benwaynet Posted August 11, 2016 Share Posted August 11, 2016 Thank you, that was it. The SSL cert is created, now onto the config for the reverse proxy. Quote Link to comment
roland Posted August 11, 2016 Share Posted August 11, 2016 Thank you, that was it. The SSL cert is created, now onto the config for the reverse proxy. Great! Glad it worked. There are a few reverse proxy examples around in this and other threads. I just posted mine recently here: https://lime-technology.com/forum/index.php?topic=49534.msg488617#msg488617 Quote Link to comment
aptalca Posted August 11, 2016 Share Posted August 11, 2016 I am using this with duckdns.org and it works. From memory you need to put your subdomain into the domain field and leave subdomain blank. (exactly because you don't own duckdns.org) xxxxx.duckdns.org I am at work at the moment but I can check my config when I get home tonight. That's right. The url should be the top domain that you want to get certs for (and you can verify ownership of) For duckdns, that would be yoursubdomain.duckdns.org and you can add other (sub)-subdomains like www.yoursubdomain.duckdns.org and ftp.yoursubdomain.duckdns.org to that cert Quote Link to comment
peter_sm Posted August 12, 2016 Share Posted August 12, 2016 I have got reverse proxy to work, but rutorrent page looks strange? it' the same on other as well, but sabnzbd is OK. my settings for rutorrent location /rutorrent { auth_basic "Restricted"; auth_basic_user_file /config/nginx/.htpasswd; proxy_set_header Authorization "Basic zyz1230"; rewrite ^/rutorrent(/.*)$ $1 break; include /config/nginx/proxy.conf; proxy_pass http://192.168.0.190:9080/; } Quote Link to comment
spants Posted August 24, 2016 Share Posted August 24, 2016 I'd like to expose an endpoint of my node red container to the internet whilst protecting the rest of the endpoints: 1) I have a dynamic dns setup: xxxxx.duckdns.org and have successfully generated a cert and tested it 2) in my default file, I have added: location /echo { proxy_pass http://192.168.1.22:1880/ui; } } and restarted... 3) If I go to https://xxxx.duckdns.org/echo the url changes in the browser to https://xxxx.duckdns.org/ui but that page is not shown - ie just the default landing page is shown any ideas? Quote Link to comment
aptalca Posted August 24, 2016 Share Posted August 24, 2016 I'd like to expose an endpoint of my node red container to the internet whilst protecting the rest of the endpoints: 1) I have a dynamic dns setup: xxxxx.duckdns.org and have successfully generated a cert and tested it 2) in my default file, I have added: location /echo { proxy_pass http://192.168.1.22:1880/ui; } } and restarted... 3) If I go to https://xxxx.duckdns.org/echo the url changes in the browser to https://xxxx.duckdns.org/ui but that page is not shown - ie just the default landing page is shown any ideas? Try changing it to the following and see if it works: location /ui { proxy_pass http://192.168.1.22:1880/ui; } } Some app UIs are weird where they try to force forward to their specific url prefix. I had an issue when I tried to forward sab prefix to sabnzbd where some of the pages would not work due to the app force forwarding to sabnzbd. Once I switched it so it forwards sabnzbd to sabnzbd all issues went away Based on the info here http://nodered.org/docs/configuration it seems there is a setting called httpRoot that will let you change the root url so you might be able to change it to echo instead of ui Quote Link to comment
spants Posted August 24, 2016 Share Posted August 24, 2016 Great - changing as suggested worked for me - thanks! Quote Link to comment
