tTownTom Posted January 24, 2022 Share Posted January 24, 2022 NginX Proxy Manager stopped working. Hi! I've been using NPM flawlessly for a while - yet suddenly it stopped working. I get a Error 520 from Cloudflare when I try to access my services: Quote "There is an unknown connection issue between Cloudflare and the origin web server. As a result, the web page can not be displayed." Putting my IP into the browser I reach the default NPM screen: Quote "Congratulations! You've successfully started the Nginx Proxy Manager. If you're seeing this site then you're trying to access a host that isn't set up yet. Log in to the Admin panel to get started." I can still log in to NPM and see all my proxies and SSLs.. Any idea what might have happened here? Quote Link to comment
mgutt Posted January 24, 2022 Author Share Posted January 24, 2022 2 hours ago, tTownTom said: I can still log in to NPM and see all my proxies and SSLs.. As you are using Cloudflare, the only method of debugging is now to add your domains into your OS hosts file so they have your public and not your Cloudflare IP. Usually this happens because NPM is not able to reach the target Container. You find hints to debug 500 errors on the first page of this thread. Quote Link to comment
tTownTom Posted January 24, 2022 Share Posted January 24, 2022 Hi @mgutt, thanks for getting back to me on this issue! For some reason, adding the ip and url into the hosts file does nothing Even removing the DNS entry from Cloudflare and putting the account in Developer mode just changes the error message from Cloudflare when entering the url... After running the curl command mentioned in "4.) Does NPM reach your target container?" I get this response: HTTP/1.1 400 Bad Request Server: nginx Date: Mon, 24 Jan 2022 17:07:36 GMT Content-Type: text/html Content-Length: 248 Connection: close Referrer-Policy: no-referrer X-Content-Type-Options: nosniff X-Download-Options: noopen X-Frame-Options: SAMEORIGIN X-Permitted-Cross-Domain-Policies: none X-Robots-Tag: none X-XSS-Protection: 1; mode=block I find it strange that this just suddenly became a problem after months of using NPM with no issues at all Quote Link to comment
sonic6 Posted January 24, 2022 Share Posted January 24, 2022 (edited) On 7/2/2021 at 12:50 AM, mgutt said: In NPM add a stream host with the incoming Port 25565 and the containers IP and Port 25575 as its target: Can you explain how that works? Is that only possible if the ReverseProxy is running in "host" network mode? (or do i have to add port 25565 to NPM, when running in a custom bridge?) And what is the benefit of this? If i am open a port on my router, i can directly forward it to the container port on the host, even when i open a extra port for every instance of a server? I am using SWAG and running it in a custom bridge (like in the spaceinvaderone tutorials) and i would try to do that with other services like RDP. My main goal will be to reach different RDP sessions depending on the subdomain i use. Without open more ports than 80/443. Or isn't that the usecase for the nginx steam modul? Edited January 24, 2022 by sonic6 Quote Link to comment
mgutt Posted January 24, 2022 Author Share Posted January 24, 2022 1 hour ago, sonic6 said: My main goal will be to reach different RDP sessions depending on the subdomain i use Not possible with NPM. This is only for advanced Nginx users. Example: https://stackoverflow.com/a/40135151/318765 But I'm not sure if this is even possible with RDP traffic. VPN is the better solution I think. Quote Link to comment
mgutt Posted January 24, 2022 Author Share Posted January 24, 2022 4 hours ago, tTownTom said: I get this response: But you are able to open the target container directly (without NPM)? Quote Link to comment
mgutt Posted January 25, 2022 Author Share Posted January 25, 2022 12 hours ago, tTownTom said: Even removing the DNS entry from Cloudflare This change needs up to 24 hours. Do not forget: Every client has a DNS cache. PS Cloudflare has a developer mode on the main page of the dashboard which allows bypassing Cloudflare. 13 hours ago, tTownTom said: For some reason, adding the ip and url into the hosts file does nothing Did you verify it through the Terminal of your client? Did you edit the correct file? Usually this can't happen as the hosts file has the highest priority. Quote Link to comment
