impulsivefps
/
homarr-dashboard
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
homarr-dashboard/REMOTE_NPM.md

158 lines
3.5 KiB
Markdown
Raw Blame History

# 🌐 Remote NPM Configuration Guide
Your NPM is on a different machine. Here are your options:
## Option 1: NPM → Host IP (Recommended)
Since ports are exposed on the host, configure NPM to proxy to this machine's IP.
### Step 1: Find This Machine's IP
```bash
# On the Homarr machine
ip addr show | grep "inet " | head -5
# or
hostname -I
```
Example: `192.168.1.50`
### Step 2: Configure NPM
In your NPM (on the other machine), add these Proxy Hosts:
#### Dashboard (Homarr)
| Setting | Value |
|---------|-------|
| Domain Names | `dashboard.lemonlink.eu` |
| Scheme | `http` |
| Forward Hostname/IP | `192.168.1.50` (Homarr machine IP) |
| Forward Port | `7575` |
| Cache Assets | ✅ |
| Block Common Exploits | ✅ |
#### System Monitor (Dash.)
| Setting | Value |
|---------|-------|
| Domain Names | `system.lemonlink.eu` |
| Scheme | `http` |
| Forward Hostname/IP | `192.168.1.50` (Homarr machine IP) |
| Forward Port | `3001` |
**SSL Tab:** Request SSL certificate, Force SSL ✅
### Step 3: Firewall
Ensure the Homarr machine allows connections from NPM machine:
```bash
# On Homarr machine (if using UFW)
sudo ufw allow from NPM_MACHINE_IP to any port 7575
sudo ufw allow from NPM_MACHINE_IP to any port 3001
# Or allow from local network
sudo ufw allow from 192.168.1.0/24 to any port 7575
sudo ufw allow from 192.168.1.0/24 to any port 3001
```
---
## Option 2: Cloudflare Tunnel (No NPM Needed)
If you don't want to use NPM at all, use Cloudflare Tunnel:
### Step 1: Create Tunnel in Cloudflare
1. Go to [Cloudflare Zero Trust](https://one.dash.cloudflare.com)
2. Access → Tunnels → Create Tunnel
3. Choose **Cloudflared**
4. Name: `homarr-tunnel`
5. Copy the **token** (looks like: `eyJh...`)
### Step 2: Configure Stack
Edit `portainer-stack.yml`:
1. Uncomment the `cloudflared` service section
2. Add tunnel token to environment variables
### Step 3: Add Public Hostnames
In Cloudflare dashboard, add:
| Public Hostname | Service |
|-----------------|---------|
| `dashboard.lemonlink.eu` | `http://homarr:7575` |
| `system.lemonlink.eu` | `http://dash:3001` |
---
## Option 3: Tailscale/WireGuard Mesh
If both machines are on Tailscale:
1. Find Homarr machine's Tailscale IP: `tailscale ip -4`
2. Use that IP in NPM instead of LAN IP
3. More secure - encrypted tunnel
---
## 🔒 Security Considerations
### With Remote NPM
- Use firewall rules to restrict port access
- Consider VPN/Tailscale between machines
- Don't expose ports 7575/3001 to internet directly
### Recommended: Bind to Specific Interface
If you want to be extra secure, edit `portainer-stack.yml`:
```yaml
ports:
- '127.0.0.1:7575:7575' # Only localhost (need reverse proxy on same machine)
# OR
- '10.0.0.5:7575:7575' # Bind to specific internal IP only
```
---
## ✅ Checklist
- [ ] Find Homarr machine IP
- [ ] Add Proxy Hosts in NPM
- [ ] Configure firewall rules
- [ ] Test access via domain
- [ ] Enable SSL certificates
---
## 🆘 Troubleshooting
### Connection refused from NPM
```bash
# On Homarr machine, check if ports are listening
ss -tlnp | grep -E '7575|3001'
# Check if binding to all interfaces or just localhost
docker inspect homarr | grep -A 5 "Ports"
```
### Firewall blocking
```bash
# Check UFW status
sudo ufw status verbose
# Check iptables
sudo iptables -L -n | grep 7575
```
### Wrong IP in NPM
Make sure you're using the IP that's reachable from the NPM machine:
- Same LAN: Use local IP (192.168.x.x)
- Different networks: Use Tailscale IP or VPN IP
Reference in New Issue View Git Blame Copy Permalink