[Support] Nginx Proxy Manager (NPM) Official


Recommended Posts

Hello ,

 

I have another error after adding post arguments. It seems like container is unable to run.

16 minutes ago, mgutt said:

Please enable advanced view and add this to the post arguments:

--cap-add LINUX_IMMUTABLE

 

Found here:

https://unix.stackexchange.com/questions/522621/in-docker-chattr-operation-not-permitted-while-setting-flags-on-file

 

post arguments.png

container not running.png

log.png

Edited by spacezmonkey
Link to comment
On 9/13/2021 at 7:02 PM, DjJoakim said:

 

Yeah no other docker uses this ports.. i have the ports lined up in the vpn docker since it's "running through" the docker, and then i remove the ports from the nginx docker, but since the update today i get this error message.. :(

 

When using the command "--net=container:openvpnpublic" it works, but if i change it to "custom container:openvpnpublic" network, i get this error message.. 

 

Is it possible to get the previous version of nginx? Mine stopped working after the last update.. and i can't get it to work again..

 

edit: So i found a solution on my problem, since the last update, at the botton there is a new port called "API" port, 3000. That wasn't there before, so if anyone else gets the same problem as i had, remove that port using advanced view, and then add the port in VPN docker, and it should work. 

Mine is working now again! :) 

Edited by DjJoakim
Link to comment
  • 3 weeks later...

Okay I give up. I've had NPM working for ages now, but suddenly I'm having issues. 


I've been changing networks and setup so much that it's laughable at this point and I'm probably only making myself confused at the moment. 

 

NPM > NextCloud is the goal.

Current setup:

 

 image.png.8c8745114bc3fd79f97af1b9bc880dfd.png

 

Current forwarding rules: 

image.png.02958c0628f2c758c696d840e7e30143.png

 

Using a random domain to test I get a refusal because HSTS is enabled, so presumably NPM is getting the traffic. 

I tried using NPM on bridge instead, but that resulted in Bad Gateway.

I tried setting up a wordpress container to see if my Nextcloud install was b0rked - but that can't be reached, either.


Clearly it's some simple mistake doing all this. As mentioned I've tried various config changes and I even tried putting both NextCloud & NPM on the same network to no avail. 

 

image.png.0dda163850abb64699aedc15de5d4344.png

image.png.ee5925b792002a14079e1d172018b58d.png

image.png.17bf6f5fd2edf8297b0b50414fc5e95c.png

 

Again I probably screwed something up even worse by just trying a slew of different things.. I'm fairly sure I didn't use to have NPM on a dedicated IP either.. but here we are. 

Please advise as I'm sure it's simple and I've just gone and FUBAR'ed it. 

Been trying to bring it back after some DB corruption due to a MariaDB update erroneously made me think my old NPM setup was the cause and I rebuilt it.. clearly not well enough. So it's been.. a while.. now. 

Link to comment

I am now finally moving from SWAG to NPM

 

But some of the more difficult ones I cant get working

 

youtube-dl-server

 

This docker have a url path that goes like this:

http://192.168.0.6:8282/youtube-dl

 

image.png.4abd1f7b850179648304d381cff3f063.png

 

SWAG worked by doing this:

# make sure that your dns has a cname set for youtube-dl-server and that your youtube-dl-server container is named youtube-dl-server

server {
    listen 443 ssl;
    listen [::]:443 ssl;

    server_name youtube.*;

    include /config/nginx/ssl.conf;

    client_max_body_size 0;

    location / {
        include /config/nginx/proxy.conf;
        resolver 127.0.0.11 valid=30s;
        set $upstream_app youtube-dl-server;
        set $upstream_port 8080;
        set $upstream_proto http;
        proxy_pass $upstream_proto://$upstream_app:$upstream_port;

        proxy_set_header Range $http_range;
        proxy_set_header If-Range $http_if_range;
    }

    location ~ (/youtube-dl/)?/socket {
        include /config/nginx/proxy.conf;
        resolver 127.0.0.11 valid=30s;
        set $upstream_app youtube-dl-server;
        set $upstream_port 8080;
        set $upstream_proto http;
        proxy_pass $upstream_proto://$upstream_app:$upstream_port/youtube-dl;

        proxy_set_header Upgrade $http_upgrade;
        proxy_set_header Connection $http_connection;
   }
}

