May 7, 20251 yr Author 2 hours ago, luk said: What about Letsencrypt automatic certificate renewal, Sorry, forgot that point. Only possible with DNS challenge. So still the best way to migrate everything to NPM.
May 7, 20251 yr 30 minutes ago, mgutt said: Sorry, forgot that point. Only possible with DNS challenge. So still the best way to migrate everything to NPM As far I understand, you suggest to add my Server to NPM to be able to use port 80 and 443? Maybe I'm wrong and you can explain it to me? Thx!
May 7, 20251 yr Author 1 hour ago, luk said: As far I understand, you suggest to add my Server to NPM to be able to use port 80 and 443? Yes. Forward 80 and 443 to npm, add a new host with your specific server domain and set the target ip of your server.
May 31, 20251 yr Hey all, something happend on/ around 1-May where I can no longer access my two containers I am using NGIX to access when outside my network.I have set of subdomains set up with cloudflare to connect back to my NGIX container and then to the individual conteiners. When I try to connext externally, I get a Bad gateway Error code 502 error on Cloudflare. I did not make any network changes that I think could impact that. So I am stumped. Any ideas?
June 3, 20251 yr Also noticing a sudden change and subsequent failure to forward requests. This results in pages loading but saying Bad Gateway 502 or Homer says "Network Unreachable" but still loads the homer UI page to do this (with broken assets). Was working and then sudden failure.
June 11, 20251 yr Hi,Suddenly got an issue with NGPM, I browse to the interface enter my credentials and click sign-in and nothing happens, it just sits there with my username and password details filled in. Anyone had this happen lately? Running unraid version 7.1.0 and nginx latest version.
June 12, 20251 yr I have the same problem. TLDR: I worked around it by using localIP:Port instead of containername:Port under Forward Hostname / IP. I decided to move my NPM setup from the other repo to this official one, so I've started from scratch and configuring my 8 proxies one by one. One of the proxies I have setup is NPM itself, which sends proxy.domain to destination containername:Port, but obviously as I was setting it up, I had to do this through the localIP:Port first. Once I set it up though, I couldn't login to proxy.domain when the proxy was pointing to containername:Port. Same issue as above; nothing happens and the page just sits there with details filled in. I fixed it by changing containername:Port to localIP:Port under Forward Hostname / IP. Not sure if it's the exact same cause as others, because I've only just set it up now, but my setup was (and still is) working fine in my old NPM container, which is running on an older version.
June 12, 20251 yr 3 minutes ago, mr_gorilla11 said:I fixed it by changing containername:Port to localIP:Port under Forward Hostname / IP.Using container names only works if those containers AND the NPM container are in the same custom network, so you probably forgot to put the new NPM container in it.
June 12, 20251 yr 1 hour ago, Kilrah said:Using container names only works if those containers AND the NPM container are in the same custom network, so you probably forgot to put the new NPM container in it.That's a good pickup, but I did check, and it's on the same custom network, so it's not that. I can reach the login page of the NPM container, just like the other user explained; I just can't actually log in when it's accessed this way. Nothing happens.
June 24, 20251 yr Hello,as of yesterday, all of my reverse proxies are no longer functioning. If I try to recreate a new Let's Encrypt, I get a internal server error. Log shows the following:[app ] [6/24/2025] [1:25:58 PM] [Global ] › ⬤ debug CMD: certbot certonly --config '/etc/letsencrypt.ini' --work-dir "/tmp/letsencrypt-lib" --logs-dir "/tmp/letsencrypt-log" --cert-name "npm-10" --agree-tos --authenticator webroot --email '[email protected]' --preferred-challenges "dns,http" --domains "12188ombi.duckdns.org" [app ] [6/24/2025] [1:26:10 PM] [Nginx ] › ⬤ debug Deleting file: /data/nginx/temp/letsencrypt_10.conf[app ] [6/24/2025] [1:26:10 PM] [Global ] › ⬤ debug CMD: /usr/sbin/nginx -t [app ] [6/24/2025] [1:26:10 PM] [Nginx ] › ℹ info Reloading Nginx[app ] [6/24/2025] [1:26:10 PM] [Global ] › ⬤ debug CMD: /usr/sbin/nginx -s reload[app ] [6/24/2025] [1:26:10 PM] [Express ] › ⚠ warning Saving debug log to /tmp/letsencrypt-log/letsencrypt.log[app ] Some challenges have failed.[app ] Ask for help or search for solutions at https://community.letsencrypt.org. See the logfile /tmp/letsencrypt-log/letsencrypt.log or re-run Certbot with -v for more details.Any help would be greatly appreciated.
