[Support] Nginx Proxy Manager (NPM) Official


Recommended Posts

On 7/2/2022 at 3:54 PM, 4n0nyM said:

I may have rejoiced too soon. Access to FreshRSS and Nextloud via Nginx Proxy Manager seems to fail sporadically now. Right now, for example, I could access Nextcloud, but not FreshRSS. Then I tried accessing FreshRSS again and after an unusually long wait it did open.

A quick update from me. In the last few days everything has worked again perfectly 😊👍 Thanks again for your help @mgutt

Link to comment
2 hours ago, bubbadk said:

but only plex works.

You set https for all your containers. Most containers do not listen on https. Only http. PS: It's useless to encrypt the traffic between NPM and the container. This produces CPU load for nothing.

Link to comment
39 minutes ago, mgutt said:

You set https for all your containers. Most containers do not listen on https. Only http. PS: It's useless to encrypt the traffic between NPM and the container. This produces CPU load for nothing.

Ahh ok. I'll try to use http instead. Thought that it was all about security 

Link to comment

Hello.

NOW i have a problem about SSL.

I have enabled "Force SSL", but the browser sometimes gives an 400 error. i have to add "https" before URL manully.

it won't happen every time, but somtimes it's annoying.

can it jump to https URL Automatically?

 

P.S.

It may happen with another problem that lose PORT

For example, i entered abc.com:12345, my expected result is https://abc.com:12345, but it was changed to http://abc.com or https://abc.com

I have no idea

Link to comment
31 minutes ago, mgutt said:

Did you forward 12345 to NPM? I don't think so. Usually a proxy is used only for the ports 80 and 443.

I set it like this, 12345 is the port to NPM(my network environment can't use 80 443,so i set it in Router to forward), and 8096 is the port of my docker app. Does the Domain Name needs a PORT?

BEFORE i add the PORT to "DOMAIN NAMES", If i add the PORT and "https" manully in URL, Like "https://abc.com:12345", NPM works correctly. BUT i don't want to type the full URL everytime.

 

1488311533_.png.0036641f3033936450d15e392a2b100e.png

 

Link to comment
6 minutes ago, Departures said:

12345 is the port to NPM

There should be two ports.

 

7 minutes ago, Departures said:

can't use 80 443,so i set it in Router to forward)

Ok, and both target NPM?

 

7 minutes ago, Departures said:

Like "https://abc.com:12345

Then your router does not forward 443 to 12345. Instead 12345 is only an open Port with the target 12345. But you need source 443 and target 12345.

Link to comment

I've been reading through all these posts, and not finding anything that'll fix my issue. And it doesn't seem to be nearly as complicated as all the stuff people here are having. 

 

I must be really missing something, but I cannot get Nginx Proxy manager to direct traffic to my main domain but it will work fine in sending traffic to containers or VM's if I use a subdomain. For example, if I make a proxy host sub.mydomain.com pointing to a container, it works. If however I make a proxy host mydomain.com pointing to a container. It does not work. 

 

I am not sure what I'm doing wrong. 

Link to comment
53 minutes ago, dv310p3r said:

I cannot get Nginx Proxy manager to direct traffic to my main domain but it will work fine in sending traffic to containers or VM's if I use a subdomain. For example, if I make a proxy host sub.mydomain.com pointing to a container, it works. If however I make a proxy host mydomain.com pointing to a container. It does not work. 

What browser? It might "silently" be adding a "www" subdomain... probably try adding that too.

Also check that there is actually an entry in your domain DNS for the domain itself. Also see if you don't put a host in NPM you get the default that's configured in settings.

Edited by Kilrah
Link to comment
3 hours ago, Kilrah said:

What browser? It might "silently" be adding a "www" subdomain... probably try adding that too.

Brave. Also the issue is that I do have to manually add www otherwise it doesn't work.

 

3 hours ago, Kilrah said:

Also check that there is actually an entry in your domain DNS for the domain itself.

There is an A record that points to my IP address.

 

3 hours ago, Kilrah said:

Also see if you don't put a host in NPM you get the default that's configured in settings.

That's not an option. The host is a required field.

 

3 hours ago, mgutt said:

Does your main domain have the correct IP in the DNS?

