served via SSL, so it needs that port. (Though I can't figure out how to see just t hose in the pi-hole admin.)

My situation is complicated because I'm running pi-hole in privileged mode, due to a specific bug in Manjaro Linux that makes lighttpd crash and burn inside the container unless it is in privileged mode.

Getting a second Pi just to run pi-hole is not a terrible idea, but it's not an option budget- and space-wise at this time. (it also seems wasteful, honestly, given how little this server is currently doing.)

Any suggestions? I have a vague understanding I could set up a macvlan ... thing? ... to create a separate virtual LAN IP range for the pi-hole, but ugh. I really don't want to have to go down that rabbit hole right now.

I'm wondering if I could just get a USB gigE adapter, plug that in, and set up a separate network just for the pi-hole?

<!-- gh-comment-id:744210827 --> @johntdavis84 commented on GitHub (Dec 14, 2020): I'm presently struggling with this as well. I'm trying to install NGINX Proxy Manager on top of docker on a Raspberry Pi 4B. > what I've read in their documentation it's just a DNS sinkhole with an optional VPN. As a DNS sinkhole, NPM does not conflict as it doesn't run a DNS server. There should not be an issue running them on the same machine. Pi-hole's web interface can run on any port, npm can proxy to it. Pi-hole's DNS server can run on the standard port 53 and NPM won't care. @jc21 , I just tracked this down a few minutes ago, because I couldn't figure out why pi-hole needed 443, either. **Apparently, according to the pi-hole GitHub, certain ads are served via SSL, so it needs that port.** (Though I can't figure out how to see just t hose in the pi-hole admin.) My situation is complicated because I'm running pi-hole in privileged mode, due to a specific bug in Manjaro Linux that makes lighttpd crash and burn inside the container unless it is in privileged mode. Getting a second Pi just to run pi-hole is not a terrible idea, but it's not an option budget- and space-wise at this time. (it also seems wasteful, honestly, given how little this server is currently doing.) Any suggestions? I have a vague understanding I could set up a macvlan ... thing? ... to create a separate virtual LAN IP range for the pi-hole, but ugh. I really don't want to have to go down that rabbit hole right now. I'm wondering if I could just get a USB gigE adapter, plug that in, and set up a separate network just for the pi-hole?

kerem commented 2026-02-26 06:33:29 +03:00

Author

Owner

Copy link

@nimjor commented on GitHub (Jan 2, 2021):

Wait hang on, I don't use pi-hole but from what I've read in their documentation it's just a DNS sinkhole with an optional VPN. As a DNS sinkhole, NPM does not conflict as it doesn't run a DNS server. There should not be an issue running them on the same machine. Pi-hole's web interface can run on any port, npm can proxy to it. Pi-hole's DNS server can run on the standard port 53 and NPM won't care.

Then add a proxy host for pi-hole with hostname pihole on either 80 or 443, then add a stream to pihole on port 53 udp/tcp. These services will be contained in the same virtual network named skynet and the only service being exposed directly is NPM. This is how I run all my services but once again I haven't tested this with pi-hole myself.

I agree with @jc21, I was able to get this working without doing much of anything special. I am running NPM and Pi-hole inside separate docker containers in the same ubuntu vm. I didn't need to set up a docker network or anything like that. My steps:

1. Create docker-compose.yml file for the Pi-hole, mapping container ports 53 and 67 to the same ports on the vm, and container 80 and 443 to the vm's 8082 and 8443 (since NPM's container is already using 80 and 443 of the vm).

2. I did also have to follow the steps here for modifying Ubuntu's systemd-resolved service since that was already listening on 53.

3. docker-compose up -d

At first I hadn't thought it through properly and so I initially set it up with the Pi-hole listening on 8053, and then I had a stream set up in NPM to direct incoming traffic on 53 to 8053, but that didn't work for me. I later realized there was no point to that; nothing else on my machine was listening on 53, so I adjusted my yml file to do that and it just started working (no need for a stream).

