r00tH4cK3r Posted July 3, 2022 Share Posted July 3, 2022 6 minutes ago, mgutt said: Open Port 80. Did that. Still getting error, only now the reason in the log says "Some DNS challenges failed." Not sure what I am doing wrong Quote Link to comment
mgutt Posted July 3, 2022 Author Share Posted July 3, 2022 2 hours ago, r00tH4cK3r said: Still getting error Please read the first post: https://forums.unraid.net/topic/110245-support-nginx-proxy-manager-npm-official/?do=findComment&comment=1006354 I added some steps to check the requirements. Quote Link to comment
4n0nyM Posted July 5, 2022 Share Posted July 5, 2022 On 7/2/2022 at 3:54 PM, 4n0nyM said: I may have rejoiced too soon. Access to FreshRSS and Nextloud via Nginx Proxy Manager seems to fail sporadically now. Right now, for example, I could access Nextcloud, but not FreshRSS. Then I tried accessing FreshRSS again and after an unusually long wait it did open. A quick update from me. In the last few days everything has worked again perfectly 😊👍 Thanks again for your help @mgutt Quote Link to comment
bubbadk Posted July 7, 2022 Share Posted July 7, 2022 i did everything right. but only plex works. why is that Quote Link to comment
mgutt Posted July 7, 2022 Author Share Posted July 7, 2022 2 hours ago, bubbadk said: but only plex works. You set https for all your containers. Most containers do not listen on https. Only http. PS: It's useless to encrypt the traffic between NPM and the container. This produces CPU load for nothing. Quote Link to comment
bubbadk Posted July 7, 2022 Share Posted July 7, 2022 39 minutes ago, mgutt said: You set https for all your containers. Most containers do not listen on https. Only http. PS: It's useless to encrypt the traffic between NPM and the container. This produces CPU load for nothing. Ahh ok. I'll try to use http instead. Thought that it was all about security Quote Link to comment
Departures Posted July 10, 2022 Share Posted July 10, 2022 Hello. NOW i have a problem about SSL. I have enabled "Force SSL", but the browser sometimes gives an 400 error. i have to add "https" before URL manully. it won't happen every time, but somtimes it's annoying. can it jump to https URL Automatically? P.S. It may happen with another problem that lose PORT For example, i entered abc.com:12345, my expected result is https://abc.com:12345, but it was changed to http://abc.com or https://abc.com I have no idea Quote Link to comment
mgutt Posted July 11, 2022 Author Share Posted July 11, 2022 6 hours ago, Departures said: For example, i entered abc.com:12345 Did you forward 12345 to NPM? I don't think so. Usually a proxy is used only for the ports 80 and 443. Quote Link to comment
Departures Posted July 11, 2022 Share Posted July 11, 2022 31 minutes ago, mgutt said: Did you forward 12345 to NPM? I don't think so. Usually a proxy is used only for the ports 80 and 443. I set it like this, 12345 is the port to NPM(my network environment can't use 80 443,so i set it in Router to forward), and 8096 is the port of my docker app. Does the Domain Name needs a PORT? BEFORE i add the PORT to "DOMAIN NAMES", If i add the PORT and "https" manully in URL, Like "https://abc.com:12345", NPM works correctly. BUT i don't want to type the full URL everytime. Quote Link to comment
mgutt Posted July 11, 2022 Author Share Posted July 11, 2022 6 minutes ago, Departures said: 12345 is the port to NPM There should be two ports. 7 minutes ago, Departures said: can't use 80 443,so i set it in Router to forward) Ok, and both target NPM? 7 minutes ago, Departures said: Like "https://abc.com:12345 Then your router does not forward 443 to 12345. Instead 12345 is only an open Port with the target 12345. But you need source 443 and target 12345. Quote Link to comment
Departures Posted July 12, 2022 Share Posted July 12, 2022 23 hours ago, mgutt said: There should be two ports. Ok, and both target NPM? Then your router does not forward 443 to 12345. Instead 12345 is only an open Port with the target 12345. But you need source 443 and target 12345. okay, i finished it. thanks!!!! Quote Link to comment
