Setup NetLock RMM on Docker Behind Reverse Proxy

May 25, 2025 admin
0 Comment
Uncategorized
Print Friendly, PDF & Email

Since I had to do this a few times to get everything working, and then forgot my admin password during the process, I thought I would document what I had to do to get it working.  But default, NetLock RMM is designed to talk directly to Let’s Encrypt for a cert.  But, because I have a bunch of servers running on the same public IP, I’m using a reverse proxy

  1. Install NetLock RMM
    1.  

5. During the install process, do the following:

    1. ./docker-compose-quick-setup.sh

4. Follow the directions to get the .sh file here: NetLock RMM Docker Install

1. After installing Ubuntu Server minimal, update/upgrade it to the latest version and add the tools I like

apt-get update

apt-get upgrade -y

apt-get install docker.io vim iputils-ping -y

2. Install Portainer (not needed, but I like the GUI)

docker volume create portainer_data

docker run -d -p 8000:8000 -p 9443:9443 –name portainer \

–restart=always \

-v /var/run/docker.sock:/var/run/docker.sock \

-v portainer_data:/data \

portainer/portainer-ce:2.9.3

 

3. “Install” Docker Compose

curl -SL https://github.com/docker/compose/releases/download/v2.36.2/docker-compose-linux-x86_64 -o /usr/local/lib/docker/cli-plugins/docker-compose

chmod +x /usr/local/lib/docker/cli-plugins/docker-compose

 

4. Start installing NetLock RMM

Follow the directions to get the .sh file here: NetLock RMM Docker Install

During the installation process, do the following:

domain: Enter the FQDN you used in your reverse proxy

leaven ports the default, but if you changed them in your reverse proxy, use those ports

Email for Let’s Encrypt: leave it blank

cert password: blank

Start NetLock Now? open another terminal, we are going to edit some files first, this is the most important part!

In this example, I am only going to be using http and port 80.  My reverse proxy is making the secure connection, so I don’t need the internal https to be setup.

vi /home/netlock/server/appsettings.json

In the Https section, I am going to set “Enabled” to false

In the LettuceEncrypt section, I am going to set “Enabled” to false

Do the same for the web_console

vi /home/netlock/web_console/appsettings.json

set the same sections to false.

Go back to the installation script and enter y

For me, the web_console would attempt to start faster than the mysql container, so after checking the mysql_container logs and seeing it started, I would restart the web_console container and watch it’s logs.  Once all the containers are happy, go to https://your-fqdn and you should see the login.  The rest of the setup process (like getting/adding your member api, follow the NetLock RMM Setup Guide)

Uncategorized

Comments are closed.