[Support] Nginx Proxy Manager (NPM) Official


Recommended Posts

6 minutes ago, MAM59 said:

At the end of the line you will have ":latests", change this to ":2.9.22" and hit ok. It will downgrade to this version and never ask for an update again.

 

I just did this and it didn't fix it for me, though moving the container to a different server fixed the issue with editing the hosts, but the not being able to connect to things on the server hosting the container still is ongoing.

Link to comment
1 hour ago, Herobrine said:

and it didn't fix it for me

Make sure you fulfill the basic setup needs for this docker:

* move UNRAID GUI to different ports (free 80 and 443)

* install the docker in HOST mode (the shown ports do not matter, it will be always 80 and 443), version 2.9.22 works best (for me)

* install other dockers that should be proxied in BRIDGE mode (using different ports for each of them)

* create a DNS entry for every to-be-proxied docker

* create a "proxy host" entry for every to-be-proxied docker (using the DNS name from above, the target url should be either a local hostname or, better, the internal ip address followed by the corresponding portnumber from above)

* test this proxied docker with http only. if something is wrong, go back (and report here)

* optionally request a SSL certificate for every to-be-proxied docker.

* test this proxied docker with https, if it works you are done

 

Follow this order EXACTLY and tell me, at which point your system refuses to work.

 

(BTW: NPM can also be installed in BRIDGE mode, but you will regret it sooner or later. Run it in HOST mode, this way you will be able to pass the external client addresses to the to-be-proxied hosts, many of them will need them)

 

Edited by MAM59
Link to comment
  • 2 weeks later...

NPM v2.10.3

 

NPM > Settings > Default Site

 

I have this set to redirect to google.com.

 

I went to test it hitting my public IP and the redirect works for 443 but not for 80.

 

I then used an old subdomain I had set up which was still pointing to my IP.

  • If I hit the domain naked, I get the unknown domain redirection
  • If I add the protocol 'http' I get the redirection
  • If I add the protocol 'https' I don't get the redirection.

This may be something I need to submit to Git

Link to comment

Today I killed my NPM my accidentally removing some files. I could have restored my backup, but instead I took the chance to test the newest NPM version. I even tested the PUID and PGID variables, but those simply does not work (something like "superuser is missing" error came up in the logs). So the current NPM template still works as expected.

 

I would suggest everybody to take notes of each proxy host and do a fresh re-install of the current version. Re-installing with copy & paste takes less then 10 minutes depending on the amount of hosts you have. I wrote down my host settings to a simple text file:

 

image.png.404f696181a61a0bef828857e9784714.png

 

 

Link to comment
1 hour ago, mgutt said:

Today I killed my NPM my accidentally removing some files. I could have restored my backup, but instead I took the chance to test the newest NPM version. I even tested the PUID and PGID variables, but those simply does not work (something like "superuser is missing" error came up in the logs). So the current NPM template still works as expected.

 

I would suggest everybody to take notes of each proxy host and do a fresh re-install of the current version. Re-installing with copy & paste takes less then 10 minutes depending on the amount of hosts you have. I wrote down my host settings to a simple text file:

 

image.png.404f696181a61a0bef828857e9784714.png

 

 


Currently mine is operating with these parameters:

1755065467_Screenshot2023-05-18112102.thumb.jpg.6689012b4e21be072dae5183c9350102.jpg

 

Last few weeks/month have been extremely difficult with all the container/permission changes he's been toying with. I am finally on 2.10.3 all seems to have "settled down".

I realize it isn't the containers doing/Unraid but I REALLY wish there was a export all hosts option so that some of the burden of "starting over" could be reduced.

 

Link to comment

Probably the /tmp/Nginx... path has wrong permissions. That's why I added this to my /boot/config/go file:

 

mkdir -m 777 -p /tmp/Nginx-Proxy-Manager-Official/var/log

 

Not sure if this still necessary.

 

Another option would be to delete this path:

 

Screenshot_20230521_201052.png.e242720e63f4c08c8fda8a094f2d7c47.png

 

But then all logs are written to the SSD. Not my favorite as it causes permanently writes.

Link to comment
8 minutes ago, mgutt said:

Probably the /tmp/Nginx... path has wrong permissions. That's why I added this to my /boot/config/go file:

 

mkdir -m 777 -p /tmp/Nginx-Proxy-Manager-Official/var/log

 

Not sure if this still necessary.

 

Another option would be to delete this path:

 

Screenshot_20230521_201052.png.e242720e63f4c08c8fda8a094f2d7c47.png

 

But then all logs are written to the SSD. Not my favorite as it causes permanently writes.

Can you please provide more context about adding to your "/boot/config/go" file?