dv310p3r Posted July 18, 2022 Share Posted July 18, 2022 I've been reading through all these posts, and not finding anything that'll fix my issue. And it doesn't seem to be nearly as complicated as all the stuff people here are having. I must be really missing something, but I cannot get Nginx Proxy manager to direct traffic to my main domain but it will work fine in sending traffic to containers or VM's if I use a subdomain. For example, if I make a proxy host sub.mydomain.com pointing to a container, it works. If however I make a proxy host mydomain.com pointing to a container. It does not work. I am not sure what I'm doing wrong. Quote Link to comment
Kilrah Posted July 18, 2022 Share Posted July 18, 2022 (edited) 53 minutes ago, dv310p3r said: I cannot get Nginx Proxy manager to direct traffic to my main domain but it will work fine in sending traffic to containers or VM's if I use a subdomain. For example, if I make a proxy host sub.mydomain.com pointing to a container, it works. If however I make a proxy host mydomain.com pointing to a container. It does not work. What browser? It might "silently" be adding a "www" subdomain... probably try adding that too. Also check that there is actually an entry in your domain DNS for the domain itself. Also see if you don't put a host in NPM you get the default that's configured in settings. Edited July 18, 2022 by Kilrah Quote Link to comment
mgutt Posted July 18, 2022 Author Share Posted July 18, 2022 1 hour ago, dv310p3r said: mydomain.com Does your main domain have the correct IP in the DNS? Quote Link to comment
dv310p3r Posted July 18, 2022 Share Posted July 18, 2022 3 hours ago, Kilrah said: What browser? It might "silently" be adding a "www" subdomain... probably try adding that too. Brave. Also the issue is that I do have to manually add www otherwise it doesn't work. 3 hours ago, Kilrah said: Also check that there is actually an entry in your domain DNS for the domain itself. There is an A record that points to my IP address. 3 hours ago, Kilrah said: Also see if you don't put a host in NPM you get the default that's configured in settings. That's not an option. The host is a required field. 3 hours ago, mgutt said: Does your main domain have the correct IP in the DNS? Yes. If I go to the IP address shown in cloudflare it'll show the "Congratulations, You've successfully started the Nginx Proxy Manager." page. Also, if I go to www.mydomain.com, which is the host I configured in NPM, it takes me to the site no problem. So, I want to do a better job of explaining what's happening. In cloudflare right now, I have an A record that points to my IP, and a cname for www that targets the main domain. We'll say it's mydomain.com. In NPM on my unraid server, if I create a proxy host and put "mydomain.com" in the Domain Names input, the proxy doesn't work. Meaning, if I go to mydomain.com in a browser, I get a 500 error from cloudflare. At the same time I know NPM is running because I can go to the IP directly and see the congratulations page. Also, if I curl to the container from within the NPM console, it can communicate. Now, for the weird part. If I create a new Proxy Host and give it a domain name of www.mydomain.com OR... to clear up any confusion with WWW, it' has nothing to do with WWW, because if I put poop.mydomain.com or any other subdomain.mydomain.com... NPM works as expected. If I visit, poop.mydomain.com, or subdomain.mydomain.com, I see the properly served container (of course, as long as I created the correlating cname record in cloudflare). I hope that clarifies things. Quote Link to comment
Kilrah Posted July 18, 2022 Share Posted July 18, 2022 1 minute ago, dv310p3r said: That's not an option. The host is a required field. I meant if you try to access a domain that you don't have an entry for in NPM, then you should get the "Congratulations,...". So if you do not put an entry for "mydomain.com" in NPM but try accessing "mydomain.com" you should get the "Congratulations,...". If not it's likely the issue is on the DNS side and "mydomain.com" isn't properly pointing to your address. Quote Link to comment
dv310p3r Posted July 18, 2022 Share Posted July 18, 2022 Ah, yes, I understand what you mean now. And yes, if I have no Proxy Hosts configured in NPM and then try and go to mydomain.com, I get the congratulations page. DNS seems to be just fine. Quote Link to comment
