CHBMB Posted August 19, 2015 Share Posted August 19, 2015 Here's what's in my proxyconfig.conf (This bit redirects all http traffic to https, which seems like a good idea to me..) RewriteEngine On RewriteRule ^/?(.*) https://server.com/$1 [R=301,L] I've been trying to force all traffic to HTTPS, however I have three subdomains in my proxy-config and I can't get it to work...here's my working proxy-config: <VirtualHost *:443> ServerAdmin webmaster@localhost DocumentRoot /var/www ErrorLog ${APACHE_LOG_DIR}/error.log CustomLog ${APACHE_LOG_DIR}/access.log combined SSLEngine on SSLProtocol all -SSLv2 SSLCipherSuite ALL:!ADH:!EXPORT:!SSLv2:RC4+RSA:+HIGH:+MEDIUM SSLCertificateFile /config/ssl.crt SSLCertificateKeyFile /config/decrypted.ssl.key SSLCertificateChainFile /config/sub.class1.server.ca.pem <Location /> Order deny,allow Deny from all </Location> <Location /sonarr> ProxyPass http://10.0.0.19:8989/sonarr ProxyPassReverse http://10.0.0.19:8989/sonar </Location> <Location /couch> ProxyPass http://10.0.0.19:5050/couch ProxyPassReverse http://10.0.0.19:5050/couch </Location> <Location /sabnzbd> ProxyPass http://10.0.0.19:8080/sabnzbd ProxyPassReverse http://10.0.0.19:8080/sabnzbd </Location> </VirtualHost> <VirtualHost *:80> ServerAdmin [email protected] DocumentRoot /var/www ServerName requests.server.com ProxyRequests Off ProxyPreserveHost On Proxypass / http://10.0.0.19:3000/ ProxyPassReverse / http://10.0.0.19:3000/ </VirtualHost> <VirtualHost *:80> ServerName cam.server.com ProxyRequests Off ProxyPreserveHost On ProxyPass / http://10.0.0.8:8888/ ProxyPassReverse / http://10.0.0.8:8888/ </VirtualHost> <VirtualHost *:80> DocumentRoot /var/www ServerName plexpy.server.com ProxyRequests Off ProxyPreserveHost On ProxyPass / http://10.0.0.19:7676/ ProxyPassReverse / http://10.0.0.19:7676/ </VirtualHost> When I put in your RewriteRule, for any subdomain I try to reach on Port 80 it simply redirects me to Plex Requests (?). Existing URLs work ok (www.server.com/sonarr) and will redirect to HTTPS. I treated plex requests as a different virtual host and created a new set of ssl stuff for it, so added this to my config that I posted above.. <VirtualHost *:80> ServerName requests.server.com ServerAdmin webmaster@localhost <Location /> Order deny,allow Deny from all </Location> RewriteEngine On RewriteRule ^/?(.*) https://requests.server.com/$1 [R=301,L] </VirtualHost> <VirtualHost *:443> ServerName requests.server.com ServerAdmin webmaster@localhost DocumentRoot /var/www SSLEngine on SSLProtocol All -SSLv2 -SSLv3 SSLCipherSuite AES128+EECDH:AES128+EDH SSLCertificateFile /config/requests/ssl.crt SSLCertificateKeyFile /config/requests/decryptedssl.key SSLCertificateChainFile /config/requests/sub.class1.server.ca.pem SSLProxyEngine On SSLProxyVerify none SSLProxyCheckPeerCN off SSLProxyCheckPeerName off SSLProxyCheckPeerExpire off ProxyRequests Off ProxyPreserveHost On ProxyPass / http://192.168.0.1:3000/ ProxyPassReverse / http://192.168.0.1:3000/ </VirtualHost> Link to comment
johnsanc Posted August 19, 2015 Share Posted August 19, 2015 @CHBMB - I compared your configs to mine and I don't really see much difference aside from SSLProtocol and SSLCipherSuite. I also updated my owncloud configs to match yours but I still get error 500 with a blank page whenever I try to access. Any idea what could be causing that error? Link to comment
CHBMB Posted August 19, 2015 Share Posted August 19, 2015 @CHBMB - I compared your configs to mine and I don't really see much difference aside from SSLProtocol and SSLCipherSuite. I also updated my owncloud configs to match yours but I still get error 500 with a blank page whenever I try to access. Any idea what could be causing that error? No, my config is working, that much I know.. Do the Apache logs help at all? Link to comment
johnsanc Posted August 19, 2015 Share Posted August 19, 2015 Not really... This is all I see: *** Running /etc/my_init.d/firstrun.sh... Using existing config file. *** Running /etc/rc.local... *** Booting runit daemon... *** Runit started as PID 7 Setting up watches. Watches established. Aug 18 21:58:55 c0a2e70aac30 syslog-ng[14]: syslog-ng starting up; version='3.5.3' Link to comment