<!-- gh-comment-id:753522424 --> @nimjor commented on GitHub (Jan 2, 2021): > Wait hang on, I don't use pi-hole but from what I've read in their documentation it's just a DNS sinkhole with an optional VPN. As a DNS sinkhole, NPM does not conflict as it doesn't run a DNS server. There should not be an issue running them on the same machine. Pi-hole's web interface can run on any port, npm can proxy to it. Pi-hole's DNS server can run on the standard port 53 and NPM won't care. > Then add a proxy host for pi-hole with hostname `pihole` on either `80` or `443`, then add a stream to `pihole` on port `53` udp/tcp. These services will be contained in the same virtual network named `skynet` and the only service being exposed directly is NPM. This is how I run all my services but once again I haven't tested this with pi-hole myself. I agree with @jc21, I was able to get this working without doing much of anything special. I am running NPM and Pi-hole inside separate docker containers in the same ubuntu vm. I didn't need to set up a docker network or anything like that. My steps: 1. Create docker-compose.yml file for the Pi-hole, mapping container ports 53 and 67 to the same ports on the vm, and container 80 and 443 to the vm's 8082 and 8443 (since NPM's container is already using 80 and 443 of the vm). 2. I did also have to follow the steps here for [modifying Ubuntu's systemd-resolved service](https://github.com/pi-hole/docker-pi-hole/#installing-on-ubuntu) since that was already listening on 53. 3. docker-compose up -d At first I hadn't thought it through properly and so I initially set it up with the Pi-hole listening on 8053, and then I had a stream set up in NPM to direct incoming traffic on 53 to 8053, but that didn't work for me. I later realized there was no point to that; nothing else on my machine was listening on 53, so I adjusted my yml file to do that and it just started working (no need for a stream).

kerem commented 2026-02-26 06:33:29 +03:00

Author

Owner

Copy link

@anselal commented on GitHub (Jan 4, 2021):

@wschlotter just change the port for the PiHole web gui. it doesn't affect pihole.
you can run the following commands to change the port to 8080:

sudo cp /etc/lighttpd/lighttpd.conf /etc/lighttpd/lighttpd.conf.backup
sudo sed -ie "s/= 80/= 8080/g" /etc/lighttpd/lighttpd.conf
sudo /etc/init.d/lighttpd restart

<!-- gh-comment-id:753828271 --> @anselal commented on GitHub (Jan 4, 2021): @wschlotter just change the port for the PiHole web gui. it doesn't affect pihole. you can run the following commands to change the port to 8080: ```sh sudo cp /etc/lighttpd/lighttpd.conf /etc/lighttpd/lighttpd.conf.backup sudo sed -ie "s/= 80/= 8080/g" /etc/lighttpd/lighttpd.conf sudo /etc/init.d/lighttpd restart ```

kerem commented 2026-02-26 06:33:29 +03:00

Author

Owner

Copy link

@wschlotter commented on GitHub (Jan 4, 2021):

Forgot about this thread (setup a new machine for something else and installed instead) but this will be helpful in the future when I merge some other dockers to the same machines!

<!-- gh-comment-id:754094758 --> @wschlotter commented on GitHub (Jan 4, 2021): Forgot about this thread (setup a new machine for something else and installed instead) but this will be helpful in the future when I merge some other dockers to the same machines!

kerem commented 2026-02-26 06:33:29 +03:00

Author

Owner

Copy link

@johntdavis84 commented on GitHub (Jan 7, 2021):

Thanks for this info. I’m working on getting this set up now.

One thing that makes me hesitate a bit is this bit from the pihole/pihole docs: https://hub.docker.com/r/pihole/pihole
“Port 443 is to provide a sinkhole for ads that use SSL. If only port 80 is used, then blocked HTTPS queries will fail to connect to port 443 and may cause long loading times. Rejecting 443 on your firewall can also serve this same purpose. Ubuntu firewall example: sudo ufw reject https"

If we forward port 443 from inside the container to port 80443 outside the container, does it break the blocking of SSL ads?

		- JTD.

On Jan 2, 2021, at 1:58 PM, nimjor notifications@github.com wrote:

Wait hang on, I don't use pi-hole but from what I've read in their documentation it's just a DNS sinkhole with an optional VPN. As a DNS sinkhole, NPM does not conflict as it doesn't run a DNS server. There should not be an issue running them on the same machine. Pi-hole's web interface can run on any port, npm can proxy to it. Pi-hole's DNS server can run on the standard port 53 and NPM won't care.