mgutt Posted July 19, 2022 Author Share Posted July 19, 2022 9 hours ago, dv310p3r said: And yes, if I have no Proxy Hosts configured in NPM and then try and go to mydomain.com, I get the congratulations page. Strange. And you did test www.example.com and example.com, both with the same container as target? Did you try to add example.com to the already existing proxy host www.example.com as a second domain? Maybe this helps?! 1 Quote Link to comment
Kilrah Posted July 19, 2022 Share Posted July 19, 2022 Yeah thats's weird. My main bare "domain.com" is a redirect in my setup and that works, but I just tried adding "domain2.com" to an entry that usually only has "web.domain2.com" and that works just fine. Can only think it's an issue with the entry settings, or maybe SSL cert missing, don't know how cloudflare behaves if that's missing. Quote Link to comment
mgutt Posted July 19, 2022 Author Share Posted July 19, 2022 1 hour ago, Kilrah said: Can only think it's an issue with the entry settings, or maybe SSL cert missing, don't know how cloudflare behaves if that's missing. Good idea. In Cloudflare it's possible to force a valid SSL certificate between Cloudflare and NPM. Maybe this setting is active. @dv310p3r Try to add example.com to your local hosts file and set your local server IP. Then test through "ping" if the IP is used. Now open the domain again through your browser. By that you are bypassing cloudflare and connecting NPM directly. Quote Link to comment
jackfalveyiv Posted August 2, 2022 Share Posted August 2, 2022 (edited) Not sure if this is the right place to ask for help, but I have a weird issue. I have two Radarr instances in my setup, one standard and one 4k. Today, my 4k instance is authenticating, but the page never loads fully and doesn't get me into the console, while my standard docker is accessible via the proxy link. I can access the docker locally and authenticate, and get at what I need, but it does not work correctly when proxied. I've attached the most relevant screenshots I can think of. Thanks in advance for any guidance. ***UPDATE*** This issue has resolved itself, apparently. No action needed, 4K instance is coming up as expected. Edited August 2, 2022 by jackfalveyiv Problem solved Quote Link to comment
sdballer Posted August 3, 2022 Share Posted August 3, 2022 Started getting this error recently. ⚠ warning Error: Command failed: logrotate /etc/logrotate.d/nginx-proxy-manager error: skipping "/data/logs/default-host_access.log" because parent directory has insecure permissions (It's world writable or writable by group which is not "root") Set "su" directive in config file to tell logrotate which user/group should be used for rotation. error: skipping "/data/logs/fallback_access.log" because parent directory has insecure permissions (It's world writable or writable by group which is not "root") Set "su" directive in config file to tell logrotate which user/group should be used for rotation. error: skipping "/data/logs/proxy-host-10_access.log" because parent directory has insecure permissions (It's world writable or writable by group which is not "root") Set "su" directive in config file to tell logrotate which user/group should be used for rotation. error: skipping "/data/logs/proxy-host-1_access.log" because parent directory has insecure permissions (It's world writable or writable by group which is not "root") Set "su" directive in config file to tell logrotate which user/group should be used for rotation. error: skipping "/data/logs/proxy-host-2_access.log" because parent directory has insecure permissions (It's world writable or writable by group which is not "root") Set "su" directive in config file to tell logrotate which user/group should be used for rotation. error: skipping "/data/logs/proxy-host-3_access.log" because parent directory has insecure permissions (It's world writable or writable by group which is not "root") Set "su" directive in config file to tell logrotate which user/group should be used for rotation. error: skipping "/data/logs/proxy-host-4_access.log" because parent directory has insecure permissions (It's world writable or writable by group which is not "root") Set "su" directive in config file to tell logrotate which