July 1, 20251 yr Hi,Today I updated my unraid installation to version 7.1.4I have a docker running Nginx-Proxy-manager-Official. Since the recent update from Unraid, I cannot login to [email protected]From the log:**[Certbot ] › ✖ error ERROR: Cannot install certbot-dns-cloudflare==4.1.1 and cloudflare==4.0.* because these package versions have conflicting dependencies.ERROR: ResolutionImpossible: for help visit https://pip.pypa.io/en/latest/topics/dependency-resolution/#dealing-with-dependency-conflicts**I do somewhat understand the error is about conflicting versions, but I don't know what to do.Is someone experiencing the same issue?does someone knows a solution for this
July 1, 20251 yr 51 minutes ago, Ritmjunk said:Hi,Today I updated my unraid installation to version 7.1.4I have a docker running Nginx-Proxy-manager-Official. Since the recent update from Unraid, I cannot login to [email protected]From the log:**[Certbot ] › ✖ error ERROR: Cannot install certbot-dns-cloudflare==4.1.1 and cloudflare==4.0.* because these package versions have conflicting dependencies.ERROR: ResolutionImpossible: for help visit https://pip.pypa.io/en/latest/topics/dependency-resolution/#dealing-with-dependency-conflicts**I do somewhat understand the error is about conflicting versions, but I don't know what to do.Is someone experiencing the same issue?does someone knows a solution for thisProblem with latest update of NPM.Manual fix if you dont want to wait for fixed update:-Rollback to older version by changing repo to: jc21/nginx-proxy-manager:2.12.3 (previous version)-Or manually editing file with error as they show in the link below: https://github.com/NginxProxyManager/nginx-proxy-manager/issues/4606#issuecomment-3024524970 Edited July 1, 20251 yr by ABEIDO
July 1, 20251 yr 24 minutes ago, ABEIDO said:Problem with latest update of NPM.Manual fix if you dont want to wait for fixed update:-Rollback to older version by changing repo to: jc21/nginx-proxy-manager:2.12.3 (previous version)-Or manually editing file with error as they show in the link below: https://github.com/NginxProxyManager/nginx-proxy-manager/issues/4606#issuecomment-3024524970Thank you!!!
July 2, 20251 yr Solution:For easy access, copied this solution from Github user: "marcosvfc"GitHubCannot Log into Admin After Upgrade to 2.12.4 · Issue #46...Checklist Have you pulled and found the error with jc21/nginx-proxy-manager:latest docker image? Yes Are you sure you're not using someone else's docker image? Yes Have you searched for similar iss...Just execute this on the host (replace the "nginx" container name with your own container name):docker exec -it nginx sh -c "sed -i 's/cloudflare==4.0.\*/cloudflare/' /app/global/certbot-dns-plugins.json" && docker restart nginx Edited July 2, 20251 yr by Mohammed Alkhaldi
July 3, 20251 yr 16 hours ago, malghana said:Solution:For easy access, copied this solution from Github user: "marcosvfc"GitHubCannot Log into Admin After Upgrade to 2.12.4 · Issue #46...Checklist Have you pulled and found the error with jc21/nginx-proxy-manager:latest docker image? Yes Are you sure you're not using someone else's docker image? Yes Have you searched for similar iss...Thank you, this worked perfectly
July 3, 20251 yr Hey all,I’ve been fighting asymmetric routing issues when using NPM with Unraid.My setup is as follows:NPM container is bound to br0 with a fixed IP (e.g., 192.168.1.41)Incoming traffic (from WAN → LAN) correctly hits Nginx via br0But responses are leaving through the host's IP (192.168.1.40), not through the container IPThis causes:MAC address mismatches (seen in OPNsense)OPNsense flags this as state violationsResult: Connections get dropped or firewalledI’ve tried isolating traffic and fiddling with Docker network configs, but Unraid seems to always NAT or route replies from the host IP.Question:Has anyone found a way to force NPM traffic (both ingress and egress) to go entirely through its br0 IP, preserving source MAC and IP?Or is there a known workaround to keep OPNsense from seeing traffic hop between MACs?Any way to make NPM act like a true L2 proxy instead of leaking back via host IP?At this point I’m wondering if I’m just fighting against how Unraid wires Docker NAT under the hood.Any insights or stable setups that avoid asymmetric routing or fake-MAC NAT hell would be appreciated.Thanks in advance.
July 7, 2025Jul 7 Question: What is the proper way to add multiple domains to a single nginx/apache instance?If I try to add it as a new separate entry going to the same container ip address. It always me errors about failing (unauthorized, invalid response)
July 7, 2025Jul 7 6 hours ago, tamalero said:Question: What is the proper way to add multiple domains to a single nginx/apache instance?If I try to add it as a new separate entry going to the same container ip address. It always me errors about failing (unauthorized, invalid response)Just enter them all in the domain field of the same entry.