Then add a proxy host for pi-hole with hostname pihole on either 80 or 443, then add a stream to pihole on port 53 udp/tcp. These services will be contained in the same virtual network named skynet and the only service being exposed directly is NPM. This is how I run all my services but once again I haven't tested this with pi-hole myself.

I agree with @jc21 https://github.com/jc21, I was able to get this working without doing much of anything special. I am running NPM and Pi-hole inside separate docker containers in the same ubuntu vm. I didn't need to set up a docker network or anything like that. My steps:

Create docker-compose.yml file for the Pi-hole, mapping container ports 53 and 67 to the same ports on the vm, and container 80 and 443 to the vm's 8082 and 8443 (since NPM's container is already using 80 and 443 of the vm).

I did also have to follow the steps here for modifying Ubuntu's systemd-resolved service https://github.com/pi-hole/docker-pi-hole/#installing-on-ubuntu since that was already listening on 53.

docker-compose up -d

At first I hadn't thought it through properly and so I initially set it up with the Pi-hole listening on 8053, and then I had a stream set up in NPM to direct incoming traffic on 53 to 8053, but that didn't work for me. I later realized there was no point to that; nothing else on my machine was listening on 53, so I adjusted my yml file to do that and it just started working (no need for a stream).

—
You are receiving this because you commented.
Reply to this email directly, view it on GitHub https://github.com/jc21/nginx-proxy-manager/issues/681#issuecomment-753522424, or unsubscribe https://github.com/notifications/unsubscribe-auth/AGI5CYVTROMMMKSVEBQ2BVLSX53HRANCNFSM4TE7UH3Q.

<!-- gh-comment-id:755838297 --> @johntdavis84 commented on GitHub (Jan 7, 2021): Thanks for this info. I’m working on getting this set up now. One thing that makes me hesitate a bit is this bit from the pihole/pihole docs: https://hub.docker.com/r/pihole/pihole “Port 443 is to provide a sinkhole for ads that use SSL. If only port 80 is used, then blocked HTTPS queries will fail to connect to port 443 and may cause long loading times. Rejecting 443 on your firewall can also serve this same purpose. Ubuntu firewall example: sudo ufw reject https" If we forward port 443 from inside the container to port 80443 outside the container, does it break the blocking of SSL ads? - JTD. > On Jan 2, 2021, at 1:58 PM, nimjor <notifications@github.com> wrote: > > > Wait hang on, I don't use pi-hole but from what I've read in their documentation it's just a DNS sinkhole with an optional VPN. As a DNS sinkhole, NPM does not conflict as it doesn't run a DNS server. There should not be an issue running them on the same machine. Pi-hole's web interface can run on any port, npm can proxy to it. Pi-hole's DNS server can run on the standard port 53 and NPM won't care. > > Then add a proxy host for pi-hole with hostname pihole on either 80 or 443, then add a stream to pihole on port 53 udp/tcp. These services will be contained in the same virtual network named skynet and the only service being exposed directly is NPM. This is how I run all my services but once again I haven't tested this with pi-hole myself. > > I agree with @jc21 <https://github.com/jc21>, I was able to get this working without doing much of anything special. I am running NPM and Pi-hole inside separate docker containers in the same ubuntu vm. I didn't need to set up a docker network or anything like that. My steps: > > Create docker-compose.yml file for the Pi-hole, mapping container ports 53 and 67 to the same ports on the vm, and container 80 and 443 to the vm's 8082 and 8443 (since NPM's container is already using 80 and 443 of the vm). > > I did also have to follow the steps here for modifying Ubuntu's systemd-resolved service <https://github.com/pi-hole/docker-pi-hole/#installing-on-ubuntu> since that was already listening on 53. > > docker-compose up -d > > At first I hadn't thought it through properly and so I initially set it up with the Pi-hole listening on 8053, and then I had a stream set up in NPM to direct incoming traffic on 53 to 8053, but that didn't work for me. I later realized there was no point to that; nothing else on my machine was listening on 53, so I adjusted my yml file to do that and it just started working (no need for a stream). > > — > You are receiving this because you commented. > Reply to this email directly, view it on GitHub <https://github.com/jc21/nginx-proxy-manager/issues/681#issuecomment-753522424>, or unsubscribe <https://github.com/notifications/unsubscribe-auth/AGI5CYVTROMMMKSVEBQ2BVLSX53HRANCNFSM4TE7UH3Q>. >

kerem commented 2026-02-26 06:33:29 +03:00

Author

Owner

Copy link

@anselal commented on GitHub (Jan 7, 2021):

@johntdavis84 from what you say, YES it will break the blocking of SSL ads. But this question is related to PiHole and not this repo. But a clearer answer please refer to PiHole.