Yes. If I go to the IP address shown in cloudflare it'll show the "Congratulations, You've successfully started the Nginx Proxy Manager." page. Also, if I go to www.mydomain.com, which is the host I configured in NPM, it takes me to the site no problem. 

 

So, I want to do a better job of explaining what's happening. In cloudflare right now, I have an A record that points to my IP, and a cname for www that targets the main domain. We'll say it's mydomain.com.

 

In NPM on my unraid server, if I create a proxy host and put "mydomain.com" in the Domain Names input, the proxy doesn't work. Meaning, if I go to mydomain.com in a browser, I get a 500 error from cloudflare. At the same time I know NPM is running because I can go to the IP directly and see the congratulations page. Also, if I curl to the container from within the NPM console, it can communicate.

 

Now, for the weird part. If I create a new Proxy Host and give it a domain name of www.mydomain.com OR... to clear up any confusion with WWW, it' has nothing to do with WWW, because if I put poop.mydomain.com or any other subdomain.mydomain.com... NPM works as expected. If I visit, poop.mydomain.com, or subdomain.mydomain.com, I see the properly served container (of course, as long as I created the correlating cname record in cloudflare).

 

I hope that clarifies things.

Link to comment
1 minute ago, dv310p3r said:

That's not an option. The host is a required field.

I meant if you try to access a domain that you don't have an entry for in NPM, then you should get the "Congratulations,...". 

So if you do not put an entry for "mydomain.com"  in NPM but try accessing "mydomain.com" you should get the "Congratulations,...".  If not it's likely the issue is on the DNS side and "mydomain.com" isn't properly pointing to your address. 

Link to comment
9 hours ago, dv310p3r said:

And yes, if I have no Proxy Hosts configured in NPM and then try and go to mydomain.com, I get the congratulations page.

Strange. And you did test www.example.com and example.com, both with the same container as target? Did you try to add example.com to the already existing proxy host www.example.com as a second domain? Maybe this helps?!

  • Like 1
Link to comment

Yeah thats's weird. My main bare "domain.com" is a redirect in my setup and that works, but I just tried adding "domain2.com" to an entry that usually only has "web.domain2.com" and that works just fine.

 

Can only think it's an issue with the entry settings, or maybe SSL cert missing, don't know how cloudflare behaves if that's missing. 

Link to comment
1 hour ago, Kilrah said:

Can only think it's an issue with the entry settings, or maybe SSL cert missing, don't know how cloudflare behaves if that's missing. 

Good idea. In Cloudflare it's possible to force a valid SSL certificate between Cloudflare and NPM. Maybe this setting is active.

 

@dv310p3r

Try to add example.com to your local hosts file and set your local server IP. Then test through "ping" if the IP is used. Now open the domain again through your browser. By that you are bypassing cloudflare and connecting NPM directly.

Link to comment
  • 2 weeks later...

Not sure if this is the right place to ask for help, but I have a weird issue.  I have two Radarr instances in my setup, one standard and one 4k.  Today, my 4k instance is authenticating, but the page never loads fully and doesn't get me into the console, while my standard docker is accessible via the proxy link.  I can access the docker locally and authenticate, and get at what I need, but it does not work correctly when proxied.  I've attached the most relevant screenshots I can think of.  Thanks in advance for any guidance.

Screen Shot 2022-08-02 at 1.22.09 PM.png

 

Screen Shot 2022-08-02 at 1.22.17 PM.png

 

Screen Shot 2022-08-02 at 1.22.23 PM.png

 

Screen Shot 2022-08-02 at 1.22.34 PM.png

 

Screen Shot 2022-08-02 at 1.22.42 PM.png

 

Screen Shot 2022-08-02 at 1.22.50 PM.png

 

***UPDATE***

 

This issue has resolved itself, apparently.  No action needed, 4K instance is coming up as expected.

Edited by jackfalveyiv
Problem solved
Link to comment

Started getting this error recently.