user/group should be used for rotation. error: skipping "/data/logs/proxy-host-5_access.log" because parent directory has insecure permissions (It's world writable or writable by group which is not "root") Set "su" directive in config file to tell logrotate which user/group should be used for rotation. error: skipping "/data/logs/proxy-host-6_access.log" because parent directory has insecure permissions (It's world writable or writable by group which is not "root") Set "su" directive in config file to tell logrotate which user/group should be used for rotation. error: skipping "/data/logs/proxy-host-7_access.log" because parent directory has insecure permissions (It's world writable or writable by group which is not "root") Set "su" directive in config file to tell logrotate which user/group should be used for rotation. error: skipping "/data/logs/proxy-host-8_access.log" because parent directory has insecure permissions (It's world writable or writable by group which is not "root") Set "su" directive in config file to tell logrotate which user/group should be used for rotation. error: skipping "/data/logs/proxy-host-9_access.log" because parent directory has insecure permissions (It's world writable or writable by group which is not "root") Set "su" directive in config file to tell logrotate which user/group should be used for rotation. error: skipping "/data/logs/redirection-host-1_access.log" because parent directory has insecure permissions (It's world writable or writable by group which is not "root") Set "su" directive in config file to tell logrotate which user/group should be used for rotation. error: skipping "/data/logs/redirection-host-2_access.log" because parent directory has insecure permissions (It's world writable or writable by group which is not "root") Set "su" directive in config file to tell logrotate which user/group should be used for rotation. error: skipping "/data/logs/redirection-host-3_access.log" because parent directory has insecure permissions (It's world writable or writable by group which is not "root") Set "su" directive in config file to tell logrotate which user/group should be used for rotation. error: skipping "/data/logs/default-host_error.log" because parent directory has insecure permissions (It's world writable or writable by group which is not "root") Set "su" directive in config file to tell logrotate which user/group should be used for rotation. error: skipping "/data/logs/fallback_error.log" because parent directory has insecure permissions (It's world writable or writable by group which is not "root") Set "su" directive in config file to tell logrotate which user/group should be used for rotation. error: skipping "/data/logs/proxy-host-10_error.log" because parent directory has insecure permissions (It's world writable or writable by group which is not "root") Set "su" directive in config file to tell logrotate which user/group should be used for rotation. error: skipping "/data/logs/proxy-host-1_error.log" because parent directory has insecure permissions (It's world writable or writable by group which is not "root") Set "su" directive in config file to tell logrotate which user/group should be used for rotation. error: skipping "/data/logs/proxy-host-2_error.log" because parent directory has insecure permissions (It's world writable or writable by group which is not "root") Set "su" directive in config file to tell logrotate which user/group should be used for rotation. error: skipping "/data/logs/proxy-host-3_error.log" because parent directory has insecure permissions (It's world writable or writable by group which is not "root") Set "su" directive in config file to tell logrotate which user/group should be used for rotation. error: skipping "/data/logs/proxy-host-4_error.log" because parent directory has insecure permissions (It's world writable or writable by group which is not "root") Set "su" directive in config file to tell logrotate which user/group should be used for rotation. error: skipping "/data/logs/proxy-host-5_error.log" because parent directory has insecure permissions (It's world writable or writable by group which is not "root") Set "su" directive in config file to tell logrotate which user/group should be used for