<!-- gh-comment-id:756028818 --> @anselal commented on GitHub (Jan 7, 2021): @johntdavis84 from what you say, YES it will break the blocking of SSL ads. But this question is related to PiHole and not this repo. But a clearer answer please refer to PiHole.

kerem commented 2026-02-26 06:33:30 +03:00

Author

Owner

Copy link

@johntdavis84 commented on GitHub (Jan 7, 2021):

Thanks, Anastasios. I commented on this thread as I do consider getting NGINX Proxy Manager working with Pi-Hole to be on-topic for this thread. I wanted to clarify, since the first impression I got from reading this was that pihole was fully working with this configuration, but then I thought about it and realized doing it this way partially breaks Pi-Hole’s functionality.

This is definitely entirely a PiHole problem—and a DNS problem—and not an NGINX problem. Blocking SSL-enabled ads essentially requires making sure Pi-Hole has its own WAN-facing IP address on the host server, which is frankly ridiculous. I can do it, but it’s overcomplicated and degrades my network performance—at least if I want to keep IPv6 enabled.

		- JTD.

On Jan 7, 2021, at 4:27 AM, Anastasios Selalmazidis notifications@github.com wrote:

@johntdavis84 https://github.com/johntdavis84 from what you say, YES it will break the blocking of SSL ads. But this question is related to PiHole and not this repo. But a clearer answer please refer to PiHole.

—
You are receiving this because you were mentioned.
Reply to this email directly, view it on GitHub https://github.com/jc21/nginx-proxy-manager/issues/681#issuecomment-756028818, or unsubscribe https://github.com/notifications/unsubscribe-auth/AGI5CYW5DFXEQLUTPV6HJADSYWEAPANCNFSM4TE7UH3Q.

<!-- gh-comment-id:756273113 --> @johntdavis84 commented on GitHub (Jan 7, 2021): Thanks, Anastasios. I commented on this thread as I do consider getting NGINX Proxy Manager working with Pi-Hole to be on-topic for this thread. I wanted to clarify, since the first impression I got from reading this was that pihole was fully working with this configuration, but then I thought about it and realized doing it this way partially breaks Pi-Hole’s functionality. This is definitely entirely a PiHole problem—and a DNS problem—and not an NGINX problem. Blocking SSL-enabled ads essentially requires making sure Pi-Hole has its own WAN-facing IP address on the host server, which is frankly ridiculous. I can do it, but it’s overcomplicated and degrades my network performance—at least if I want to keep IPv6 enabled. - JTD. > On Jan 7, 2021, at 4:27 AM, Anastasios Selalmazidis <notifications@github.com> wrote: > > > @johntdavis84 <https://github.com/johntdavis84> from what you say, YES it will break the blocking of SSL ads. But this question is related to PiHole and not this repo. But a clearer answer please refer to PiHole. > > — > You are receiving this because you were mentioned. > Reply to this email directly, view it on GitHub <https://github.com/jc21/nginx-proxy-manager/issues/681#issuecomment-756028818>, or unsubscribe <https://github.com/notifications/unsubscribe-auth/AGI5CYW5DFXEQLUTPV6HJADSYWEAPANCNFSM4TE7UH3Q>. >

kerem commented 2026-02-26 06:33:30 +03:00

Author

Owner

Copy link

@anselal commented on GitHub (Jan 8, 2021):

@johntdavis84 also, when they mention port 443 I think they mean fro outgoing connection and not incoming, so you won't have a problem installing nginx-proxy-manager and pihole on the same machine.