jtroberts Posted August 24, 2016 Share Posted August 24, 2016 @ Aptalca, Having and issue starting this docker. I've read through this entire thread and haven't been able to find any similar issues. I have TCP 443 forwarded from my WAN interface to unraid IP TCP 443. I know that forwarding works because if I start the owncloud docker provided by linuxserver.io listening on TCP 443, I can access from an external PC. Here's the error and screen shot. Any help is appreciated. Thanks "This line is making me think, but I don't see how to register on the LE website. "You should register before running non-interactively, or provide --agree-tos and --email <email_address> flags" DH parameters successfully created - 2048 bits Generating new certificate You should register before running non-interactively, or provide --agree-tos and --email <email_address> flags /etc/my_init.d/firstrun.sh: line 138: cd: /config/keys: No such file or directory Error opening input file cert.pem cert.pem: No such file or directory You should register before running non-interactively, or provide --agree-tos and --email <email_address> flags /etc/my_init.d/firstrun.sh: line 138: cd: /config/keys: No such file or directory Error opening input file cert.pem cert.pem: No such file or directory * Starting nginx nginx ...fail! * Starting authentication failure monitor fail2ban ERROR No file(s) found for glob /config/log/nginx/error.log ERROR Failed during configuration: Have not found any log file for nginx-http-auth jail ...fail! *** Running /etc/rc.local... *** Booting runit daemon... *** Runit started as PID 136 Aug 24 13:17:42 55052ec99626 syslog-ng[143]: syslog-ng starting up; version='3.5.3' Quote Link to comment
kamhighway Posted August 24, 2016 Share Posted August 24, 2016 Trying to set up reverse proxy as Aptalca showed on page 5 of this thread. The following code works for location /, but returns a 404 error for location /next (for LSIO's NextCloud). If I paste https://192.168.8.183:843 into a browser, I get the NextCloud login screen. But when I go to www.kamhighway.com/next I get 404. What am I missing? server { listen 80 default_server; listen 443 ssl; root /config/www; index index.html index.htm index.php; server_name .kamhighway.com ; ssl_certificate /config/keys/fullchain.pem; ssl_certificate_key /config/keys/privkey.pem; ssl_dhparam /config/nginx/dhparams.pem; ssl_ciphers 'ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES256-GCM-SHA384:DHE-RSA-AES128-GCM-SHA256:DHE-DSS-AES128-GCM-SHA256:kEDH+AESGCM:ECDHE-RSA-AES128-SHA256:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA:ECDHE-ECDSA-AES128-SHA:ECDHE-RSA-AES256-SHA384:ECDHE-ECDSA-AES256-SHA384:ECDHE-RSA-AES256-SHA:ECDHE-ECDSA-AES256-SHA:DHE-RSA-AES128-SHA256:DHE-RSA-AES128-SHA:DHE-DSS-AES128-SHA256:DHE-RSA-AES256-SHA256:DHE-DSS-AES256-SHA:DHE-RSA-AES256-SHA:AES128-GCM-SHA256:AES256-GCM-SHA384:AES128-SHA256:AES256-SHA256:AES128-SHA:AES256-SHA:AES:CAMELLIA:DES-CBC3-SHA:!aNULL:!eNULL:!EXPORT:!DES:!RC4:!MD5:!PSK:!aECDH:!EDH-DSS-DES-CBC3-SHA:!EDH-RSA-DES-CBC3-SHA:!KRB5-DES-CBC3-SHA'; ssl_prefer_server_ciphers on; client_max_body_size 0; location / { try_files $uri $uri/ /index.html /index.php?$args =404; } location /next { include /config/nginx/proxy.conf; proxy_pass https://192.168.8.183:843; } } Quote Link to comment
aptalca Posted August 24, 2016 Share Posted August 24, 2016 @ Aptalca, Having and issue starting this docker. I've read through this entire thread and haven't been able to find any similar issues. I have TCP 443 forwarded from my WAN interface to unraid IP TCP 443. I know that forwarding works because if I start the owncloud docker provided by linuxserver.io listening on TCP 443, I can access from an external PC. Here's the error and screen shot. Any help is appreciated. Thanks "This line is making me think, but I don't see how to register on the LE website. "You should register before running non-interactively, or provide --agree-tos and --email <email_address> flags" DH parameters successfully created - 2048 bits Generating new certificate You should register before running non-interactively, or provide --agree-tos and --email <email_address> flags /etc/my_init.d/firstrun.sh: line 138: cd: /config/keys: No such file or directory Error opening input file cert.pem cert.pem: No such file or directory You should register before running non-interactively, or provide --agree-tos and --email <email_address> flags /etc/my_init.d/firstrun.sh: line 138: cd: /config/keys: No such file or directory Error opening input file cert.pem cert.pem: No such file or directory * Starting nginx nginx ...fail! * Starting authentication failure monitor fail2ban ERROR No file(s) found for glob /config/log/nginx/error.log ERROR Failed during configuration: Have not found any log file for nginx-http-auth jail ...fail! *** Running /etc/rc.local... *** Booting runit daemon... *** Runit started as PID 136 Aug 24 13:17:42 55052ec99626 syslog-ng[143]: syslog-ng starting up; version='3.5.3' Hmm. Agree-to's and email should be provided. I'll look into it Quote Link to comment
