CorruptComputer Posted February 12, 2021 Share Posted February 12, 2021 I'm running an NGINX proxy in a docker container (swag from Linuxserver.io) with a wildcard cert for my local LAN domain available. I want to be able to access the UnRAID web GUI through HTTPS without getting that pesky "Woah this is a self signed cert, are you sure you want to do this??" error message every time I open the page. My container is running a static IP 192.168.1.254 and my UnRAID is using ip 192.168.1.4 which is also static. When trying to connect I get a 502 Bad Gateway error in my browser and the NGINX logs show that the host in unreachable: 2021/02/12 10:45:42 [error] 472#472: *1 connect() failed (113: Host is unreachable) while connecting to upstream, client: 192.168.1.10, server: unraid.example.com, request: "GET / HTTP/2.0", upstream: "http://192.168.1.4:80/", host: "unraid.example.com" My NGINX config looks like so: ## Version 2020-02-12 server { listen 443 ssl http2; listen [::]:443 ssl http2; allow 192.168.0.0/16; allow 10.0.0.0/8; allow 172.16.0.0/12; deny all; server_name unraid.example.com; include /config/nginx/ssl.conf; location / { include /config/nginx/proxy.conf; proxy_pass http://192.168.1.4:80; } error_page 403 =301 https://www.example.com/404.html; } I think it may be an issue with the default route table, but I have no idea what I should change here: Quote Link to comment
HannesDi Posted February 15, 2021 Share Posted February 15, 2021 i´ll hope you got a answer this because it would also solve my issue... but when you find the solution yourself, it would be nice when you post it here Quote Link to comment
Squid Posted February 15, 2021 Share Posted February 15, 2021 A container running on br0 (ie: a separate IP address) does not have access to the host by design. It's on a totally separate network. Why not run nginx on the bridge network? Quote Link to comment
CorruptComputer Posted February 16, 2021 Author Share Posted February 16, 2021 On 2/15/2021 at 7:35 AM, Squid said: A container running on br0 (ie: a separate IP address) does not have access to the host by design. It's on a totally separate network. Why not run nginx on the bridge network? I'm running on br0 because I want each of the containers to have a separate IP address that I specify. There are multiple containers running web servers on port 80, so it wouldn't be even possible to have them all running without separate IP's. I don't understand why containers running on br0 are blocked from accessing the host IP, there should be no reason as to why I can't allow that network traffic to just be routed from that virtual bridge to the router and back to the Unraid IP. Quote Link to comment
Hoopster Posted February 16, 2021 Share Posted February 16, 2021 1 hour ago, CorruptComputer said: I don't understand why containers running on br0 are blocked from accessing the host IP This is an intentional design decision by Docker and is the default for unRAID. However, have you tried enabling host access to custom networks in Docker Settings? 1 3 Quote Link to comment
CorruptComputer Posted February 16, 2021 Author Share Posted February 16, 2021 57 minutes ago, Hoopster said: However, have you tried enabling host access to custom networks in Docker Settings? This fixed it, thanks! Quote Link to comment
Solution strend Posted June 2, 2022 Solution Share Posted June 2, 2022 My docker would not start after enabling "host access to custom networks". Might never troubleshoot that later. But setting the Nginx proxy manager docker to privileged fixed this for me. If anyone else should find this post when googling, like i did 😃 Quote Link to comment
coppit Posted June 29, 2023 Share Posted June 29, 2023 Thanks @strend. I already had "allow access to custom networks" enabled, but NPM required privileged as well. Quote Link to comment
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.