<!-- gh-comment-id:756832511 --> @anselal commented on GitHub (Jan 8, 2021): @johntdavis84 also, when they mention port 443 I think they mean fro outgoing connection and not incoming, so you won't have a problem installing `nginx-proxy-manager` and `pihole` on the same machine.

kerem commented 2026-02-26 06:33:30 +03:00

Author

Owner

Copy link

@johntdavis84 commented on GitHub (Jan 8, 2021):

Good morning,

I can’t bring up pi-hole when NGINX Proxy Manager is running. I get an error that the container cannot bind to port 443. So, yes, Pi-Hole wants to listen on port 443—or otherwise seize it and not share it.

	- JTD.

On Jan 8, 2021, at 9:56 AM, Anastasios Selalmazidis notifications@github.com wrote:

@johntdavis84 https://github.com/johntdavis84 also, when they mention port 443 I think they mean fro outgoing connection and not incoming, so you won't have a problem installing nginx-proxy-manager and pihole on the same machine.

—
You are receiving this because you were mentioned.
Reply to this email directly, view it on GitHub https://github.com/jc21/nginx-proxy-manager/issues/681#issuecomment-756832511, or unsubscribe https://github.com/notifications/unsubscribe-auth/AGI5CYUITZEM2BPWMG5KPP3SY4TMHANCNFSM4TE7UH3Q.

<!-- gh-comment-id:756834573 --> @johntdavis84 commented on GitHub (Jan 8, 2021): Good morning, I can’t bring up pi-hole when NGINX Proxy Manager is running. I get an error that the container cannot bind to port 443. So, yes, Pi-Hole wants to listen on port 443—or otherwise seize it and not share it. - JTD. > On Jan 8, 2021, at 9:56 AM, Anastasios Selalmazidis <notifications@github.com> wrote: > > > @johntdavis84 <https://github.com/johntdavis84> also, when they mention port 443 I think they mean fro outgoing connection and not incoming, so you won't have a problem installing nginx-proxy-manager and pihole on the same machine. > > — > You are receiving this because you were mentioned. > Reply to this email directly, view it on GitHub <https://github.com/jc21/nginx-proxy-manager/issues/681#issuecomment-756832511>, or unsubscribe <https://github.com/notifications/unsubscribe-auth/AGI5CYUITZEM2BPWMG5KPP3SY4TMHANCNFSM4TE7UH3Q>. >

kerem commented 2026-02-26 06:33:30 +03:00

Author

Owner

Copy link

@BartAgterbosch commented on GitHub (May 29, 2022):

Wait hang on, I don't use pi-hole but from what I've read in their documentation it's just a DNS sinkhole with an optional VPN. As a DNS sinkhole, NPM does not conflict as it doesn't run a DNS server. There should not be an issue running them on the same machine. Pi-hole's web interface can run on any port, npm can proxy to it. Pi-hole's DNS server can run on the standard port 53 and NPM won't care.

Then add a proxy host for pi-hole with hostname pihole on either 80 or 443, then add a stream to pihole on port 53 udp/tcp. These services will be contained in the same virtual network named skynet and the only service being exposed directly is NPM. This is how I run all my services but once again I haven't tested this with pi-hole myself.

I agree with @jc21, I was able to get this working without doing much of anything special. I am running NPM and Pi-hole inside separate docker containers in the same ubuntu vm. I didn't need to set up a docker network or anything like that. My steps:

1. Create docker-compose.yml file for the Pi-hole, mapping container ports 53 and 67 to the same ports on the vm, and container 80 and 443 to the vm's 8082 and 8443 (since NPM's container is already using 80 and 443 of the vm).
2. I did also have to follow the steps here for modifying Ubuntu's systemd-resolved service since that was already listening on 53.
3. docker-compose up -d

At first I hadn't thought it through properly and so I initially set it up with the Pi-hole listening on 8053, and then I had a stream set up in NPM to direct incoming traffic on 53 to 8053, but that didn't work for me. I later realized there was no point to that; nothing else on my machine was listening on 53, so I adjusted my yml file to do that and it just started working (no need for a stream).

