Kilrah Posted February 2, 2023 Share Posted February 2, 2023 (edited) Do you have both ports 80 and 443 forwarded to NPM? Look at container logs, might give an insight Edited February 2, 2023 by Kilrah Quote Link to comment
WillyThunder Posted February 3, 2023 Share Posted February 3, 2023 Yes I have. Otherwise i could not get SSL-Certificates for the subdomains which i totally can, right? Log says [2/3/2023] [9:41:31 AM] [Express ] › ⚠ warning Command failed: certbot certonly --config "/etc/letsencrypt.ini" --cert-name "npm-60" --agree-tos --authenticator webroot --email "[email protected]" --preferred-challenges "dns,http" --domains "example.com" Any Ideas? Quote Link to comment
mgutt Posted February 3, 2023 Author Share Posted February 3, 2023 Retry it, then check the recent logs inside of the appdata directory /data/logs Quote Link to comment
Mosorio Posted February 10, 2023 Share Posted February 10, 2023 Hi am new to NPM i want to know if its possible to just use the reverse proxy feature without letsencrypt in https and having the certificate in the server that points to, no the NPM, why? i have a server with iis and a certificate bought for two years but when i use NPM to get to that server doesnt load the certificate unless i use one from letsencrypt generated from the NPM. How can i use the certificate that is already working in the server (not exporting to the NPM) sorry for my english Quote Link to comment
aglyons Posted February 14, 2023 Share Posted February 14, 2023 I was running some Docker updates and got a docker.img usage warning. I started to look and see if I had something set to store logs in the wrong spot and noticed the path for error logs. /tmp/Nginx-Proxy-Manager-Official/var/log I can't find out where that path is on the server. It's not in any share, it's not on the thumb drive and it's not in the cache. Where are these log files being stored and is there any management that needs to be done to keep them in check? Quote Link to comment
Kilrah Posted February 14, 2023 Share Posted February 14, 2023 It would be in, well /tmp, which is in RAM. It's not supposed to get big that quick (9MB for 6 days here). Quote Link to comment
mgutt Posted February 14, 2023 Author Share Posted February 14, 2023 2 hours ago, aglyons said: I can't find out where that path is on the server. It's not in any share /tmp is the default Linux path for temporary files and unRAID mounts it to the RAM. The purpose of this tweak is to avoid unnecessary writes to your SSD. 2 hours ago, aglyons said: got a docker.img usage warning. There is no connection between /tmp and the docker.img. Must be another reason. Btw: you should switch docker to directory. Less overhead and no size limitation, except the size of your SSD. Quote Link to comment
mklecka Posted February 19, 2023 Share Posted February 19, 2023 On 12/12/2022 at 8:30 AM, mgutt said: Check debug 5xx errors on the first page of this thread. As it happened after a reboot I would assume you created a custom network, which is now missing?! There is a docker setting in unRAID to keep custom networks. Im having the same problem. After unraid reboot, npm always shows 502 error. Its on br0 and "preserve user defined networks" is enabled. This problem disappears when i restart whole docker service. If i try to restart just npm container the problem stays. Any tips? Quote Link to comment
Kilrah Posted February 19, 2023 Share Posted February 19, 2023 2 minutes ago, mklecka said: Im having the same problem. After unraid reboot, npm always shows 502 error. Its on br0 and "preserve user defined networks" is enabled. This problem disappears when i restart whole docker service. If i try to restart just npm container the problem stays. Any tips? br0 is not a "custom network" and is newly created at each boot so its ID will change. You have to make your own if you want it to be preserved. Quote Link to comment
mklecka Posted February 19, 2023 Share Posted February 19, 2023 49 minutes ago, Kilrah said: br0 is not a "custom network" and is newly created at each boot so its ID will change. You have to make your own if you want it to be preserved. Oh, i see. So right now i have npm on br0 with fixed ip. Can i still have that same fixed ip within custom docker network? I already have a custom docker network, but the ips are 172xxxxx. Any tips? Thanks Quote Link to comment
Kilrah Posted February 19, 2023 Share Posted February 19, 2023 Yes, you can create your own macvlan/ipvlan network like br0 is: https://docs.docker.com/network/macvlan/ https://docs.docker.com/network/ipvlan/ Quote Link to comment
