Kopernikus

Hi, I got: /mnt/user/appdata/Nginx-Proxy-Manager-Official: total 0 drwxrwxrwx 1 root root 37 Sep 8 11:46 ./ drwxrwxrwx 1 nobody users 42 Sep 8 11:46 ../ drwxrwxrwx 1 nobody users 120 Sep 8 15:11 data/ drwxrwxrwx 1 nobody users 27 Sep 8 15:11 letsencrypt/ /mnt/user/appdata/Nginx-Proxy-Manager-Official/data: total 104 drwxrwxrwx 1 nobody users 120 Sep 8 15:11 ./ drwxrwxrwx 1 root root 37 Sep 8 11:46 ../ drwxr-xr-x 1 root root 6 Sep 8 11:47 access/ drwxr-xr-x 1 root root 19 Sep 8 13:07 custom_ssl/ -rw-r--r-- 1 root root 106496 Sep 8 15:11 database.sqlite drwxr-xr-x 1 root root 6 Sep 8 11:47 letsencrypt-acme-challenge/ drwxr-xr-x 1 root root 6 Sep 8 11:47 logs/ drwxr-xr-x 1 root root 171 Sep 8 11:47 nginx/ /mnt/user/appdata/Nginx-Proxy-Manager-Official/letsencrypt: total 0 drwxrwxrwx 1 nobody users 27 Sep 8 15:11 ./ drwxrwxrwx 1 root root 37 Sep 8 11:46 ../ drwxr-xr-x 1 root root 43 Sep 8 11:47 renewal-hooks/ and: total 0 drwxrwxrwx 4 root root 80 Sep 3 16:55 ./ drwxrwxrwt 16 root root 340 Sep 8 12:07 ../ drwxrwxrwx 3 root root 60 Sep 3 16:55 data/ drwxrwxrwx 3 root root 60 Sep 3 16:55 var/ /tmp/nginx-proxy-manager/data: total 0 drwxrwxrwx 3 root root 60 Sep 3 16:55 ./ drwxrwxrwx 4 root root 80 Sep 3 16:55 ../ drwxrwxrwx 2 root root 300 Sep 8 08:59 logs/ /tmp/nginx-proxy-manager/var: total 0 drwxrwxrwx 3 root root 60 Sep 3 16:55 ./ drwxrwxrwx 4 root root 80 Sep 3 16:55 ../ drwxrwxrwx 4 nobody users 80 Sep 3 16:56 log/ I haven't restored any backups, it's on a fresh install.

Hi, I got the same error, did you fix it?

Hi, If I look into the log I get this error: [9/8/2021] [11:47:25 AM] [Setup ] › ⚠ warning Error: Command failed: logrotate /etc/logrotate.d/nginx-proxy-manager error: skipping "/data/logs/fallback_access.log" because parent directory has insecure permissions (It's world writable or writable by group which is not "root") Set "su" directive in config file to tell logrotate which user/group should be used for rotation. error: skipping "/data/logs/letsencrypt-requests_access.log" because parent directory has insecure permissions (It's world writable or writable by group which is not "root") Set "su" directive in config file to tell logrotate which user/group should be used for rotation. error: skipping "/data/logs/proxy-host-1_access.log" because parent directory has insecure permissions (It's world writable or writable by group which is not "root") Set "su" directive in config file to tell logrotate which user/group should be used for rotation. error: skipping "/data/logs/proxy-host-2_access.log" because parent directory has insecure permissions (It's world writable or writable by group which is not "root") Set "su" directive in config file to tell logrotate which user/group should be used for rotation. error: skipping "/data/logs/proxy-host-3_access.log" because parent directory has insecure permissions (It's world writable or writable by group which is not "root") Set "su" directive in config file to tell logrotate which user/group should be used for rotation. error: skipping "/data/logs/proxy-host-4_access.log" because parent directory has insecure permissions (It's world writable or writable by group which is not "root") Set "su" directive in config file to tell logrotate which user/group should be used for rotation. error: skipping "/data/logs/fallback_error.log" because parent directory has insecure permissions (It's world writable or writable by group which is not "root") Set "su" directive in config file to tell logrotate which user/group should be used for rotation. error: skipping "/data/logs/letsencrypt-requests_error.log" because parent directory has insecure permissions (It's world writable or writable by group which is not "root") Set "su" directive in config file to tell logrotate which user/group should be used for rotation. error: skipping "/data/logs/proxy-host-1_error.log" because parent directory has insecure permissions (It's world writable or writable by group which is not "root") Set "su" directive in config file to tell logrotate which user/group should be used for rotation. error: skipping "/data/logs/proxy-host-2_error.log" because parent directory has insecure permissions (It's world writable or writable by group which is not "root") Set "su" directive in config file to tell logrotate which user/group should be used for rotation. error: skipping "/data/logs/proxy-host-3_error.log" because parent directory has insecure permissions (It's world writable or writable by group which is not "root") Set "su" directive in config file to tell logrotate which user/group should be used for rotation. error: skipping "/data/logs/proxy-host-4_error.log" because parent directory has insecure permissions (It's world writable or writable by group which is not "root") Set "su" directive in config file to tell logrotate which user/group should be used for rotation. How can I fix this?