Oh man...! If only I had found your comment sooner...
Simply disabling DNSStubListener in resolved.conf did the trick, I've wasted so much time trying to figure out what or why something was conflicting on port 53 thinking it must've been npm somehow, I don't even know why I thought that, yet this could've saved me such headaches.
This should be stickied on the pihole docker page imo

Fyi: To anyone doing this, you can just edit /etc/systemd/resolved.conf and uncomment DNSStubListener, and change "yes" to "no", save the file, reboot the system, and start the pihole container listening on 53 udp and tcp, and just change the http port to something like 8989:80 or whatever, pihole only seems to need it for admin panel access, and just leave npm as is, listening on port 80 and 443

<!-- gh-comment-id:1140429542 --> @BartAgterbosch commented on GitHub (May 29, 2022): > > Wait hang on, I don't use pi-hole but from what I've read in their documentation it's just a DNS sinkhole with an optional VPN. As a DNS sinkhole, NPM does not conflict as it doesn't run a DNS server. There should not be an issue running them on the same machine. Pi-hole's web interface can run on any port, npm can proxy to it. Pi-hole's DNS server can run on the standard port 53 and NPM won't care. > > > Then add a proxy host for pi-hole with hostname `pihole` on either `80` or `443`, then add a stream to `pihole` on port `53` udp/tcp. These services will be contained in the same virtual network named `skynet` and the only service being exposed directly is NPM. This is how I run all my services but once again I haven't tested this with pi-hole myself. > > I agree with @jc21, I was able to get this working without doing much of anything special. I am running NPM and Pi-hole inside separate docker containers in the same ubuntu vm. I didn't need to set up a docker network or anything like that. My steps: > > 1. Create docker-compose.yml file for the Pi-hole, mapping container ports 53 and 67 to the same ports on the vm, and container 80 and 443 to the vm's 8082 and 8443 (since NPM's container is already using 80 and 443 of the vm). > 2. I did also have to follow the steps here for [modifying Ubuntu's systemd-resolved service](https://github.com/pi-hole/docker-pi-hole/#installing-on-ubuntu) since that was already listening on 53. > 3. docker-compose up -d > > At first I hadn't thought it through properly and so I initially set it up with the Pi-hole listening on 8053, and then I had a stream set up in NPM to direct incoming traffic on 53 to 8053, but that didn't work for me. I later realized there was no point to that; nothing else on my machine was listening on 53, so I adjusted my yml file to do that and it just started working (no need for a stream). Oh man...! If only I had found your comment sooner... Simply disabling DNSStubListener in resolved.conf did the trick, I've wasted so much time trying to figure out what or why something was conflicting on port 53 thinking it must've been npm somehow, I don't even know why I thought that, yet this could've saved me such headaches. This should be stickied on the pihole docker page imo Fyi: To anyone doing this, you can just edit /etc/systemd/resolved.conf and uncomment DNSStubListener, and change "yes" to "no", save the file, reboot the system, and start the pihole container listening on 53 udp and tcp, and just change the http port to something like 8989:80 or whatever, pihole only seems to need it for admin panel access, and just leave npm as is, listening on port 80 and 443

kerem commented 2026-02-26 06:33:30 +03:00

Author

Owner

Copy link

@idc77 commented on GitHub (Jan 28, 2025):

Seems like npm isn't able to forward ports <1024, despite having capabilities set or npm having privileged:true and/or capabilities set.

<!-- gh-comment-id:2618388891 --> @idc77 commented on GitHub (Jan 28, 2025): Seems like npm isn't able to forward ports <1024, despite having capabilities set or npm having privileged:true and/or capabilities set.

kerem commented 2026-02-26 06:33:30 +03:00

Author

Owner

Copy link

@theannihilator commented on GitHub (Aug 26, 2025):

I setup a docker container for npm and pi-hole with pi-hole webui running 88:81 and 445:443 because im a bit lazy i have dns setup to pihole. NPM is able to route all my websites properly with current setup.

<!-- gh-comment-id:3222345858 --> @theannihilator commented on GitHub (Aug 26, 2025): I setup a docker container for npm and pi-hole with pi-hole webui running 88:81 and 445:443 because im a bit lazy i have dns setup to pihole. NPM is able to route all my websites properly with current setup.

Sign in to join this conversation.