July 7, 2025Jul 7 On 7/3/2025 at 5:39 PM, DespairServices said:But responses are leaving through the host's IP (192.168.1.40), not through the container IPExactly how are you testing and monitoring this? I'd like to replicate your tests here to see if I can offer a suggestion Edited July 7, 2025Jul 7 by Espressomatic
July 8, 2025Jul 8 On 7/7/2025 at 12:27 AM, Kilrah said:Just enter them all in the domain field of the same entry.False Alarm: (last update lol)It was cloudflare blocking let'sencrypt.Somehow it triggered a block in my security settings.For those having a similar issue. Just add a SECURITY RULE that whitelists all letsencrypt production hostnamesor the ACME directory URL of your website.Then choose to "SKIP" any other rule or challenge. Very useful if you're blocking countries with the proxied version or adding JS/managed challenges to protect your site from bots.Strangely it is not working for the addon domain. Unsure why.my primary domain resolves correctly.domain1 does not.The weird part is that the resolver ips makes absolutely no sense.The docker nginx/php image that hosts my website is in a 192.168.1.62 address.So.. from where are those 104.21.X.X addresses coming from?Here is the log:editThere is something really weird about this specific domain. Despite mirroring all the settings I did for my own domain. Including setting the cloudflare DDNS docker, setting up up the cloudflare domain..Im getting weird stuff..For example, trying to audit or checking the domain from the proxy manager outside the adding domain, shows this:domain1.cc: There is a server found at this domain but it returned an unexpected status code 403. Is it the NPM server? Please make sure your domain points to the IP where your NPM instance is running.removing ALL cloudflare blocks (country blocks).It gives a similar error. About site being there but NPM not being detected.edit2Something went wrong with my server.Now all lets encrypt renewals fail.I think something went wrong with my config. As I cannot use connect to outside domains Edited July 8, 2025Jul 8 by tamalero
July 11, 2025Jul 11 On 7/8/2025 at 7:10 PM, tamalero said:False Alarm: (last update lol)It was cloudflare blocking let'sencrypt.Somehow it triggered a block in my security settings.For those having a similar issue. Just add a SECURITY RULE that whitelists all letsencrypt production hostnamesor the ACME directory URL of your website.Then choose to "SKIP" any other rule or challenge.Very useful if you're blocking countries with the proxied version or adding JS/managed challenges to protect your site from bots.If you use Cloudflare API for DNS challenge you don't need this. But useful if you use Cloudflare proxy and custom blocking rules without using Cloudflare API for DNS challenge. I have blocked everything for my proxied subdomains, except autonomous system numbers belonging to my internet service provider and my mobile network operator.
July 11, 2025Jul 11 On 6/24/2025 at 1:31 PM, leprechaun17 said:Hello,as of yesterday, all of my reverse proxies are no longer functioning. If I try to recreate a new Let's Encrypt, I get a internal server error. Log shows the following:[app ] [6/24/2025] [1:25:58 PM] [Global ] › ⬤ debug CMD: certbot certonly --config '/etc/letsencrypt.ini' --work-dir "/tmp/letsencrypt-lib" --logs-dir "/tmp/letsencrypt-log" --cert-name "npm-10" --agree-tos --authenticator webroot --email '[email protected]' --preferred-challenges "dns,http" --domains "12188ombi.duckdns.org" [app ] [6/24/2025] [1:26:10 PM] [Nginx ] › ⬤ debug Deleting file: /data/nginx/temp/letsencrypt_10.conf[app ] [6/24/2025] [1:26:10 PM] [Global ] › ⬤ debug CMD: /usr/sbin/nginx -t [app ] [6/24/2025] [1:26:10 PM] [Nginx ] › ℹ info Reloading Nginx[app ] [6/24/2025] [1:26:10 PM] [Global ] › ⬤ debug CMD: /usr/sbin/nginx -s reload[app ] [6/24/2025] [1:26:10 PM] [Express ] › ⚠ warning Saving debug log to /tmp/letsencrypt-log/letsencrypt.log[app ] Some challenges have failed.[app ] Ask for help or search for solutions at https://community.letsencrypt.org. See the logfile /tmp/letsencrypt-log/letsencrypt.log or re-run Certbot with -v for more details.Any help would be greatly appreciated.Issue is associated with the ISP converting my internet to CGNAT... Tailscale to the rescue.
July 14, 2025Jul 14 On 6/12/2025 at 5:55 AM, Kilrah said:Using container names only works if those containers AND the NPM container are in the same custom network, so you probably forgot to put the new NPM container in it.Are there any up-to-date resources on unraid and docker networks? I assume having all the containers sit on the default bridge so they can chat to one another is still not good practice, but custom docker networks in unraid are not immediately obvious for me to untangle given I'm not a networking guru. Custom docker networks seem like they're using an entirely different subnet, but I don't know what the benefit of this would be. Seems like it'd just complicate things.
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.