Abigel Posted March 17, 2022 Share Posted March 17, 2022 22 minutes ago, mgutt said: Use only https://domain? And how to do in internal network / local ? Quote Link to comment
JonathanM Posted March 17, 2022 Share Posted March 17, 2022 5 hours ago, Abigel said: And how to do in internal network / local ? enable hairpinning / loopback in your router or set a hosts entry Quote Link to comment
Yoda_1204 Posted March 17, 2022 Share Posted March 17, 2022 I have a sophos XG Firewall that has 5 different public IP address on it. I want to find out if the below is possible to do with Nginx Proxy manger. I want to point each public IP address to a different Unraid - Nginx Proxy Container. (So I would have a total of 5 Nginx Proxy containers). Is this possible to do? I have tried this with two Nginx Proxy contains with no look so far. The first one always works, but the second one does not. I have changed all of the ports and data paths to different locations. Thank you in advance Quote Link to comment
mgutt Posted March 17, 2022 Author Share Posted March 17, 2022 9 minutes ago, Yoda_1204 said: I want to point each public IP address to a different Unraid - Nginx Proxy Container. (So I would have a total of 5 Nginx Proxy containers). Is this possible to do? I'd say you need to add each IP range as a different VLAN and use the different br0.XX for different NPM containers: Of course each NPM container needs a different name and different appdata paths. 1 Quote Link to comment
blaine07 Posted March 30, 2022 Share Posted March 30, 2022 On SWAG I was able to put YOURLS in a www folder and change a file to allow access to YOURLS right through SWAG. Is there some way or somewhere I can put little things like that for NPM to host? In NPM I see a "default_www" inside nginx? Anyone using YOURLS with NPM that can maybe shed light? Quote Link to comment
mgutt Posted March 30, 2022 Author Share Posted March 30, 2022 5 hours ago, blaine07 said: Is there some way or somewhere I can put little things like that for NPM Adding a new host to NPM?! Quote Link to comment
blaine07 Posted March 30, 2022 Share Posted March 30, 2022 45 minutes ago, mgutt said: Adding a new host to NPM?! Where can I put the YOURLS folder and how would I use the “Custom Locations” or “Advanced” to point it at correct folder? I just don’t know how to point it at where I put YOURLS. I assume YOURLS could go directly inside “data” like on SWAG but how would I point back to it? Especially with YOURLS having a few special things that have to be forwarded. If I flustered you, I’m sorry. Quote Link to comment
mgutt Posted March 31, 2022 Author Share Posted March 31, 2022 10 hours ago, blaine07 said: Where can I put the YOURLS folder I don't understand your question. You have a container. This container has a local IP and a Port. Now it should become reachable through a domain, which has a public IP pointing to your router. Your router forwards the traffic to your unRAID Server/NPM. Now you add the domain to NPM through the hosts page and set the local IP and Port of the container as the forward IP/Port. Done. The traffic of this domain is forwarded to the container. So about which "folders" are you talking? Quote Link to comment
blaine07 Posted March 31, 2022 Share Posted March 31, 2022 (edited) 2 minutes ago, mgutt said: I don't understand your question. You have a container. This container has a local IP and a Port. Now it should become reachable through a domain, which has a public IP pointing to your router. Your router forwards the traffic to your unRAID Server/NPM. Now you add the domain to NPM through the hosts page and set the local IP and Port of the container as the forward IP/Port. Done. The traffic of this domain is forwarded to the container. So about which "folders" are you talking? Yourls isn’t a container. It just goes into a directory inside of the swag container. No port to point to for it. Inside swag one of the conf files forwards urls.mydomain.net to folder where YOURLS is inside of Swag at. * I’m just trying to mimic dropping folder somewhere inside NPM and pointing a subdomain at NPM at that directory contained within Npm Edited March 31, 2022 by blaine07 Quote Link to comment
mgutt Posted March 31, 2022 Author Share Posted March 31, 2022 2 minutes ago, blaine07 said: It just goes into a directory inside of the swag container NPM is not a webserver. It's only a proxy. You need to install YOURLs as a container or install YOURLs inside an Nginx Webserver Container. After that you can forward the traffic to this container. 1 Quote Link to comment
blaine07 Posted March 31, 2022 Share Posted March 31, 2022 Just now, mgutt said: NPM is not a webserver. It's only a proxy. You need to install YOURLs as a container or install YOURLs inside an Nginx Webserver Container. After that you can forward the traffic to this container. Thank you 😊 😀 Sorry for the disruption; just surprised I can do that with SWAG and NOT NPM. Quote Link to comment
JonathanM Posted March 31, 2022 Share Posted March 31, 2022 11 hours ago, blaine07 said: just surprised I can do that with SWAG and NOT NPM. swag is a full NGINX server implementation that many people just happen to be using as a reverse proxy. NPM is a specialized NGINX set up to make reverse proxy convenient and easy to set up. It's not designed to do anything BUT reverse proxy, hence the name Nginx PROXY manager. 1 Quote Link to comment