I ran this: https://github.com/NginxProxyManager/nginx-proxy-manager/pull/1140

 

And it said nothing needed rotated as not older than 7 days, BUT in my log folder I have a *lot* of logs not edited in more than 7 days. I wonder if I could just delete all those from say last year for example with no ill effects?

 

1450566747_ScreenShot2023-05-21at1_19_11PM.thumb.png.acc53734c79caa4877ad8e1b451dcd23.png

Link to comment

Sorry, it's /data/log not /var/log. Missed that. So my post is not related to that.

 

1 hour ago, blaine07 said:

I wonder if I could just delete all those from say last year for example with no ill effects?

These are only logs. Feel free to delete them. I think rotation is broken because those hosts were deleted in the past.

Link to comment
10 minutes ago, mgutt said:

Sorry, it's /data/log not /var/log. Missed that. So my post is not related to that.

 

These are only logs. Feel free to delete them. I think rotation is broken because those hosts were deleted in the past.

So stop container, delete them ALL(inside log folder), start container and they’ll all re-create?

Link to comment

That's what I would do. Of course you could create a backup:

 

cp -a --reflink /mnt/cache/appdata /mnt/cache/appdata_backup

 

This is a snapshot copy. It takes only seconds to create and does not really use space. Feel free to delete this folder afterwards.

  • Like 1
Link to comment
9 minutes ago, mgutt said:

That's what I would do. Of course you could create a backup:

 

cp -a --reflink /mnt/cache/appdata /mnt/cache/appdata_backup

 

This is a snapshot copy. It takes only seconds to create and does not really use space. Feel free to delete this folder afterwards.

Seems to have worked; thank YOU! 

Link to comment
  • 2 weeks later...

  

On 4/6/2023 at 3:48 PM, flowermoron said:

im having failed (113: No route to host), used to work, didnt change anything on my router

 

Super weird! I started having this today with only a few of my proxy hosts, maybe 3 and the rest worked fine. Was pulling my hair out trying to figure out what was going on. I could find no change in NginxProxyManager container that would warrant a new behavior, hadn't updated, made no changes.

 

In case anyone comes here getting:

*269 connect() failed (113: No route to host) while connecting to upstream

or something similar, I eventually disabled Docker and re-enabled it and it went away. I assume it had something to do with Docker networking being twitchy after I had some unrelated problems a few days ago with my Docker image filling up... then my Plex container had a stuck network connection to br0. This must have stemmed from that.

 

 

Link to comment

Working on a Proof of concept, I have Nginx-Proxy-Manager-Official installed as a br0 network with public IP of 192.168.123 and it has a private network of 172.16.0.2

 

I am running containers of and phpbb, mediawiki and phpmyadmin on the Private network

My goal is to have each container accessible via the schema below

 

https:://192.168.1.123/phpbb

https:://192.168.1.123/mediawiki

https:://192.168.1.123/phpmyadmin

 

Nginx-Proxy-Manager-Official can resolve both the phpbb, mediawiki and phpmyadmin from in the container (curl <dnsname>  I got mediawiki setup and it looks to be running

 

My proxy Host Domain name is 192.168.1.123

  • Schema is http,
  • Forward Host/IP is 192.168.1.123
  • Port is 80

Under Custom location for the host domain

First location is /phpbb

  • Schema=http
  • Forward Hostname = phpbb
  • Port 8080

Second location is /mediawiki

  • Schema=http
  • Forward Hostname = mediawiki
  • Port 80

Third location is /phpmyadmin

  • Schema=http
  • Forward Hostname = phpmyadmin
  • Port 80

Mediawiki seems to work but phpbb returns forbidden and phpmyadmin just error out

 

phpmyadmin in proxy-host-1_access

 

[02/Jun/2023:04:04:56 +0000] - 404 404 - GET http 192.168.1.123 "/phpmyadmin" [Client 192.168.1.142] [Length 244] [Gzip 1.18] [Sent-to 192.168.1.123] "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/113.0" "-"

[02/Jun/2023:04:04:56 +0000] - 502 502 - GET http 192.168.1.123 "/favicon.ico" [Client 192.168.1.142] [Length 154] [Gzip -] [Sent-to 192.168.1.123] "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/113.0" http://192.168.1.123/phpmyadmin

 

phpbb in proxy-host-1_access

 

[02/Jun/2023:04:07:01 +0000] - 403 403 - GET http 192.168.1.123 "/phpbb/" [Client 192.168.1.142] [Length 186] [Gzip 1.14] [Sent-to 192.168.1.123] "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/113.0" "-"

 

Any insite onto what may be happening would be great.

Link to comment

Made a bit of progress for phpbb if i change the location to First location is /forum (or anything other then "/phpbb") I will get the page however it missing all the formatting and then when i try to log in it gives me a 502 error.

