I posted an edit to the post on how I i solved it. Your feedback was helpful in the solution!

I think so. One issue i ran in to is that trying to go anywhere would land on the ui page. If I put npm on ports 80/443, then the UI needs to be elsewhere so I can access it. It shouldn’t be too hard, I hope

Hmm, i may have to get my admin ui’s off of ports 80/443 and port forward with NPM on those ports instead. The reason I was using nginx on the router was so the server could keep the UI on the normal ports and Nginx elsewhere.

I think then I could remove the router Nginx entries and add the DNS rewrite

There’s an idea. I may play with it tomorrow.bill be back on the road, so I’m not keen on doing too much when I can’t fix it haha. But right now the router is DNS, so when I did traceroute there was only one stop. But it was the SSL termination that got me. I might be able to download the stream module for Nginx. I think if I wanted to be optimal I may have to totally restructure that part…

Edit: thank you for the feedback, you’ve given me something to think about

You got me on to something. It looks like Nginx can be configured for tls passthrough https://serversforhackers.com/c/tcp-load-balancing-with-nginx-ssl-pass-thru

I think you might be right on that. I was originally not wanting to do any port forwarding on the router, but I may have to

So even if I remove the SSL cert lines from the router Nginx config, it seems to be applying the router’s SSL certificate. I commented out some lines to use a certificate for my root domain, but I’d rather NPM handle that, which doesn’t seem to be happening.