February 12, 20215 yr I'm running an NGINX proxy in a docker container (swag from Linuxserver.io) with a wildcard cert for my local LAN domain available. I want to be able to access the UnRAID web GUI through HTTPS without getting that pesky "Woah this is a self signed cert, are you sure you want to do this??" error message every time I open the page. My container is running a static IP 192.168.1.254 and my UnRAID is using ip 192.168.1.4 which is also static. When trying to connect I get a 502 Bad Gateway error in my browser and the NGINX logs show that the host in unreachable: 2021/02/12 10:45:42 [error] 472#472: *1 connect() failed (113: Host is unreachable) while connecting to upstream, client: 192.168.1.10, server: unraid.example.com, request: "GET / HTTP/2.0", upstream: "http://192.168.1.4:80/", host: "unraid.example.com" My NGINX config looks like so: ## Version 2020-02-12 server { listen 443 ssl http2; listen [::]:443 ssl http2; allow 192.168.0.0/16; allow 10.0.0.0/8; allow 172.16.0.0/12; deny all; server_name unraid.example.com; include /config/nginx/ssl.conf; location / { include /config/nginx/proxy.conf; proxy_pass http://192.168.1.4:80; } error_page 403 =301 https://www.example.com/404.html; } I think it may be an issue with the default route table, but I have no idea what I should change here:
February 15, 20215 yr i´ll hope you got a answer this because it would also solve my issue... but when you find the solution yourself, it would be nice when you post it here
February 15, 20215 yr A container running on br0 (ie: a separate IP address) does not have access to the host by design. It's on a totally separate network. Why not run nginx on the bridge network?
February 16, 20215 yr Author On 2/15/2021 at 7:35 AM, Squid said: A container running on br0 (ie: a separate IP address) does not have access to the host by design. It's on a totally separate network. Why not run nginx on the bridge network? I'm running on br0 because I want each of the containers to have a separate IP address that I specify. There are multiple containers running web servers on port 80, so it wouldn't be even possible to have them all running without separate IP's. I don't understand why containers running on br0 are blocked from accessing the host IP, there should be no reason as to why I can't allow that network traffic to just be routed from that virtual bridge to the router and back to the Unraid IP.
February 16, 20215 yr 1 hour ago, CorruptComputer said: I don't understand why containers running on br0 are blocked from accessing the host IP This is an intentional design decision by Docker and is the default for unRAID. However, have you tried enabling host access to custom networks in Docker Settings?
February 16, 20215 yr Author 57 minutes ago, Hoopster said: However, have you tried enabling host access to custom networks in Docker Settings? This fixed it, thanks!
June 2, 20224 yr Solution My docker would not start after enabling "host access to custom networks". Might never troubleshoot that later. But setting the Nginx proxy manager docker to privileged fixed this for me. If anyone else should find this post when googling, like i did 😃
June 29, 20233 yr Thanks @strend. I already had "allow access to custom networks" enabled, but NPM required privileged as well.
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.