CHBMB Posted August 19, 2015 Share Posted August 19, 2015 Not really... This is all I see: *** Running /etc/my_init.d/firstrun.sh... Using existing config file. *** Running /etc/rc.local... *** Booting runit daemon... *** Runit started as PID 7 Setting up watches. Watches established. Aug 18 21:58:55 c0a2e70aac30 syslog-ng[14]: syslog-ng starting up; version='3.5.3' I meant the logs in your appdata folder mine are in /mnt/cache/.appdata/apache/logs/ Link to comment
johnsanc Posted August 19, 2015 Share Posted August 19, 2015 I cannot seem to find the apache logs anywhere... where are they by default? I don't have the directory you listed. Also all my docker containers are on a disk completely outside the array, not on a cache disk. EDIT: Nevermind... I didn't have a logs directory configured. I see this in the error.log. [Wed Aug 19 08:31:12.976810 2015] [ssl:warn] [pid 18] AH02292: Init: Name-based SSL virtual hosts only work for clients with TLS server name indication support (RFC 4366) [Wed Aug 19 08:31:12.991777 2015] [ssl:warn] [pid 18] AH02292: Init: Name-based SSL virtual hosts only work for clients with TLS server name indication support (RFC 4366) [Wed Aug 19 08:31:12.993053 2015] [mpm_prefork:notice] [pid 18] AH00163: Apache/2.4.7 (Ubuntu) PHP/5.5.9-1ubuntu4.9 OpenSSL/1.0.1f configured -- resuming normal operations [Wed Aug 19 08:31:12.993068 2015] [core:notice] [pid 18] AH00094: Command line: '/usr/sbin/apache2 -D FOREGROUND' [Wed Aug 19 08:31:25.941057 2015] [autoindex:error] [pid 24] [client xx.xxx.xxx.xxx:38918] AH01276: Cannot serve directory /var/www/: No matching DirectoryIndex (index.html,index.cgi,index.pl,index.php,index.xhtml,index.htm) found, and server-generated directory index forbidden by Options directive [Wed Aug 19 08:36:58.504746 2015] [mpm_prefork:notice] [pid 18] AH00169: caught SIGTERM, shutting down [Wed Aug 19 08:36:58.545331 2015] [ssl:warn] [pid 52] AH02292: Init: Name-based SSL virtual hosts only work for clients with TLS server name indication support (RFC 4366) [Wed Aug 19 08:36:58.558729 2015] [ssl:warn] [pid 52] AH02292: Init: Name-based SSL virtual hosts only work for clients with TLS server name indication support (RFC 4366) [Wed Aug 19 08:36:58.560420 2015] [mpm_prefork:notice] [pid 52] AH00163: Apache/2.4.7 (Ubuntu) PHP/5.5.9-1ubuntu4.9 OpenSSL/1.0.1f configured -- resuming normal operations [Wed Aug 19 08:36:58.560445 2015] [core:notice] [pid 52] AH00094: Command line: '/usr/sbin/apache2 -D FOREGROUND' Link to comment
CHBMB Posted August 19, 2015 Share Posted August 19, 2015 I cannot seem to find the apache logs anywhere... where are they by default? I don't have the directory you listed. Also all my docker containers are on a disk completely outside the array, not on a cache disk. EDIT: Nevermind... I didn't have a logs directory configured. I see this in the error.log. [Wed Aug 19 08:31:12.976810 2015] [ssl:warn] [pid 18] AH02292: Init: Name-based SSL virtual hosts only work for clients with TLS server name indication support (RFC 4366) [Wed Aug 19 08:31:12.991777 2015] [ssl:warn] [pid 18] AH02292: Init: Name-based SSL virtual hosts only work for clients with TLS server name indication support (RFC 4366) [Wed Aug 19 08:31:12.993053 2015] [mpm_prefork:notice] [pid 18] AH00163: Apache/2.4.7 (Ubuntu) PHP/5.5.9-1ubuntu4.9 OpenSSL/1.0.1f configured -- resuming normal operations [Wed Aug 19 08:31:12.993068 2015] [core:notice] [pid 18] AH00094: Command line: '/usr/sbin/apache2 -D FOREGROUND' [Wed Aug 19 08:31:25.941057 2015] [autoindex:error] [pid 24] [client xx.xxx.xxx.xxx:38918] AH01276: Cannot serve directory /var/www/: No matching DirectoryIndex (index.html,index.cgi,index.pl,index.php,index.xhtml,index.htm) found, and server-generated directory index forbidden by Options directive [Wed Aug 19 08:36:58.504746 2015] [mpm_prefork:notice] [pid 18] AH00169: caught SIGTERM, shutting down [Wed Aug 19 08:36:58.545331 2015] [ssl:warn] [pid 52] AH02292: Init: Name-based SSL virtual hosts only work for clients with TLS server name indication support (RFC 4366) [Wed Aug 19 08:36:58.558729 2015] [ssl:warn] [pid 52] AH02292: Init: Name-based SSL virtual hosts only work for clients with TLS server name indication support (RFC 4366) [Wed Aug 19 08:36:58.560420 2015] [mpm_prefork:notice] [pid 52] AH00163: Apache/2.4.7 (Ubuntu) PHP/5.5.9-1ubuntu4.9 OpenSSL/1.0.1f configured -- resuming normal operations [Wed Aug 19 08:36:58.560445 2015] [core:notice] [pid 52] AH00094: Command line: '/usr/sbin/apache2 -D FOREGROUND' Sorry I'm out of ideas, but it might be worth revisting your SSL config See here Link to comment