 

2023/06/03 03:06:27 [error] 2274#2274: *34126 recv() failed (104: Connection reset by peer) while reading response header from upstream, client: 192.168.1.142, server: 192.168.1.123, request: "GET /bitnami/phpbb/styles/prosilver/template/forum_fn.js HTTP/1.1", upstream: "http://192.168.1.123:80/bitnami/phpbb/styles/prosilver/template/forum_fn.js", host: "192.168.1.123", referrer: "http://192.168.1.123/phpBB3"
2023/06/03 03:06:27 [error] 2274#2274: *34172 recv() failed (104: Connection reset by peer) while reading response header from upstream, client: 192.168.1.142, server: 192.168.1.123, request: "GET /assets/javascript/jquery-3.6.0.min.js?assets_version=4 HTTP/1.1", upstream: "http://192.168.1.123:80/assets/javascript/jquery-3.6.0.min.js?assets_version=4", host: "192.168.1.123", referrer: "http://192.168.1.123/phpBB3"
2023/06/03 03:06:27 [error] 2275#2275: *34166 upstream prematurely closed connection while reading response header from upstream, client: 192.168.1.142, server: 192.168.1.123, request: "GET /assets/javascript/core.js?assets_version=4 HTTP/1.1", upstream: "http://192.168.1.123:80/assets/javascript/core.js?assets_version=4", host: "192.168.1.123", referrer: "http://192.168.1.123/phpBB3"
2023/06/03 03:06:27 [error] 2274#2274: *34174 upstream prematurely closed connection while reading response header from upstream, client: 192.168.1.142, server: 192.168.1.123, request: "GET /styles/prosilver/theme/stylesheet.css?assets_version=4 HTTP/1.1", upstream: "http://192.168.1.123:80/styles/prosilver/theme/stylesheet.css?assets_version=4", host: "192.168.1.123", referrer: "http://192.168.1.123/phpBB3"
2023/06/03 03:06:27 [error] 2274#2274: *34173 upstream prematurely closed connection while reading response header from upstream, client: 192.168.1.142, server: 192.168.1.123, request: "GET /assets/css/font-awesome.min.css?assets_version=4 HTTP/1.1", upstream: "http://192.168.1.123:80/assets/css/font-awesome.min.css?assets_version=4", host: "192.168.1.123", referrer: "http://192.168.1.123/phpBB3"
2023/06/03 03:06:27 [warn] 2274#2274: *34963 using uninitialized "server" variable while logging request, client: 192.168.1.123, server: 192.168.1.123, request: "GET /styles/prosilver/theme/en/stylesheet.css?assets_version=4 HTTP/1.1", host: "192.168.1.123"
2023/06/03 03:06:28 [error] 2274#2274: *36372 recv() failed (104: Connection reset by peer) while reading response header from upstream, client: 192.168.1.142, server: 192.168.1.123, request: "GET /bitnami/phpbb/styles/prosilver/template/ajax.js HTTP/1.1", upstream: "http://192.168.1.123:80/bitnami/phpbb/styles/prosilver/template/ajax.js", host: "192.168.1.123", referrer: "http://192.168.1.123/phpBB3"
2023/06/03 03:06:28 [error] 2277#2277: *36454 recv() failed (104: Connection reset by peer) while reading response header from upstream, client: 192.168.1.142, server: 192.168.1.123, request: "GET /app.php/cron/cron.task.core.update_hashes HTTP/1.1", upstream: "http://192.168.1.123:80/app.php/cron/cron.task.core.update_hashes", host: "192.168.1.123", referrer: "http://192.168.1.123/phpBB3"
2023/06/03 03:06:28 [warn] 2277#2277: *36806 using uninitialized "server" variable while logging request, client: 192.168.1.123, server: 192.168.1.123, request: "GET /bitnami/phpbb/styles/prosilver/template/forum_fn.js HTTP/1.1", host: "192.168.1.123"
2023/06/03 03:06:28 [error] 2274#2274: *37784 recv() failed (104: Connection reset by peer) while reading response header from upstream, client: 192.168.1.142, server: 192.168.1.123, request: "GET /bitnami/phpbb/styles/prosilver/template/ajax.js HTTP/1.1", upstream: "http://192.168.1.123:80/bitnami/phpbb/styles/prosilver/template/ajax.js", host: "192.168.1.123", referrer: "http://192.168.1.123/phpBB3"
2023/06/03 03:06:28 [error] 2274#2274: *38793 recv() failed (104: Connection reset by peer) while reading response header from upstream, client: 192.168.1.142, server: 192.168.1.123, request: "GET /favicon.ico HTTP/1.1", upstream: "http://192.168.1.123:80/favicon.ico", host: "192.168.1.123", referrer: "http://192.168.1.123/phpBB3"

 

If anyone is willing to try I can post my docker-compose.yaml and they can spin up their own instance.