tTownTom Posted January 25, 2022 Share Posted January 25, 2022 9 hours ago, mgutt said: But you are able to open the target container directly (without NPM)? I am able to open the containers directly (UnRaid dash - click container icon - WebUI, and also by entering the IP:port of the container into the browser whilst on my local network). 1 hour ago, mgutt said: This change needs up to 24 hours. Do not forget: Every client has a DNS cache. PS Cloudflare has a developer mode on the main page of the dashboard which allows bypassing Cloudflare. Did you verify it through the Terminal of your client? Did you edit the correct file? Usually this can't happen as the hosts file has the highest priority. I did put Cloudflare in Developer mode yesterday when I removed the DNS entry - however today the changes must have taken effect as I get a error message from Chrome when entering the URL: I'm on Windows. Made the changes to this file: C:\Windows\System32\drivers\etc\hosts I changed the file like so: # Copyright (c) 1993-2009 Microsoft Corp. # # This is a sample HOSTS file used by Microsoft TCP/IP for Windows. # # This file contains the mappings of IP addresses to host names. Each # entry should be kept on an individual line. The IP address should # be placed in the first column followed by the corresponding host name. # The IP address and the host name should be separated by at least one # space. # # Additionally, comments (such as these) may be inserted on individual # lines or following the machine name denoted by a '#' symbol. # # For example: # # 102.54.94.97 rhino.acme.com # source server # 38.25.63.10 x.acme.com # x client host # localhost name resolution is handled within DNS itself. # 127.0.0.1 localhost # ::1 localhost 109.<myExternalIP>.184 plex.<myDomain>.com There is also a "hosts.ics" file in the same folder (etc) which I did not change... Entering my external IP into the browser sends me to the default NPM page: But entering the urls of the proxy hosts throws the errors. Thanks for your time looking into this Quote Link to comment
mgutt Posted January 25, 2022 Author Share Posted January 25, 2022 4 hours ago, tTownTom said: I changed the file like so: Looks good. Please verify it through cmd and "ping plex.example.com". Maybe it returns an IPv6 instead of IPv4?! Finally this must work. You could even add a random domain into the hosts file with a random IP and ping should try to reach this ip. 4 hours ago, tTownTom said: error message from Chrome If a domain does not have an DNS entry it returns ERR_NAME_NOT_RESOLVED. In your case it's DNS_PROBE_FINISHED_NXDOMAIN which means that the domains nameserver does not exist. 4 hours ago, tTownTom said: I am able to open the containers directly Ok, then back to the connection problem between NPM and the target container. You said it return error 400. Is the target url the same as if you open the target container manually through your browser? What if you execute the same curl command through the unRAID WebTerminal? Quote Link to comment
tTownTom Posted January 25, 2022 Share Posted January 25, 2022 21 minutes ago, mgutt said: Looks good. Please verify it through cmd and "ping plex.example.com". Maybe it returns an IPv6 instead of IPv4?! Finally this must work. You could even add a random domain into the hosts file with a random IP and ping should try to reach this ip. Pinging the domain entered into the host file gives this result: ping plex.<mydomain>.com Ping request could not find host plex.<mydomain>.com. Please check the name and try again. 23 minutes ago, mgutt said: Ok, then back to the connection problem between NPM and the target container. You said it return error 400. Is the target url the same as if you open the target container manually through your browser? What if you execute the same curl command through the unRAID WebTerminal? The url/ip is the same. Opening Plex in WebUI as an example - I copied the URL and put it into the curl command. Both the UnRaid terminal and the NPM terminal gives the same result. From docker terminal: [root@docker-eeb330dffb63:/app]# curl -sSL -D - http://10.<internalIP>.19:32400/web/index.html/ -o /dev/null HTTP/1.1 404 Not Found X-Plex-Protocol: 1.0 Content-Length: 85 Content-Type: text/html Cache-Control: no-cache Date: Tue, 25 Jan 2022 12:25:10 GMT From UnRaid terminal: root@unRaid:~# curl -sSL -D - http://10.<internalIP>:32400/web/index.html/ -o /dev/null HTTP/1.1 404 Not Found X-Plex-Protocol: 1.0 Content-Length: 85 Content-Type: text/html Cache-Control: no-cache Date: Tue, 25 Jan 2022 12:25:36 GMT Screenshot from NPM proxy host setting: Quote Link to comment
mgutt Posted January 25, 2022 Author Share Posted January 25, 2022 4 hours ago, tTownTom said: 404 Not Found Remove the slash after index.html For me both requests look good. 4 hours ago, tTownTom said: Ping request could not find host plex.<mydomain>.com. This should not happen. A domain inside the hosts file must work. Are you sure Windows did not add .txt or similar? Did you copy and paste file to overwrite it? Windows usually does not allow to edit this file directly. Quote Link to comment
tTownTom Posted January 25, 2022 Share Posted January 25, 2022 41 minutes ago, mgutt said: Remove the slash after index.html Thanks for your help! After removing the slash: [root@docker-eeb330dffb63:/app]# curl -sSL -D - http://10.<internalIP>:32400/web/index.html -o /dev/null HTTP/1.1 200 OK X-Plex-Protocol: 1.0 Cache-Control: no-cache Accept-Ranges: bytes Connection: Keep-Alive Keep-Alive: timeout=20 Content-Length: 9206 Content-Type: text/html Date: Tue, 25 Jan 2022 17:44:14 GMT (This was the same for both NPM and UnRaid terminal). 47 minutes ago, mgutt said: This should not happen. A domain inside the hosts file must work. Are you sure Windows did not add .txt or similar? Did you copy and paste file to overwrite it? Windows usually does not allow to edit this file directly. I did not copy/paste the file - thanks for the tip on that! I have now done so, and I am now getting this error in Chrome "ERR_HTTP2_PROTOCOL_ERROR": Quote Link to comment