johnsanc Posted August 23, 2015 Share Posted August 23, 2015 Woohoo! I got it working. Is there a way to use the reverse proxy access a docker without using a directory? For example, is there a way I can configure it so that I access ownCloud at www.example.com, and Sonarr at www.example.com/sonarr? Link to comment
eroz Posted August 23, 2015 Share Posted August 23, 2015 Woohoo! I got it working. Is there a way to use the reverse proxy access a docker without using a directory? For example, is there a way I can configure it so that I access ownCloud at www.example.com, and Sonarr at www.example.com/sonarr? Yes. take a look at smdion's guides. http://www.seandion.info/unraid/ Link to comment
CHBMB Posted August 23, 2015 Share Posted August 23, 2015 Woohoo! I got it working. Is there a way to use the reverse proxy access a docker without using a directory? For example, is there a way I can configure it so that I access ownCloud at www.example.com, and Sonarr at www.example.com/sonarr? I posted my proxy-config.conf as an example here. Might be useful.. Link to comment
johnsanc Posted August 23, 2015 Share Posted August 23, 2015 @CHBMB - Your proxy config was very helpful, but unless I am overlooking something I couldn't find any examples where a docker app is using a location of "/". All the examples I see you must use "/something". I tried using "/" and updating my owncloud config accordingly, but it just results in a bunch of 502 errors. Link to comment
CHBMB Posted August 23, 2015 Share Posted August 23, 2015 @CHBMB - Your proxy config was very helpful, but unless I am overlooking something I couldn't find any examples where a docker app is using a location of "/". All the examples I see you must use "/something". I tried using "/" and updating my owncloud config accordingly, but it just results in a bunch of 502 errors. Owncloud is a bit of a bitch to set up to be honest.. I access my Owncloud from server.com/Owncloud Link to comment
CHBMB Posted August 23, 2015 Share Posted August 23, 2015 @CHBMB - Your proxy config was very helpful, but unless I am overlooking something I couldn't find any examples where a docker app is using a location of "/". All the examples I see you must use "/something". I tried using "/" and updating my owncloud config accordingly, but it just results in a bunch of 502 errors. Just had a quick "play" I can get Owncloud to use server.com but it's not loading the CSS/ Style sheets and I can't login. To be honest, if I were going to tackle this I'd go for owncloud.server.com and setup a new virtual host in proxy-config.conf Link to comment
CHBMB Posted August 23, 2015 Share Posted August 23, 2015 @CHBMB - Your proxy config was very helpful, but unless I am overlooking something I couldn't find any examples where a docker app is using a location of "/". All the examples I see you must use "/something". I tried using "/" and updating my owncloud config accordingly, but it just results in a bunch of 502 errors. The other thing you could consider doing is setting up Owncloud manually. Download it and unpack it to /web directory. You'd need a mariadb to act as the backend but it's how I run Wordpress. Link to comment
johnsanc Posted August 23, 2015 Share Posted August 23, 2015 Just had a quick "play" I can get Owncloud to use server.com but it's not loading the CSS/ Style sheets and I can't login. To be honest, if I were going to tackle this I'd go for owncloud.server.com and setup a new virtual host in proxy-config.conf Yeah I might do that, or try to just setup some redirect rules so www.example.com doesn't just throw a 403. The reason why I didn't set it up as a new subdomain is because I already had to do that with PlexRequests. I didn't want to mess with multiple free Class 1 SSL certs from StartSSL if possible. Link to comment
