This is an old revision of the document!
Mesh Central in Docker behind NGINX Proxy Manager Reverse Proxy
- What is Nginx Proxy Manager (also known as NPM): https://nginxproxymanager.com/
- What is Mesh Central: https://meshcentral.com/info/
Deploying container
- We will be using an unofficial, but as of writing this article still maintained and community approved, Docker version of Mesh Central
- I will be using Portainer in this guide, but you can use manual Docker Compose if you wish
- Here is an example of my docker-compose.yml file
version: '3' networks: reverse_proxy: external: true volumes: data: files: services: mongodb: container_name: meshcentral_db restart: always image: mongo:latest expose: - 27017 volumes: - '/docker/containers/meshcentral/database:/data/db' networks: - reverse_proxy meshcentral: restart: always container_name: meshcentral depends_on: - 'mongodb' image: typhonragewind/meshcentral:mongodb-latest ports: - 8786:443 #MeshCentral will moan and try everything not to use port 80, but you can also use it if you so desire, just change the config.json according to your needs environment: - HOSTNAME=meshcentral.laptopwiki.eu #your hostname - REVERSE_PROXY=nginx-proxy-manager #set to your reverse proxy IP if you want to put meshcentral behind a reverse proxy - REVERSE_PROXY_TLS_PORT=443 #internal https port, only change if you don't use 443 for your incoming HTTPS for some reason - IFRAME=false #set to true if you wish to enable iframe support - ALLOW_NEW_ACCOUNTS=false #set to false if you want disable self-service creation of new accounts besides the first (admin) - WEBRTC=false #set to true to enable WebRTC - per documentation it is not offically released with meshcentral, but is solid enough to work with. Use with caution - NODE_ENV=production - TZ=Europe/Prague volumes: - data:/opt/meshcentral/meshcentral-data - files:/opt/meshcentral/meshcentral-files networks: - reverse_proxy
- In this, Mesh Central will use a MongoDB instance to store everything, instead of SQLite
- You must change:
- Network name to match what your NPM is using, in my case that name is “reverse_proxy”
- HOSTNAME - set your public FQDN
- REVERSE_PROXY - here put
- IP address of your NGINX Proxy Manager if it is on a different server than where Mesh Central will live
- internal docker Hostname if on the same Docker network ← My setup, “nginx-proxy-manager” is the Docker hostname. DO NOT USE DOCKER NETWORK IP ADDRESSES, they aren't static
- You can change
- TZ - timezone, so your logs have proper timestamps, follows standardized naming https://en.wikipedia.org/wiki/List_of_tz_database_time_zones
- For example, TZ=Europe/Prague, TZ=America/New_York, TZ=Australia/Sydney
- Storage mounts (I had issues with MeshCentral Volume paths, so that is why I'm using volumes)
- ALLOW_NEW_ACCOUNTS=false, setting true would allow users to register
With FALSE on first start you can create an account, that will be your admin, after that registrations get disabled