NginxProxyManager
v12.6 to v13.1 Mysql access issue
Checklist
- Have you pulled and found the error with
jc21/nginx-proxy-manager:latestdocker image?- Yes
- Are you sure you're not using someone else's docker image?
- Yes
- Have you searched for similar issues (both open and closed)?
- Yes
Describe the bug
After doing 3+ intances of this same upgrade without issue I did this last one by doing a docker upgrade as well (from v28.2.2 to v28.5.2).
Regardless, when starting up after a fresh upgrade I get this repeatedly:
[11/9/2025] [12:04:48 AM] [Global ] › ✖ error Startup Error: Access denied for user 'nginxProxyManagerUser'@'nginx-proxy-manager.hosted06_default' (using password: YES) Error: Access denied for user 'nginxProxyManagerUser'@'nginx-proxy-manager.hosted06_default' (using password: YES)
at Packet.asError (/app/node_modules/mysql2/lib/packets/packet.js:740:17)
at ClientHandshake.execute (/app/node_modules/mysql2/lib/commands/command.js:29:26)
at Connection.handlePacket (/app/node_modules/mysql2/lib/base/connection.js:477:34)
at PacketParser.onPacket (/app/node_modules/mysql2/lib/base/connection.js:93:12)
at PacketParser.executeStart (/app/node_modules/mysql2/lib/packet_parser.js:75:16)
at Socket.<anonymous> (/app/node_modules/mysql2/lib/base/connection.js:100:25)
at Socket.emit (node:events:519:28)
at addChunk (node:internal/streams/readable:561:12)
at readableAddChunkPushByteMode (node:internal/streams/readable:512:3)
at Readable.push (node:internal/streams/readable:392:5) {
code: 'ER_ACCESS_DENIED_ERROR',
errno: 1045,
sqlState: '28000',
sqlMessage: "Access denied for user 'nginxProxyManagerUser'@'nginx-proxy-manager.hosted06_default' (using password: YES)",
sql: undefined
}
Relevant section of my compose file:
nginx-proxy-manager:
container_name: nginx-proxy-manager
image: jc21/nginx-proxy-manager:latest
restart: unless-stopped
environment:
- TZ=Europe/London
- PUID=1007
- PGID=1007
- DB_MYSQL_HOST=mariadb
- DB_MYSQL_PORT=3306
- DB_MYSQL_USER=nginxProxyManagerUser
- DB_MYSQL_PASSWORD=nginxProxyManagerPassword
- DB_MYSQL_NAME=nginx_proxy_manager
- DISABLE_IPV6=true
ports:
- 80:80
- 443:443
- 127.0.0.1:82:81
volumes:
# Make sure this config.json file exists as per instructions above:
- /docker/nginx-proxy-manager/config/config.json:/app/config/production.json
- /docker/nginx-proxy-manager/config:/config # only for files.htaccess for now but why not
- /docker/nginx-proxy-manager/data:/data
- /docker/nginx-proxy-manager/letsencrypt:/etc/letsencrypt
depends_on:
- mariadb
mariadb:
container_name: mariadb
image: lscr.io/linuxserver/mariadb:latest
restart: unless-stopped
environment:
- TZ=Europe/London
- NOTUSED_MYSQL_ROOT_PASSWORD=npm
- NOTUSED_MYSQL_DATABASE=npm
- NOTUSED_MYSQL_USER=npm
- NOTUSED_MYSQL_PASSWORD=npm
volumes:
- /docker/mariadb/config:/config
ports:
- 127.0.0.1:3306:3306
Nginx Proxy Manager Version
v13.1
To Reproduce
I installed a mysql client on the nginx-proxy-manager container and can access things ok:
[root@docker-76707f145fa1:/app]# mysql -h $DB_MYSQL_HOST -u $DB_MYSQL_USER -p$DB_MYSQL_PASSWORD -D $DB_MYSQL_NAME
Reading table information for completion of table and column names
You can turn off this feature to get a quicker startup with -A
Welcome to the MariaDB monitor. Commands end with ; or \g.