CHBMB Posted August 23, 2015 Share Posted August 23, 2015 Just had a quick "play" I can get Owncloud to use server.com but it's not loading the CSS/ Style sheets and I can't login. To be honest, if I were going to tackle this I'd go for owncloud.server.com and setup a new virtual host in proxy-config.conf Yeah I might do that, or try to just setup some redirect rules so www.example.com doesn't just throw a 403. The reason why I didn't set it up as a new subdomain is because I already had to do that with PlexRequests. I didn't want to mess with multiple free Class 1 SSL certs from StartSSL if possible. Yeah, it's a bit of a pain.... but the more you do it the quicker you get at it I found.. Link to comment
mikedpitt420 Posted September 1, 2015 Share Posted September 1, 2015 Would it be possible to use this fork of HTPC Manager with Sonarr Support https://github.com/Hellowlol/HTPC-Manager with your docker? EDIT: Didn't see it already had it. Thanks Does the Plex connection in HTPC manager work? It doesn't seem to with the latest Plex. Is there a place for an auth token somewhere I'm missing? Link to comment
CHBMB Posted September 1, 2015 Share Posted September 1, 2015 Would it be possible to use this fork of HTPC Manager with Sonarr Support https://github.com/Hellowlol/HTPC-Manager with your docker? EDIT: Didn't see it already had it. Thanks Does the Plex connection in HTPC manager work? It doesn't seem to with the latest Plex. Is there a place for an auth token somewhere I'm missing? Mike it's working for me, using Linuxserver.io versions of Sonarr & Plex. No need for auth token that I can see, just put your Unraid machine IP and Port number in and log in and it works. Been a while since I set it up so don't think I've missed anything. Link to comment
mikedpitt420 Posted September 1, 2015 Share Posted September 1, 2015 Mine definitely does not I've got everything filled out correctly, and it connects to everything else just fine. I'm using Needo's Plex Docker, which I updated (by restarting) to the newest version of Plex today. Link to comment
CHBMB Posted September 2, 2015 Share Posted September 2, 2015 Mine definitely does not I've got everything filled out correctly, and it connects to everything else just fine. I'm using Needo's Plex Docker, which I updated (by restarting) to the newest version of Plex today. Maybe the autodiscovery in plex settings, mine is on? Link to comment
mikedpitt420 Posted September 2, 2015 Share Posted September 2, 2015 That's definitely on as well. Link to comment
CHBMB Posted September 2, 2015 Share Posted September 2, 2015 I'm stumped then mate, sorry. Link to comment
mikedpitt420 Posted September 2, 2015 Share Posted September 2, 2015 There are quite a few people that are having problems with their SSL certs. Plex claiming that you should not have to accept a cert, which I definitely have several times after restarting Plex. It also isn't viewable as a secure connection on Plex.TV although any of my friends can see my shared library securely. For the moment I'm going to chalk this up to Plex's new, and not executed correctly, certs and security. Link to comment
CHBMB Posted September 2, 2015 Share Posted September 2, 2015 There are quite a few people that are having problems with their SSL certs. Plex claiming that you should not have to accept a cert, which I definitely have several times after restarting Plex. It also isn't viewable as a secure connection on Plex.TV although any of my friends can see my shared library securely. For the moment I'm going to chalk this up to Plex's new, and not executed correctly, certs and security. You may have a point, not sure I have SSL turned on.. Link to comment
mikedpitt420 Posted September 2, 2015 Share Posted September 2, 2015 There USED to be an auth token setting in CP's Plex notifications, which is now gone. I can get Sonarr and Couchpotato to update plex with only the username and PW, but HTPC manager will not. Odd. Link to comment
Recommended Posts