mgutt Posted February 19, 2023 Author Share Posted February 19, 2023 2 hours ago, mklecka said: After unraid reboot, npm always shows 502 error. Its on br0 and "preserve user defined networks" is enabled. This problem disappears when i restart whole docker service. If i try to restart just npm container the problem stays. Doesn't sound normal to me. The br0 network is a network which is created by default if you enabled bridge in the Unraid network settings. The option "preserve custom" is only needed it you create custom networks through the terminal, but it's usually not required. I'd say you have a port conflict. This means a different container uses a port which is needed by NPM and after you restart the whole docker service, NPM is started before the conflicting container. Which of yours are started after NPM and use the same network as NPM? Or does NPM use br0 with its own fixed IP address? Quote Link to comment
mklecka Posted February 19, 2023 Share Posted February 19, 2023 1 hour ago, mgutt said: Doesn't sound normal to me. The br0 network is a network which is created by default if you enabled bridge in the Unraid network settings. The option "preserve custom" is only needed it you create custom networks through the terminal, but it's usually not required. I'd say you have a port conflict. This means a different container uses a port which is needed by NPM and after you restart the whole docker service, NPM is started before the conflicting container. Which of yours are started after NPM and use the same network as NPM? Or does NPM use br0 with its own fixed IP address? As far as i know there are no port conflicts. I have NPM setup to use br0 with static address and its the first container that starts. Quote Link to comment
mgutt Posted February 19, 2023 Author Share Posted February 19, 2023 1 hour ago, mklecka said: NPM setup to use br0 with static address Ok, and are you able to reach the NPM GUI while pages return 502? Quote Link to comment
mklecka Posted February 19, 2023 Share Posted February 19, 2023 59 minutes ago, mgutt said: Ok, and are you able to reach the NPM GUI while pages return 502? yes, i was able to access it. Weird thing is, i was able to access some containers and some not. Didn't matter if they were on custom docker network or on br0 with static address assigned. Again, after restartign docker service i was able to access containers previously inaccesible. Should i post some logs?/which ones? Quote Link to comment
mklecka Posted February 19, 2023 Share Posted February 19, 2023 19 minutes ago, mklecka said: yes, i was able to access it. Weird thing is, i was able to access some containers and some not. Didn't matter if they were on custom docker network or on br0 with static address assigned. Again, after restartign docker service i was able to access containers previously inaccesible. Should i post some logs?/which ones? sorry to waste your time, im fkin dumb.. didnt occur to me, that some containers take really long time for me to start and werent started yet.. Quote Link to comment
SevenEleven Posted February 21, 2023 Share Posted February 21, 2023 Thank you for putting this all together. I have been reading over the thread and havent been able to find a similar situation to mine. Although I am sure I must be just missing it. I have HomeAssistant running in a VM network source is : br0 I am running Nginx in an unraid docker with a bridged network. All of my other dockers are successfully configured on nginx. I havent been able to get HomeAssistant working. My tower is 192.168.1.150 Home assisant VM is 192.168.1.212:8123 I have gotten as far as getting home assistant login screen at ha.mydomain.ca but it then says "unable to connect to home assistant. Retrying in xx seconds..." Then I get a 502 bad gateway page. Cname is setup on google domains - hostname: ha.mydomain.ca data - myname-duckdns.org nginx setup: domain : ha.mydomain.ca scheme: http IP: 192.168.1.212 (virtual machine ip) Forwarded port : 8123 My thought is that it has to do with the VM being on a separate IP from the nginx docker. But I am not sure how to go about fixing it, or if that is even the correct idea. Thank you for looking Quote Link to comment
Kilrah Posted February 22, 2023 Share Posted February 22, 2023 10 hours ago, SevenEleven said: I have gotten as far as getting home assistant login screen at ha.mydomain.ca but it then says "unable to connect to home assistant. Retrying in xx seconds..." Likely you didn't add the trusted proxies entry in HA configuration: Quote Link to comment
