March 17, 20224 yr 22 minutes ago, mgutt said: Use only https://domain? And how to do in internal network / local ?
March 17, 20224 yr 5 hours ago, Abigel said: And how to do in internal network / local ? enable hairpinning / loopback in your router or set a hosts entry
March 17, 20224 yr I have a sophos XG Firewall that has 5 different public IP address on it. I want to find out if the below is possible to do with Nginx Proxy manger. I want to point each public IP address to a different Unraid - Nginx Proxy Container. (So I would have a total of 5 Nginx Proxy containers). Is this possible to do? I have tried this with two Nginx Proxy contains with no look so far. The first one always works, but the second one does not. I have changed all of the ports and data paths to different locations. Thank you in advance
March 17, 20224 yr Author 9 minutes ago, Yoda_1204 said: I want to point each public IP address to a different Unraid - Nginx Proxy Container. (So I would have a total of 5 Nginx Proxy containers). Is this possible to do? I'd say you need to add each IP range as a different VLAN and use the different br0.XX for different NPM containers: Of course each NPM container needs a different name and different appdata paths.
March 30, 20224 yr On SWAG I was able to put YOURLS in a www folder and change a file to allow access to YOURLS right through SWAG. Is there some way or somewhere I can put little things like that for NPM to host? In NPM I see a "default_www" inside nginx? Anyone using YOURLS with NPM that can maybe shed light?
March 30, 20224 yr Author 5 hours ago, blaine07 said: Is there some way or somewhere I can put little things like that for NPM Adding a new host to NPM?!
March 30, 20224 yr 45 minutes ago, mgutt said: Adding a new host to NPM?! Where can I put the YOURLS folder and how would I use the “Custom Locations” or “Advanced” to point it at correct folder? I just don’t know how to point it at where I put YOURLS. I assume YOURLS could go directly inside “data” like on SWAG but how would I point back to it? Especially with YOURLS having a few special things that have to be forwarded. If I flustered you, I’m sorry.
March 31, 20224 yr Author 10 hours ago, blaine07 said: Where can I put the YOURLS folder I don't understand your question. You have a container. This container has a local IP and a Port. Now it should become reachable through a domain, which has a public IP pointing to your router. Your router forwards the traffic to your unRAID Server/NPM. Now you add the domain to NPM through the hosts page and set the local IP and Port of the container as the forward IP/Port. Done. The traffic of this domain is forwarded to the container. So about which "folders" are you talking?
March 31, 20224 yr 2 minutes ago, mgutt said: I don't understand your question. You have a container. This container has a local IP and a Port. Now it should become reachable through a domain, which has a public IP pointing to your router. Your router forwards the traffic to your unRAID Server/NPM. Now you add the domain to NPM through the hosts page and set the local IP and Port of the container as the forward IP/Port. Done. The traffic of this domain is forwarded to the container. So about which "folders" are you talking? Yourls isn’t a container. It just goes into a directory inside of the swag container. No port to point to for it. Inside swag one of the conf files forwards urls.mydomain.net to folder where YOURLS is inside of Swag at. * I’m just trying to mimic dropping folder somewhere inside NPM and pointing a subdomain at NPM at that directory contained within Npm Edited March 31, 20224 yr by blaine07
March 31, 20224 yr Author 2 minutes ago, blaine07 said: It just goes into a directory inside of the swag container NPM is not a webserver. It's only a proxy. You need to install YOURLs as a container or install YOURLs inside an Nginx Webserver Container. After that you can forward the traffic to this container.
March 31, 20224 yr Just now, mgutt said: NPM is not a webserver. It's only a proxy. You need to install YOURLs as a container or install YOURLs inside an Nginx Webserver Container. After that you can forward the traffic to this container. Thank you 😊 😀 Sorry for the disruption; just surprised I can do that with SWAG and NOT NPM.