No Branch/Tag specified

Branches Tags

develop

dependabot/npm_and_yarn/backend/liquidjs-10.25.7

dependabot/npm_and_yarn/frontend/prod-minor-updates-2a16bf3987

dependabot/npm_and_yarn/frontend/dev-patch-updates-754666cf41

dependabot/npm_and_yarn/backend/basic-ftp-5.3.0

dependabot/npm_and_yarn/test/follow-redirects-1.16.0

dependabot/npm_and_yarn/test/axios-1.15.0

dependabot/npm_and_yarn/frontend/lodash-4.18.1

dependabot/npm_and_yarn/backend/lodash-4.18.1

dependabot/npm_and_yarn/test/lodash-4.18.1

dependabot/npm_and_yarn/frontend/vite-7.3.2

dependabot/npm_and_yarn/backend/prod-minor-updates-5ec19a7f21

dependabot/npm_and_yarn/frontend/lodash-es-4.18.1

dependabot/npm_and_yarn/frontend/happy-dom-20.8.9

dependabot/npm_and_yarn/backend/path-to-regexp-8.4.0

dependabot/npm_and_yarn/frontend/picomatch-4.0.4

dependabot/npm_and_yarn/backend/picomatch-2.3.2

dependabot/npm_and_yarn/frontend/yaml-1.10.3

dependabot/npm_and_yarn/test/flatted-3.4.2

dependabot/npm_and_yarn/test/tar-7.5.11

dependabot/npm_and_yarn/frontend/immutable-5.1.5

master

dependabot/npm_and_yarn/test/glob-10.5.0

dependabot/npm_and_yarn/frontend/mdast-util-to-hast-13.2.1

dependabot/npm_and_yarn/test/form-data-4.0.4

v3-abandoned

bump-freedns

openidc

ssl-passthrough-hosts

static-content

v2.14.0

v2.13.7

v2.13.6

v2.13.5

v2.13.4

v2.13.3

v2.13.2

v2.13.1

v2.13.0

v2.12.6

v2.12.5

v2.12.4

v2.12.3

v2.12.2

v2.12.1

v2.12.0

v2.11.3

v2.11.2

v2.11.1

v2.11.0

v2.10.4

v2.10.3

v2.10.2

v2.10.1

v2.10.0

v2.9.22

v2.9.21

v2.9.20

v2.9.19

v2.9.18

v2.9.17

v2.9.16

v2.9.15

v2.9.14

v2.9.13

v2.9.12

v2.9.11

v2.9.10

v2.9.9

v2.9.8

v2.9.7

v2.9.6

v2.9.5

v2.9.4

v2.9.3

v2.9.2

v2.9.1

v2.9.0

v2.8.1

v2.8.0

v2.7.3

v2.7.2

v2.7.1

v2.7.0

v2.6.2

v2.6.1

v2.6.0

v2.5.0

v2.4.0

v2.3.1

v2.3.0

v2.2.4

v2.2.3

v2.2.2

v2.2.1

v2.2.0

v2.1.2

v2.1.1

v2.1.0

2.0.14

2.0.13

2.0.12

2.0.11

2.0.10

2.0.9

2.0.8

2.0.7

2.0.6

2.0.5

2.0.4

2.0.3

2.0.2

2.0.0

v2.0.0

1.1.2

1.1.1

1.0.1

Labels

Clear labels   

awaiting feedback

  

bug

  

cannot reproduce

  

dns provider request

  

duplicate

  

enhancement

  

enhancement

  

enhancement

  

good first issue

  

help wanted

  

invalid

  

need more info

  

no certbot plugin available

  

product-support

  

pull-request

Mirrored from GitHub Pull Request

  

question

  

stale

  

troll

  

upstream issue

  

v2

  

v2

  

v2

  

v3

  

wontfix

No labels

awaiting feedback

bug

cannot reproduce

dns provider request

duplicate

enhancement

enhancement

enhancement

good first issue

help wanted

invalid

need more info

no certbot plugin available

product-support

pull-request

question

stale

troll

upstream issue

v2

v2

v2

v3

wontfix

Milestone

Clear milestone

No items

No milestone

Projects

Clear projects

No items

No project

Assignees

Clear assignees

No assignees

1 participant

Notifications

Subscribe

Due date

The due date is invalid or out of range. Please use the format "yyyy-mm-dd".

No due date set.

Dependencies

No dependencies set.

Reference

starred/nginx-proxy-manager-NginxProxyManager#576

No description provided.