 

 

⚠ warning Error: Command failed: logrotate /etc/logrotate.d/nginx-proxy-manager
error: skipping "/data/logs/default-host_access.log" because parent directory has insecure permissions (It's world writable or writable by group which is not "root") Set "su" directive in config file to tell logrotate which user/group should be used for rotation.
error: skipping "/data/logs/fallback_access.log" because parent directory has insecure permissions (It's world writable or writable by group which is not "root") Set "su" directive in config file to tell logrotate which user/group should be used for rotation.
error: skipping "/data/logs/proxy-host-10_access.log" because parent directory has insecure permissions (It's world writable or writable by group which is not "root") Set "su" directive in config file to tell logrotate which user/group should be used for rotation.
error: skipping "/data/logs/proxy-host-1_access.log" because parent directory has insecure permissions (It's world writable or writable by group which is not "root") Set "su" directive in config file to tell logrotate which user/group should be used for rotation.
error: skipping "/data/logs/proxy-host-2_access.log" because parent directory has insecure permissions (It's world writable or writable by group which is not "root") Set "su" directive in config file to tell logrotate which user/group should be used for rotation.
error: skipping "/data/logs/proxy-host-3_access.log" because parent directory has insecure permissions (It's world writable or writable by group which is not "root") Set "su" directive in config file to tell logrotate which user/group should be used for rotation.
error: skipping "/data/logs/proxy-host-4_access.log" because parent directory has insecure permissions (It's world writable or writable by group which is not "root") Set "su" directive in config file to tell logrotate which user/group should be used for rotation.
error: skipping "/data/logs/proxy-host-5_access.log" because parent directory has insecure permissions (It's world writable or writable by group which is not "root") Set "su" directive in config file to tell logrotate which user/group should be used for rotation.
error: skipping "/data/logs/proxy-host-6_access.log" because parent directory has insecure permissions (It's world writable or writable by group which is not "root") Set "su" directive in config file to tell logrotate which user/group should be used for rotation.
error: skipping "/data/logs/proxy-host-7_access.log" because parent directory has insecure permissions (It's world writable or writable by group which is not "root") Set "su" directive in config file to tell logrotate which user/group should be used for rotation.
error: skipping "/data/logs/proxy-host-8_access.log" because parent directory has insecure permissions (It's world writable or writable by group which is not "root") Set "su" directive in config file to tell logrotate which user/group should be used for rotation.
error: skipping "/data/logs/proxy-host-9_access.log" because parent directory has insecure permissions (It's world writable or writable by group which is not "root") Set "su" directive in config file to tell logrotate which user/group should be used for rotation.
error: skipping "/data/logs/redirection-host-1_access.log" because parent directory has insecure permissions (It's world writable or writable by group which is not "root") Set "su" directive in config file to tell logrotate which user/group should be used for rotation.
error: skipping "/data/logs/redirection-host-2_access.log" because parent directory has insecure permissions (It's world writable or writable by group which is not "root") Set "su" directive in config file to tell logrotate which user/group should be used for rotation.
error: skipping "/data/logs/redirection-host-3_access.log" because parent directory has insecure permissions (It's world writable or writable by group which is not "root") Set "su" directive in config file to tell logrotate which user/group should be used for rotation.
error: skipping "/data/logs/default-host_error.log" because parent directory has insecure permissions (It's world writable or writable by group which is not "root") Set "su" directive in config file to tell logrotate which user/group should be used for rotation.
error: skipping "/data/logs/fallback_error.log" because parent directory has insecure permissions (It's world writable or writable by group which is not "root") Set "su" directive in config file to tell logrotate which user/group should be used for rotation.
error: skipping "/data/logs/proxy-host-10_error.log" because parent directory has insecure permissions (It's world writable or writable by group which is not "root") Set "su" directive in config file to tell logrotate which user/group should be used for rotation.
error: skipping "/data/logs/proxy-host-1_error.log" because parent directory has insecure permissions (It's world writable or writable by group which is not "root") Set "su" directive in config file to tell logrotate which user/group should be used for rotation.
error: skipping "/data/logs/proxy-host-2_error.log" because parent directory has insecure permissions (It's world writable or writable by group which is not "root") Set "su" directive in config file to tell logrotate which user/group should be used for rotation.
error: skipping "/data/logs/proxy-host-3_error.log" because parent directory has insecure permissions (It's world writable or writable by group which is not "root") Set "su" directive in config file to tell logrotate which user/group should be used for rotation.
error: skipping "/data/logs/proxy-host-4_error.log" because parent directory has insecure permissions (It's world writable or writable by group which is not "root") Set "su" directive in config file to tell logrotate which user/group should be used for rotation.
error: skipping "/data/logs/proxy-host-5_error.log" because parent directory has insecure permissions (It's world writable or writable by group which is not "root") Set "su" directive in config file to tell logrotate which user/group should be used for rotation.
error: skipping "/data/logs/proxy-host-6_error.log" because parent directory has insecure permissions (It's world writable or writable by group which is not "root") Set "su" directive in config file to tell logrotate which user/group should be used for rotation.
error: skipping "/data/logs/proxy-host-7_error.log" because parent directory has insecure permissions (It's world writable or writable by group which is not "root") Set "su" directive in config file to tell logrotate which user/group should be used for rotation.
error: skipping "/data/logs/proxy-host-8_error.log" because parent directory has insecure permissions (It's world writable or writable by group which is not "root") Set "su" directive in config file to tell logrotate which user/group should be used for rotation.
error: skipping "/data/logs/proxy-host-9_error.log" because parent directory has insecure permissions (It's world writable or writable by group which is not "root") Set "su" directive in config file to tell logrotate which user/group should be used for rotation.
error: skipping "/data/logs/redirection-host-1_error.log" because parent directory has insecure permissions (It's world writable or writable by group which is not "root") Set "su" directive in config file to tell logrotate which user/group should be used for rotation.
error: skipping "/data/logs/redirection-host-2_error.log" because parent directory has insecure permissions (It's world writable or writable by group which is not "root") Set "su" directive in config file to tell logrotate which user/group should be used for rotation.
error: skipping "/data/logs/redirection-host-3_error.log" because parent directory has insecure permissions (It's world writable or writable by group which is not "root") Set "su" directive in config file to tell logrotate which user/group should be used for rotation.
 