Your MariaDB connection id is 1208
Server version: 10.11.6-MariaDB-log Alpine Linux
Copyright (c) 2000, 2018, Oracle, MariaDB Corporation Ab and others.
Type 'help;' or '\h' for help. Type '\c' to clear the current input statement.
MariaDB [nginx_proxy_manager]> show tables;
+-------------------------------+
| Tables_in_nginx_proxy_manager |
+-------------------------------+
| access_list |
| access_list_auth |
| access_list_client |
| audit_log |
| auth |
| certificate |
| dead_host |
| migrations |
| migrations_lock |
| proxy_host |
| redirection_host |
| setting |
| stream |
| user |
| user_permission |
+-------------------------------+
15 rows in set (0.003 sec)
MariaDB [nginx_proxy_manager]> quit
Bye
[root@docker-76707f145fa1:/app]# echo $DB_MYSQL_NAME
nginx_proxy_manager
However found it curious that the container stdout logs show $DB_MYSQL_NAME.$HOSTNAME_default (which is the default docker network name), so tried this and it fails - unsure where it might matter within nginx-proxy-manager though:
[root@docker-76707f145fa1:/app]# mysql -h $DB_MYSQL_HOST -u $DB_MYSQL_USER -p$DB_MYSQL_PASSWORD -D $DB_MYSQL_NAME.hosted06_default
ERROR 1044 (42000): Access denied for user 'nginxProxyManagerUser'@'%' to database 'nginx_proxy_manager.hosted06_default'
As this is my last instance I'm sure it's just the docker upgrade that might have broken it, however I'm still confused where the $HOSTNAME is being picked up and where it is used within nginx-proxy-manager in the configuration above so I can get things up and working again.
Expected behavior
No database errors
Possibly the same for me. I went from 12.6 to 13.2 and got just the new user setup screen and all my hosts were gone. Reverted back from backup.
It's strange because no changes were made to the database and it should work. I couldn't reproduce it during the beta because I always used my production system to test the beta strings.
Are all the databases available? Could the ports be interfering with each other if there is more than one database in Docker? I have a global database (DB server) to supply all containers located in Docker.
Possibly the same for me. I went from 12.6 to 13.2 and got just the new user setup screen and all my hosts were gone. Reverted back from backup.
I don’t know what happened with me. A few hours later I decided to try again to get more logging data to look at and this time the upgrade worked. The only thing I did differently was I did it with docker on the command line instead of using Portainer. I know sometimes with major changes and docker Portainer can have issues, perhaps that was it.
I too am unable to reproduce this problem. The dev stack uses mariadb, my production instances use sqlite. CI runs all the tests 3 times, once in each database stack.
Just for fun I reverted to v2.12.6 (without touching the database) and it's working like a charm, upgrading to v2.13.3 again shows the same errors. This mariadb instance is not used by anything else, and I'm confused why the manual CLI test of SQL is working fine for me, I'm just unsure WHERE v2.13.* is getting the docker default network name from and adding it to the SQL connect string?
code: 'ER_ACCESS_DENIED_ERROR',
errno: 1045,
sqlState: '28000',
sqlMessage: "Access denied for user 'nginxProxyManagerUser'@'nginx-proxy-manager.hosted06_default' (using password: YES)",
sql: undefined
I had to remove the following line under Volumes:
config.json:/app/config/production.json
After that, it worked again with the new version. It seems this line was still left over from a very old configuration.
- /docker/nginx-proxy-manager/config/config.json:/app/config/production.json
You also have this line. Remove it or comment it out.
- /docker/nginx-proxy-manager/config/config.json:/app/config/production.json
You also have this line. Remove it or comment it out.
Perfect thanks - for the record removing it still ensures it gets read by something old so had to remove/rename it but all good now!
I had to remove the following line under Volumes:
config.json:/app/config/production.jsonAfter that, it worked again with the new version. It seems this line was still left over from a very old configuration.
that solved it for me too, thanks!