March 31, 20224 yr 11 hours ago, blaine07 said: just surprised I can do that with SWAG and NOT NPM. swag is a full NGINX server implementation that many people just happen to be using as a reverse proxy. NPM is a specialized NGINX set up to make reverse proxy convenient and easy to set up. It's not designed to do anything BUT reverse proxy, hence the name Nginx PROXY manager.
April 3, 20224 yr On 3/14/2022 at 9:11 AM, mgutt said: Does this only happen if NPM is in front or does it even happen if you open your website directly through the target container IP? Any ideas?
April 4, 20224 yr @mgutt Hi, Using this container for a few months now, and all working fine. However I wanted to run a public instance off the SearxNG metasearch docker. I have set this up as usual in NPM and all seem te be working. However to allow it to be placed on the public instance list (https://searx.space/#) it needs to have an A+ TLS grade and an A+ HTML grade. For nginx the config would be: https://ssl-config.mozilla.org/ and for the HTML https://github.com/searxng/searx-docker/blob/master/Caddyfile#L33-L84 Is this possible with Nginx Proxy Manager or will this require a full Nginx docker? Edited April 4, 20224 yr by Kopernikus
April 4, 20224 yr Author You can add headers through the advances tab of a host and by using the "add_header" command.
April 5, 20224 yr 15 hours ago, mgutt said: You can add headers through the advances tab of a host and by using the "add_header" command. Hi, For the headers this seems to be working, thx. However for the TLS I found the solution but don't now how to implement it. I need to edit /etc/nginx/conf.d/include/ssl-ciphers.conf with a more "thight" ssl cipher list. Ofcourse I could edit the file and save it to a new container but then I would have to do this every time the container is updated. So I thought of mounting (overwriting) the file directly into the container, so something like this: /etc/nginx/conf.d/include/ssl-ciphers.conf:/path/to/local/file/myown-custom-ssl-ciphers.conf I tried it true the mount path in unraid but that doesn't seem to work. Any idea? Ideally it would be good if we can set this as an option in /data/nginx/custom/ssl-ciphers.conf or through the UI of NPM
April 5, 20224 yr Author @Kopernikus What is the content of ssl-ciphers.conf (Check NPM at github)? Maybe this can be added to the advanced tab as well.
April 5, 20224 yr 4 hours ago, mgutt said: @Kopernikus What is the content of ssl-ciphers.conf (Check NPM at github)? Maybe this can be added to the advanced tab as well. ssl_session_timeout 5m; ssl_session_cache shared:SSL:50m; # intermediate configuration. tweak to your needs. ssl_protocols TLSv1.2 TLSv1.3; ssl_ciphers 'ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES256-GCM-SHA512:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA512:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305'; ssl_prefer_server_ciphers on; It's the same as the ssl-cipher.conf already in the NPM docker except unsecure ciphers are removed and ssl_prefer_server is set to on Edited April 5, 20224 yr by Kopernikus
April 7, 20224 yr @mgutt After doing some more research I've found that the problem must be inside the docker container. Link to the report I filled: https://github.com/NginxProxyManager/nginx-proxy-manager/issues/1982 Edited April 8, 20224 yr by Kopernikus
April 11, 20224 yr I am back again to ask for help with a problem that I never figured out (probably due to my understanding) of Cloudflare and NPM. I created a Cloudflare account and NPM in unraid. I got my Nextcloud up and running thanks to the great tutorials online. But my problem still lies if I try to add more than one proxy in NPM. If I add Vaultwarden and click on it it opens up Nextcloud and not Vaultwarden. I am attaching a picture of what I have setup. I tried to follow the suggestions that everyone provided about 5 months ago but failed. I need to see if I can get this figured out for at least my own learning experience. Please let me know what other information may be needed.
April 12, 20224 yr Author And your router forwards the traffic to NPM? If you see Nextcloud through the warden domain, it seems you're router is forwarding the traffic to Nextcloud. What happens if you open your public IP? You should see the NPM proxy welcome page.
April 12, 20224 yr I am lost at the folloing statement you made "What happens if you open your public IP? You should see the NPM proxy welcome page." Can you please explain how I would do this. Thank you.
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.