mgutt Posted January 25, 2022 Author Share Posted January 25, 2022 1 hour ago, tTownTom said: This was the same for both NPM and UnRaid terminal Ok, this means NPM is able to reach your target container. 1 hour ago, tTownTom said: ERR_HTTP2_PROTOCOL_ERROR Try to delete your SSL certificate in NPM and obtain a new one. Quote Link to comment
tTownTom Posted January 26, 2022 Share Posted January 26, 2022 12 hours ago, mgutt said: Try to delete your SSL certificate in NPM and obtain a new one. This solved the problem. Indeed, deleting and requesting new SSL certificates for all the proxies made them all work again. Thank you so much for that! Would you happen to know why this suddenly stopped working in the first place? Is there something I can do to not have it happen again? Cheers for all your help and time - I truely appreciate it Quote Link to comment
mgutt Posted January 26, 2022 Author Share Posted January 26, 2022 3 hours ago, tTownTom said: Would you happen to know why this suddenly stopped working in the first place? Is there something I can do to not have it happen again? 🤷😅 Creating backups of the appdata share would be a good step in any case. Quote Link to comment
tTownTom Posted January 26, 2022 Share Posted January 26, 2022 1 hour ago, mgutt said: 🤷😅 Creating backups of the appdata share would be a good step in any case. Hehehe - cheers! I will certainly make that a cron job Thank you for all your help! Quote Link to comment
TheGrownUpGeek Posted January 27, 2022 Share Posted January 27, 2022 Hi All, having an issue with the Nginx-Proxy-Manager-Official container. I have the container running on a custom network (br0) with a static private ip set. When launching the container i change the values for the http and https port to 8080 and 80443 respectively, however when the container runs it is still opening these ports as their default 80 & 443 values. Has anyone seen this issue before and if so what was the fix? Quote Link to comment
mgutt Posted January 27, 2022 Author Share Posted January 27, 2022 5 hours ago, TheGrownUpGeek said: When launching the container i change the values for the http and https port to 8080 and 80443 respectively These are Ports and not variables. Ports are only active for bridge networks. And NPM has no variable to change the default portd. Quote Link to comment
Vista2003 Posted January 29, 2022 Share Posted January 29, 2022 (edited) Hi, I've upgraded from UNRAID 6.9.2 to the latest RC2 release and now my connection to the Nginx Proxy keeps resetting Looking at the logs, it looks like it's failing to bind to the ports: The docker is configured to use its own IP address. How would I force the ports to bind correctly so I can get this proxy back up and running? EDIT: I've also tried downgrading back to 6.9.2 and I'm still having the same issue Edited January 29, 2022 by Vista2003 Quote Link to comment
mgutt Posted January 29, 2022 Author Share Posted January 29, 2022 17 minutes ago, Vista2003 said: The docker is configured to use its own IP address. I had this in the past while IPv6 was enabled and after I changed the IPv4 and/or IPv6 of a container. It worked only after if I fully stopped and restarted the docker service. So I think this has something to do with IPv6. Quote Link to comment
Vista2003 Posted January 29, 2022 Share Posted January 29, 2022 (edited) 41 minutes ago, mgutt said: I had this in the past while IPv6 was enabled and after I changed the IPv4 and/or IPv6 of a container. It worked only after if I fully stopped and restarted the docker service. So I think this has something to do with IPv6. Currently, only an IPv4 address has been assigned to the docker though my network is dualstack so how do I disable IPv6 on the Docker? Edited January 29, 2022 by Vista2003 Quote Link to comment
mgutt Posted January 29, 2022 Author Share Posted January 29, 2022 51 minutes ago, Vista2003 said: how do I disable IPv6 By choosing in the unraid network settings IPv4 only?! Quote Link to comment
Vista2003 Posted January 29, 2022 Share Posted January 29, 2022 5 minutes ago, mgutt said: By choosing in the unraid network settings IPv4 only?! I was wondering if I could just disable it for the docker itself rather than disabling IPv6 support on the entire system Quote Link to comment
mgutt Posted January 29, 2022 Author Share Posted January 29, 2022 11 minutes ago, Vista2003 said: just disable it for the docker itself Maybe through the docker settings. Isn't there an IPv6 custom network settings (enable advanced view)? Quote Link to comment
Vista2003 Posted January 29, 2022 Share Posted January 29, 2022 8 minutes ago, mgutt said: Maybe through the docker settings. Isn't there an IPv6 custom network settings (enable advanced view)? I'm not entirely sure what I'm looking for here Quote Link to comment
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.