 

Can someone point me in the right direction 🙂

Link to comment
On 7/2/2021 at 12:17 AM, mgutt said:

This is the only reliable way to use NPM through IPv6:

 

1.) Change Unraid's HTTP and HTTPS ports to 5000 and 5001:

image.png.89a8393a04b9714bf0f7bb037039bd04.png

 

2.) Install NPM by using the host network:

image.png.07640b0119c802cec55785cce13fc7f8.png

 

3.) Open the ports 80 and 443 in your router:

image.png.7ab2f7dda73482bfffd45c4e8f0dd433.png

 

4.) Open the NPM WebGUI and after changing the login, you can add a proxy host (see next post for Plex as an example).

 

5.) If you only want to type "tower" in your browser to reach your Unraid WebGUI, add this Redirection Host in NPM:

image.png.21c9cd7d6619a7d1b4a618c079f6e02e.png

 

Further explanation:

IPv6 does not need port forwarding and many routers don't support it. So it's often not possible to forward internet traffic from port 443 (http) to a custom port like 8443. By that we have two options: Run NPM in the br0/custom network with a fixed ip address or run it in the host network (bridge has IPv6 disabled). I tried everything, but br0/custom isn't reliable as its not possible to define a fixed IPv6 without passing the IPv6 prefix and if your provider assigns a new IPv6 prefix, the container is offline and stays offline until we manually change the containers IPv6. And changing the IPv6 alone does not work as the "old" IPv4/IPv6 combination is internally reserved from the docker service. So its not only needed to change the IPv6 of the container, we additionally need to restart to entire Docker service itself.

I just installed the NMP Official (Had the old docker) and set everything up like you wrote

Except the 5000/5001 (Synology ports) so I changed it to 6000/6001

 

But now the Unraid comes with the "My Servers" plugin and when this is running and I try to do the:

(I use 6000 and my own server name ;-))

image.png.b53dd7a6cd80c8ce10c7b343de204352.png

I can not access the UNRAID UI anymore......

So is there any workaround for having this setup with the "My Server" plugin

Remote access from this requires you to let Unraid get a cert. and run HTTPS

 

Br

Casperse

 

Edited by casperse
Link to comment
5 hours ago, casperse said:

I try to do the:

(I use 6000 and my own server name ;-))

image.png.b53dd7a6cd80c8ce10c7b343de204352.png

Did you mean you can't access the GUI at all or the redirect does not work? Did you access the GUI by its URL + Port 6001?

 

P.S. I don't recommend using the my servers URL as it allows attacking the unRAID WebGUI.

Link to comment

Hi

 

When I cahnge ports the container act funny

image.png.7dbee1425a328ecb678e593c3bbb103f.png

 

But inside it looks okay:

image.png.78b8066f9236ebe9d64598eabddaaf79.png

 

So far the only way to fix the port this have been to remove the container and install it again?

 

If I change the proxynet to host :

image.png.cc9ffaaf377a393294403a0ac3e26d8c.png

How can it change the ports...

I can access the UI but the proxi stopped working after the port change (And yes the ports are open)

Also disabled any 443 redirect to unraid disabling the "My server" remote access feature

 

I love the docker and the UI but it dosent seem as stable as Swag?

 

Link to comment
54 minutes ago, casperse said:

How can it change the ports..

If a container runs in the host network it uses it's default ports. This is a usual behavior of all containers. 

 

54 minutes ago, casperse said:

 

But inside it looks okay:

Did you accidentally change both ports, internal and external? This is not visible in the screenshot. Only if you edit the entry. Finally it would be interesting to see what it looks like after the container has been started.