rotation. error: skipping "/data/logs/proxy-host-6_error.log" because parent directory has insecure permissions (It's world writable or writable by group which is not "root") Set "su" directive in config file to tell logrotate which user/group should be used for rotation. error: skipping "/data/logs/proxy-host-7_error.log" because parent directory has insecure permissions (It's world writable or writable by group which is not "root") Set "su" directive in config file to tell logrotate which user/group should be used for rotation. error: skipping "/data/logs/proxy-host-8_error.log" because parent directory has insecure permissions (It's world writable or writable by group which is not "root") Set "su" directive in config file to tell logrotate which user/group should be used for rotation. error: skipping "/data/logs/proxy-host-9_error.log" because parent directory has insecure permissions (It's world writable or writable by group which is not "root") Set "su" directive in config file to tell logrotate which user/group should be used for rotation. error: skipping "/data/logs/redirection-host-1_error.log" because parent directory has insecure permissions (It's world writable or writable by group which is not "root") Set "su" directive in config file to tell logrotate which user/group should be used for rotation. error: skipping "/data/logs/redirection-host-2_error.log" because parent directory has insecure permissions (It's world writable or writable by group which is not "root") Set "su" directive in config file to tell logrotate which user/group should be used for rotation. error: skipping "/data/logs/redirection-host-3_error.log" because parent directory has insecure permissions (It's world writable or writable by group which is not "root") Set "su" directive in config file to tell logrotate which user/group should be used for rotation. /mnt/user/appdata/nginxproxymanager: total 0 drwxrwxrwx 1 root root 30 Nov 26 2021 ./ drwxrwxrwx 1 nobody users 894 Jul 31 11:03 ../ drwxrwxrwx 1 root root 132 Aug 2 18:06 data/ drwxrwxrwx 1 root root 114 Aug 2 18:06 letsencrypt/ /mnt/user/appdata/nginxproxymanager/data: total 484 drwxrwxrwx 1 root root 132 Aug 2 18:06 ./ drwxrwxrwx 1 root root 30 Nov 26 2021 ../ drwxrwxrwx 1 root root 0 Nov 26 2021 access/ drwxrwxrwx 1 root root 0 Nov 26 2021 custom_ssl/ -rw-rw-rw- 1 root root 495616 Aug 2 18:06 database.sqlite drwxrwxrwx 1 root root 0 Nov 26 2021 letsencrypt-acme-challenge/ drwxrwxrwx 1 root root 1410 Jul 30 22:00 logs/ drwxrwxrwx 1 root root 186 Nov 26 2021 nginx/ /mnt/user/appdata/nginxproxymanager/letsencrypt: total 0 drwxrwxrwx 1 root root 114 Aug 2 18:06 ./ drwxrwxrwx 1 root root 30 Nov 26 2021 ../ drwxrwxrwx 1 root root 56 Nov 26 2021 accounts/ drwxrwxrwx 1 root root 36 Nov 26 2021 archive/ drwxrwxrwx 1 root root 112 Nov 26 2021 credentials/ drwxrwxrwx 1 root root 720 Jul 24 20:00 csr/ drwxrwxrwx 1 root root 720 Jul 24 20:00 keys/ drwxrwxrwx 1 root root 48 Nov 26 2021 live/ drwxrwxrwx 1 root root 66 Jul 24 20:00 renewal/ drwxrwxrwx 1 root root 26 Nov 26 2021 renewal-hooks/ Quote Link to comment
mgutt Posted August 5, 2022 Author Share Posted August 5, 2022 On 8/3/2022 at 3:50 AM, sdballer said: error: skipping "/data/logs/default-host_access.log" because parent directory has insecure permissions (It's world writable or writable by group which is not "root") Set "su" directive in config file to tell logrotate which user/group should be used for rotation. The path /data/logs has wrong permissions. If they are located in appdata: Did you change them? Fix those by using chmod. You need to change them to 755 (they seem to have 777). Quote Link to comment
vw-kombi Posted August 6, 2022 Share Posted August 6, 2022 Thanks for this, I am new to the NPM - I have the 'old' manual method to date. I set this up alongside it or testing. What would be required to get the GEO blocking working with this container ? Quote Link to comment
mgutt Posted August 6, 2022 Author Share Posted August 6, 2022 9 minutes ago, vw-kombi said: What would be required to get the GEO blocking working with this container ? The only method I know is to add every single allowed IP through the access list tab. Quote Link to comment
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.