 

 

/mnt/user/appdata/nginxproxymanager:
total 0
drwxrwxrwx 1 root   root   30 Nov 26  2021 ./
drwxrwxrwx 1 nobody users 894 Jul 31 11:03 ../
drwxrwxrwx 1 root   root  132 Aug  2 18:06 data/
drwxrwxrwx 1 root   root  114 Aug  2 18:06 letsencrypt/

/mnt/user/appdata/nginxproxymanager/data:
total 484
drwxrwxrwx 1 root root    132 Aug  2 18:06 ./
drwxrwxrwx 1 root root     30 Nov 26  2021 ../
drwxrwxrwx 1 root root      0 Nov 26  2021 access/
drwxrwxrwx 1 root root      0 Nov 26  2021 custom_ssl/
-rw-rw-rw- 1 root root 495616 Aug  2 18:06 database.sqlite
drwxrwxrwx 1 root root      0 Nov 26  2021 letsencrypt-acme-challenge/
drwxrwxrwx 1 root root   1410 Jul 30 22:00 logs/
drwxrwxrwx 1 root root    186 Nov 26  2021 nginx/

/mnt/user/appdata/nginxproxymanager/letsencrypt:
total 0
drwxrwxrwx 1 root root 114 Aug  2 18:06 ./
drwxrwxrwx 1 root root  30 Nov 26  2021 ../
drwxrwxrwx 1 root root  56 Nov 26  2021 accounts/
drwxrwxrwx 1 root root  36 Nov 26  2021 archive/
drwxrwxrwx 1 root root 112 Nov 26  2021 credentials/
drwxrwxrwx 1 root root 720 Jul 24 20:00 csr/
drwxrwxrwx 1 root root 720 Jul 24 20:00 keys/
drwxrwxrwx 1 root root  48 Nov 26  2021 live/
drwxrwxrwx 1 root root  66 Jul 24 20:00 renewal/
drwxrwxrwx 1 root root  26 Nov 26  2021 renewal-hooks/

Link to comment
On 8/3/2022 at 3:50 AM, sdballer said:

error: skipping "/data/logs/default-host_access.log" because parent directory has insecure permissions (It's world writable or writable by group which is not "root") Set "su" directive in config file to tell logrotate which user/group should be used for rotation.

The path /data/logs has wrong permissions. If they are located in appdata: Did you change them? Fix those by using chmod. You need to change them to 755 (they seem to have 777).

Link to comment

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.

Guest
Reply to this topic...

×   Pasted as rich text.   Restore formatting

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.