GreenEyedMonster Posted April 3, 2022 Share Posted April 3, 2022 On 3/14/2022 at 9:11 AM, mgutt said: Does this only happen if NPM is in front or does it even happen if you open your website directly through the target container IP? Any ideas? Quote Link to comment
Kopernikus Posted April 4, 2022 Share Posted April 4, 2022 (edited) @mgutt Hi, Using this container for a few months now, and all working fine. However I wanted to run a public instance off the SearxNG metasearch docker. I have set this up as usual in NPM and all seem te be working. However to allow it to be placed on the public instance list (https://searx.space/#) it needs to have an A+ TLS grade and an A+ HTML grade. For nginx the config would be: https://ssl-config.mozilla.org/ and for the HTML https://github.com/searxng/searx-docker/blob/master/Caddyfile#L33-L84 Is this possible with Nginx Proxy Manager or will this require a full Nginx docker? Edited April 4, 2022 by Kopernikus Quote Link to comment
mgutt Posted April 4, 2022 Author Share Posted April 4, 2022 You can add headers through the advances tab of a host and by using the "add_header" command. Quote Link to comment
Kopernikus Posted April 5, 2022 Share Posted April 5, 2022 15 hours ago, mgutt said: You can add headers through the advances tab of a host and by using the "add_header" command. Hi, For the headers this seems to be working, thx. However for the TLS I found the solution but don't now how to implement it. I need to edit /etc/nginx/conf.d/include/ssl-ciphers.conf with a more "thight" ssl cipher list. Ofcourse I could edit the file and save it to a new container but then I would have to do this every time the container is updated. So I thought of mounting (overwriting) the file directly into the container, so something like this: /etc/nginx/conf.d/include/ssl-ciphers.conf:/path/to/local/file/myown-custom-ssl-ciphers.conf I tried it true the mount path in unraid but that doesn't seem to work. Any idea? Ideally it would be good if we can set this as an option in /data/nginx/custom/ssl-ciphers.conf or through the UI of NPM Quote Link to comment
mgutt Posted April 5, 2022 Author Share Posted April 5, 2022 @Kopernikus What is the content of ssl-ciphers.conf (Check NPM at github)? Maybe this can be added to the advanced tab as well. Quote Link to comment
Kopernikus Posted April 5, 2022 Share Posted April 5, 2022 (edited) 4 hours ago, mgutt said: @Kopernikus What is the content of ssl-ciphers.conf (Check NPM at github)? Maybe this can be added to the advanced tab as well. ssl_session_timeout 5m; ssl_session_cache shared:SSL:50m; # intermediate configuration. tweak to your needs. ssl_protocols TLSv1.2 TLSv1.3; ssl_ciphers 'ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES256-GCM-SHA512:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA512:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305'; ssl_prefer_server_ciphers on; It's the same as the ssl-cipher.conf already in the NPM docker except unsecure ciphers are removed and ssl_prefer_server is set to on Edited April 5, 2022 by Kopernikus Quote Link to comment
Kopernikus Posted April 7, 2022 Share Posted April 7, 2022 (edited) @mgutt After doing some more research I've found that the problem must be inside the docker container. Link to the report I filled: https://github.com/NginxProxyManager/nginx-proxy-manager/issues/1982 Edited April 8, 2022 by Kopernikus 1 Quote Link to comment
carltonb Posted April 11, 2022 Share Posted April 11, 2022 I am back again to ask for help with a problem that I never figured out (probably due to my understanding) of Cloudflare and NPM. I created a Cloudflare account and NPM in unraid. I got my Nextcloud up and running thanks to the great tutorials online. But my problem still lies if I try to add more than one proxy in NPM. If I add Vaultwarden and click on it it opens up Nextcloud and not Vaultwarden. I am attaching a picture of what I have setup. I tried to follow the suggestions that everyone provided about 5 months ago but failed. I need to see if I can get this figured out for at least my own learning experience. Please let me know what other information may be needed. Quote Link to comment
mgutt Posted April 11, 2022 Author Share Posted April 11, 2022 What happens if you open 192.168.1.90:4743 through your browser? Quote Link to comment
carltonb Posted April 11, 2022 Share Posted April 11, 2022 It goes to http://192.168.1.90:4743 and does open. Quote Link to comment
mgutt Posted April 12, 2022 Author Share Posted April 12, 2022 And your router forwards the traffic to NPM? If you see Nextcloud through the warden domain, it seems you're router is forwarding the traffic to Nextcloud. What happens if you open your public IP? You should see the NPM proxy welcome page. Quote Link to comment
carltonb Posted April 12, 2022 Share Posted April 12, 2022 I am lost at the folloing statement you made "What happens if you open your public IP? You should see the NPM proxy welcome page." Can you please explain how I would do this. Thank you. Quote Link to comment
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.