mklecka Posted February 26, 2023 Share Posted February 26, 2023 (edited) On 2/19/2023 at 7:31 PM, mklecka said: yes, i was able to access it. Weird thing is, i was able to access some containers and some not. Didn't matter if they were on custom docker network or on br0 with static address assigned. Again, after restartign docker service i was able to access containers previously inaccesible. Should i post some logs?/which ones? ok, so me again.. i thought it was long container loading times, but problem still presists as its is about 20 mins from unraid start and its still not working. Here's a list to see better whats accesible. br0, custom ip - can access though IP and NPM NPM UI Home asssitant VM Router Adguard home custom docker network - can't access via NPM, but can through IP:port sonarr radarr homepage jellyfin jellyseer etc etc unraid ui - cant access through NPM but can through IP Again, if i disable docker in unraid and reenable it, then everything loads through NPM no problem. Thanks for any help. Edited February 26, 2023 by mklecka Quote Link to comment
mgutt Posted February 26, 2023 Author Share Posted February 26, 2023 4 minutes ago, mklecka said: Here's a list to see better whats accesible. I absolutely don't understand your list. First list is br0 and your list contains what is reachable and then custom network and the containers you can not reach?! Apart from that: Why don't you simply use the host network for NPM? Change unRAID to 5000/5001 and let NPM listen to 80/443. Put the other containers to the bridge network and you have the most simpel setup. Quote Link to comment
mklecka Posted February 26, 2023 Share Posted February 26, 2023 6 minutes ago, mgutt said: I absolutely don't understand your list. First list is br0 and your list contains what is reachable and then custom network and the containers you can not reach?! Apart from that: Why don't you simply use the host network for NPM? Change unRAID to 5000/5001 and let NPM listen to 80/443. Put the other containers to the bridge network and you have the most simpel setup. yes, first list is containers on br0 network which are all accessible when NPM container starts. second are containers on custom network (in my case dockernet) which i can't reach until i completely restart docker. yeah, i could do that. I just really dont understand, why my setup only works after docker restart.. Other than that, i have no problems with it. And i use custom network so containers can communicate just by container name. Quote Link to comment
WillWorkForAmmo Posted March 3, 2023 Share Posted March 3, 2023 I recently tried renewing my certs since they were expired. When running the 'renew' option from the GUI, the log shows the following: Failed to renew certificate npm-1 with error: [Errno 117] Structure needs cleaning: '/etc/letsencrypt/csr/2485_csr-certbot.pem' All renewals failed. The following certificates could not be renewed: /etc/letsencrypt/live/npm-1/fullchain.pem (failure) When I browse to the csr path in Krusader, the folder is empty. I was able to find online that this message usually means there is corruption. Is there a way to resolve this without just re-installing the container and setting up again? Quote Link to comment
007craft Posted March 4, 2023 Share Posted March 4, 2023 (edited) I'm having problems with certs Auto renewing. After digging, I find this is caused because when NPM tries to renew all the certs, it fails on 3 old certs for domains I removed and then gets blocked from renewing further. Ok great, so I removed the certs and proxies from the GUI. Unfortunately its STILL trying to renew them. NPM-13, NPM-24 and NPM-6 don't exist anymore. How can I fix this? Is there a command to remove them from the Database? SOLUTION: I figured it out in case anybody wants to know. Just goto the folder /etc/letsencrypt/renewal/ (which should be in your appdata folder) and remove the npm-xx.conf file thats giving you problems. Looks like these conf files are whats controlling the cert renewals on startup. Edited March 4, 2023 by 007craft Quote Link to comment
Kilrah Posted March 5, 2023 Share Posted March 5, 2023 A cleaner way is to do `certbot delete` then select it from the list. Quote Link to comment
jackfalveyiv Posted March 6, 2023 Share Posted March 6, 2023 My server had backups run last night and I woke up to all my reverse proxied apps not connecting. All connect locally without issue. When looking at the logs, I saw the attached information. Is this a critical error that's broken my docker, and if so, how can I remediate? Quote Link to comment
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.