Hi, I'm running most of my containers/VM's with macvlan on a seperate VLAN, all working fine. However as we all now port mappings are ingnored, so the port mappings showed by the docker manager are not always correct according to my setup. Now I was wondering if there was a way to edit the docker file, so it shows the correct ports, this would be usefull to me so I see what ports I have used for that particular container. Thx

Hi, When I setup a proxy host does it make a difference in sucurity when the endpoint is also https? For example https://emby.example.com --> http://emby.example.com or https://emby.example.com (with installed certificate). Thx

Hi, According the Limetech best practice was not to set a public reverse proxy to Unraid WebUI. However with the My Servers plugin you do the same? What was changed that makes it now secure?

Hi, Yes, I tested Jellyfin & Emby stable/beta docker containers and iGPU working perfect with my 11700 (including HDR tonemapping) who was still not fixed in Plex. I used Plex for many years but I will switch now deciding between the free Jellyfin or Emby.

Hi, My Unraid build is ready. Gigabyte Z590M with an Intel 11700 and 32GB RAM 6X 8TB WED Red Plus 2X 970EVO 1GB PCIE SSD 1X PCI ethernet 1GBps (for dual lan bond) Now I saw a promo for Gigabyte W480 motherboard This one has 8 SATA an already dual lan on board. Since I can still swap now, wouldn't this be better? If so, do I keep the 11700 cpu or better take a 10700? According to the specs, a 11700 should also work on it, but will it have the same performance?

Hi, Recently started with Unraid and already running some docker containers, but I was wondering about the docker networks? I now I can run them as host, bridge, custom bridge and macvlan/ipvlan (optional on seperate interface/VLAN) Ideal I would create a seperate VLAN for all my dockers, so they all have their own IP and because of the VLAN they can also talk to the host if needed, but I read on the forum this can cause crashes, is this true? So what would be the best practice?

Hi, Just installed Jellyfin and I must confirm no problems at all with my 11700 with IGPU on Unraid. Also clean interface and free... maybe worth swithing

Hi, Also have an Intel 11700 and no hardware acceleration on Plex... Hope this get fixed soon... or maybe try Jellyfin

Yes, that's what I want, but due the bug in RC1 my certificate gets overwritten by the self-signed certifcate that Unraid creates.

What's the advantage of using ipvlan over macvlan?

It works like you discribe if I access it outside my network. But local: https://npm.example.com resolves to unraidIP:443 is doens't now it has to go to 8443 to reach nginx So I need to change the ports of Unraid of use a seperate IP for nginx Or is their a better solution?

Hi, I got it working (remote) however, if I want to access https://npm.example.com locally then I need to set the docker to a custom ip and not bridge because otherwise my unraid webui opens instead of npm. I could ofcourse set npm to listen to port 443 but then I would need to change the Unraid WebUI to another port. What would be best practice?

Changed Status to Open Changed Priority to Urgent

Yes, same here, when starting nginx or rebooting server a self-signed SSL is generated overwriting my custom ssl. It seem a bug in 6.10.0-rc1, however to suggested workaround does not work for me: See: DId you fix it?

Hi, Is there a way to use my custom wilcard certificate for my domain and the remote access feature of the MyServersPlugin? Thx

Hi, So like this: # regenerate self-signed cert if local TLD changes */ if [[ -f $SSL/certs/${LANNAME}_unraid_bundle.pem ]]; then SUBJECT=$(openssl x509 -noout -subject -nameopt multiline -in $SSL/certs/${LANNAME}_unraid_b> SUBJECT=${SUBJECT/\*/$LANNAME} # support wildcard certs [[ $SUBJECT != $LANFQDN ]] && rm -f $SSL/certs/${LANNAME}_unraid_bundle.pem fi Update: Did all steps and the change is now "permanent", however my servername_unraid_bundle.pem is still recreated whenever nginx is starting and overwriting my custom servername_unraid_bundle.pem

Hi, I must be doing something wrong... So I edit /etc/rc.d/rc.nginx from the terminal, adding the extra line. Put my wilcard cert Then /etc/rc.d/rc.nginx restart but nginx says gracefull shutdown but doesn't restart After a reboot the extra line in /etc/rc.d/rc.nginx is disapeared

Thx for the fast reply. I won't be using IPv6 so I can use custom Bridge in this case. My wildcard uses DNS based/manual verification, so then I'll only use port 443. I have two more questions: Is there any advantage of using MariaDB instead of the default SQLite? Is there a way to access the WebUI of NPM with https? Thx!

Hi, I'm new to Unraid, but already have some experience with nginx on my Synology NAS. So I have a few questions about this docker container: - Whats the difference between this docker container and the one from "jc21"? - In your docker the network is set to bridge but in the "jc21" docker it's set to custom br0, what's the reason for this? - I have my own wildcard certificate so I won't be using Letsencrypt, so I have no plans of using http, only https, will the docker work if I only forwared port 443 to this docker container? Thx and keep up the good work 😀

Hi, I'm new to Unraid, but already have some experience with nginx on my Synology NAS. So I have a few questions about this docker container: - Whats the difference between this docker container and the one from "jlesage" (where most tutorials refer to)? - In your docker the network is set to custom br0 but in the "jelesage" docker it's set to default bridge network, what's the reason for this? - I have my own wildcard certificate so I won't be using Letsencrypt, so I have no plans of using http, only https, will the docker work if I only forwared port 443 to this docker container? Thx and keep up the good work 😀

Indeed, I am running Unraid 6.10 rc1, the risk of running beta/rc....