Link to comment
On 6/2/2023 at 6:14 AM, Matthew_K said:

My goal is to have each container accessible via the schema below

https://192.168.1.123/phpbb

https://192.168.1.123/mediawiki

https://192.168.1.123/phpmyadmin

 

 Nginx-Proxy-Manager-Official can resolve both the phpbb, mediawiki and phpmyadmin from in the container

Wouldn't it be easier to use http://phpbb.local or an usual domain?! This works if your phpbb container provides it's hostname through avahi/mdns, but of course this does not use the proxy then. Requests would go directly to the phpbb container.

 

Why do you want https on a local IP?! You will receive warnings from your browser without a valid certificate.

 

On 6/2/2023 at 6:14 AM, Matthew_K said:

Mediawiki seems to work but phpbb returns forbidden and phpmyadmin just error out

Are all these containers providing their content through a subdirectory or not?

 

I mean if you have a custom location /mediawiki and you are forwarding it to http://mediawiki, this can not work if mediawiki does provide the content through http://mediawiki/wiki/index.html as there isn't anything in http://mediawiki/

 

Do those containers have http logs? It would be helpful to see what is requested.

 

2 hours ago, Matthew_K said:

if i change the location to First location is /forum (or anything other then "/phpbb") I will get the page

This is strange:

2 hours ago, Matthew_K said:
http://192.168.1.123/phpBB3

Is it possible that phpbb runs in the subfolder "phpBB3"?

 

Another problem:

Not all website softwares detect all parts of the URL and use it. Maybe the software only detects the hostname and not the subdir, then it forwards the user to https://192.168.1.123/login-success.html I stead of https://192.168.1.123/mediawiki/login-success.html

 

Here is an example of phpmyadmin which has a variable to set the base URL:

https://docs.phpmyadmin.net/en/latest/config.html

Quote

 

$cfg['PmaAbsoluteUri']

...

it is advisable to try leaving this blank. In most cases phpMyAdmin automatically detects the proper setting. Users of port forwarding or complex reverse proxy setup might need to set this.

 

 

So as you can see it already tries to detect your URL, but maybe it does not detect the subdir part?!

 

Link to comment

Playing musical IP, homemedia.local -> 192.168.1.123 via hosts file now.

Thank you for your response. I can confirms that if I have each container its own subdomain it works perfectly fine

http://mediawiki.homemedia.local/
http://phpbb3.homemedia.local/
http://phpmyadmin.homemedia.local/

 

The reasons why I was running the sites as sub directory is because this it a very old site predate when widecards.somedoman became the standard. I thought it would be easier the just keep with that format but it looks like it is just a pain.

http://homemedia.local/mediawiki

http://homemedia.local/phpbb3

http://homemedia.local/phpmyadmin

I guess i should just come into the modern age...

 

I am attaching my docker compose if you want to experiment. I think I should be good with just updating my crap 😁

Again thank you for your help

docker-compose.yaml

Link to comment
39 minutes ago, Matthew_K said:

via hosts file now

Which works only on this single client as you know. Another option would be to register a free DDNS domain for every website and set your local IP to it. By that all your local clients are able to access the websites. But note: Some routers disallow DNS resolution to local IPs. It's called Rebind protection. But those routers usually allow to setup a whitelist of domains. 

 

Next option would be to register a domain at a hoster which allows changing DNS records. Then the domains would look really nice as well (depending on your domain of course).

 

I'm using this for public websites and for local websites I added to NPM an advanced settings which disallows public access. This is really nice as nextcloud.example.com works public, while homeassistent.example.com is only usable on my local network but both are using valid SSL certificates.

Link to comment

Noob here. Dipping my toes in Nginx-Proxy-Manager and could use some help. Every time I try and have Nginx-Proxy-Manager try and make a SSL Certificate I get an "Internal Error". Not sure what that means so I checked the logs and to be honest I am not sure what the logs are telling me. Anyone got any advice? This is a fresh install of Nginx-Proxy-Manager. Following ibracorps guide for what to put in my cloudflare.

Screenshot 2023-06-06 212322.png

Link to comment
6 hours ago, Kilrah said:

Do you have both ports 80 and 443 forwarded?

 

Yeah. Posted on reddit and was able to figure out a fix by following this guide (https://youtu.be/GarMdDTAZJo). So I changed from using CNAME in Cloudflare to A record. Not sure if that is good practice or not (would love to hear people's opinions). But between that and using DNS Challenge to get the cert it seemed to have fixed the problem. My issue now is that NPM-O uses it's own custom network while all my other containers are on the custom network that I made. If I move NPM-O to my custom network the NPM-O container won't start. I'd rather use my own custom network cause that's how I have things already set up. Is there any way to move NPM-O from it's own network (br0) to my custom network?

Link to comment

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.

Guest
Reply to this topic...

×   Pasted as rich text.   Restore formatting

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.