Link to comment
On 10/4/2021 at 8:19 AM, mgutt said:

 

Just to sanity-check I changed both containers to br0 and gave them dedicated IP's. Nothing worked. 

Now changed both back to bridge and I'm getting bad gateway. I don't see from your table how that should be the expected result. 

I tried booting up a wordpress container and that also gets bad gateway. 

Link to comment
1 hour ago, mgutt said:

If a container runs in the host network it uses it's default ports. This is a usual behavior of all containers. 

 

Did you accidentally change both ports, internal and external? This is not visible in the screenshot. Only if you edit the entry. Finally it would be interesting to see what it looks like after the container has been started.

No I only changed the ports like before not the container ports

 

I started the docker:

image.png.de2e02aa8252ceffbfb1e79e6998c833.png

 

Opening the settings I can see:

image.thumb.png.bf0bb63f10683fcee702949dbf7b24f3.png

 

Opening the EDIT HTTPS:

image.png.347843ed154af827b7633536a6944ab8.png

 

The container ports are changed to the same port as my Host port?

And only way to get it back is doing a re-install

 

This is so strange, it happens when I change Host ports or I change network between Host & custom net  Prox

net? - can it be somekind of bug? (I have refreshed the webpage and the values are not cached)

 

 

Edited by casperse
Link to comment
20 minutes ago, casperse said:

I just removed the docker and deleted the docker image.

I then re-installed it with my previous settings and I still have the container ports wrong?

They are greyed out in the Docker config, is there anywhere I can set them manually in the docker config folder?

Ok I am stupid forgot to set the special network, after installing it from scratch then it worked again

(This dosent work for me with Host or Bridge)

 

Had so many problems trying to change my Unraid ports, that I have to wait for help fixing this (Other thread)

So for now I will keep it using 1443 & 180 - and forget about IPv6 for now

Link to comment
3 hours ago, casperse said:

This docker plugin for youtube is really tricky?

As I said. You have to check if the containers are able to reach each other.

 

Open the console of NPM and execute this for example:

curl http://192.168.0.6:8282

 

With this command you should be able to see the HTML source code of the Unraid Login-page:

curl http://192.168.0.6/login

 

Link to comment
19 minutes ago, mgutt said:

As I said. You have to check if the containers are able to reach each other.

 

Open the console of NPM and execute this for example:

curl http://192.168.0.6:8282

 

With this command you should be able to see the HTML source code of the Unraid Login-page:

curl http://192.168.0.6/login

 

I tried that for my issue; 

# curl http://192.168.1.101:444
curl: (3) Failed to convert 192.168.1.101 to ACE; could not convert string to UTF-8

# curl https://192.168.1.101:444
curl: (35) OpenSSL SSL_connect: SSL_ERROR_SYSCALL in connection to 192.168.1.101:444 

Any ideas on what's going on here? 

Link to comment

That is really interesting!

Both dockers the NPM and the Youtube-dl is on the same special proxynet I defined

And for some reason the NMP container cannot reach the Youtube docker?

image.png.87eb5e17fdc4b2bf340aaa9d843b263f.png

I did another test and if manually just add "/youtube-dl" to the end of the new subdomain with new cert. then it works http://youtube.domain.com/youtube-dl ??

 

curl http://192.168.0.6/login

Here is the login webpage: - do you think there might be some error (Done allot of upgrades since my first Unraid 🙂

<!DOCTYPE html>
<html lang="en">
...

 

Just ordered a new monitor cable so I can have a local monitor on my server boot up with the UI, the next time I try to change my ports away from 80 & 443 LOL

Link to comment
18 minutes ago, casperse said:

And for some reason the NMP container cannot reach the Youtube docker?

It does. "not found" is an answer of the container. Try a completely different port which is not used by any container and you will see an error instead.

 

What happens if you open http://192.168.0.6:8282/ through your browser?

Link to comment

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.

Guest
Reply to this topic...

×   Pasted as rich text.   Restore formatting

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.