noja Posted August 24, 2016 Share Posted August 24, 2016 Trying to set up reverse proxy as Aptalca showed on page 5 of this thread. The following code works for location /, but returns a 404 error for location /next (for LSIO's NextCloud). If I paste https://192.168.8.183:843 into a browser, I get the NextCloud login screen. But when I go to www.kamhighway.com/next I get 404. What am I missing? server { listen 80 default_server; listen 443 ssl; root /config/www; index index.html index.htm index.php; server_name .kamhighway.com ; ssl_certificate /config/keys/fullchain.pem; ssl_certificate_key /config/keys/privkey.pem; ssl_dhparam /config/nginx/dhparams.pem; ssl_ciphers 'ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES256-GCM-SHA384:DHE-RSA-AES128-GCM-SHA256:DHE-DSS-AES128-GCM-SHA256:kEDH+AESGCM:ECDHE-RSA-AES128-SHA256:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA:ECDHE-ECDSA-AES128-SHA:ECDHE-RSA-AES256-SHA384:ECDHE-ECDSA-AES256-SHA384:ECDHE-RSA-AES256-SHA:ECDHE-ECDSA-AES256-SHA:DHE-RSA-AES128-SHA256:DHE-RSA-AES128-SHA:DHE-DSS-AES128-SHA256:DHE-RSA-AES256-SHA256:DHE-DSS-AES256-SHA:DHE-RSA-AES256-SHA:AES128-GCM-SHA256:AES256-GCM-SHA384:AES128-SHA256:AES256-SHA256:AES128-SHA:AES256-SHA:AES:CAMELLIA:DES-CBC3-SHA:!aNULL:!eNULL:!EXPORT:!DES:!RC4:!MD5:!PSK:!aECDH:!EDH-DSS-DES-CBC3-SHA:!EDH-RSA-DES-CBC3-SHA:!KRB5-DES-CBC3-SHA'; ssl_prefer_server_ciphers on; client_max_body_size 0; location / { try_files $uri $uri/ /index.html /index.php?$args =404; } location /next { include /config/nginx/proxy.conf; proxy_pass https://192.168.8.183:843; } } Yup - I'm working on the exact same issue right now. Quote Link to comment
kamhighway Posted August 24, 2016 Share Posted August 24, 2016 @nojas, This page seems to have some relevant info: https://docs.nextcloud.com/server/9/admin_manual/configuration_server/reverse_proxy_configuration.html Quote Link to comment
jtroberts Posted August 24, 2016 Share Posted August 24, 2016 @ Aptalca, Having and issue starting this docker. I've read through this entire thread and haven't been able to find any similar issues. I have TCP 443 forwarded from my WAN interface to unraid IP TCP 443. I know that forwarding works because if I start the owncloud docker provided by linuxserver.io listening on TCP 443, I can access from an external PC. Here's the error and screen shot. Any help is appreciated. Thanks "This line is making me think, but I don't see how to register on the LE website. "You should register before running non-interactively, or provide --agree-tos and --email <email_address> flags" DH parameters successfully created - 2048 bits Generating new certificate You should register before running non-interactively, or provide --agree-tos and --email <email_address> flags /etc/my_init.d/firstrun.sh: line 138: cd: /config/keys: No such file or directory Error opening input file cert.pem cert.pem: No such file or directory You should register before running non-interactively, or provide --agree-tos and --email <email_address> flags /etc/my_init.d/firstrun.sh: line 138: cd: /config/keys: No such file or directory Error opening input file cert.pem cert.pem: No such file or directory * Starting nginx nginx ...fail! * Starting authentication failure monitor fail2ban ERROR No file(s) found for glob /config/log/nginx/error.log ERROR Failed during configuration: Have not found any log file for nginx-http-auth jail ...fail! *** Running /etc/rc.local... *** Booting runit daemon... *** Runit started as PID 136 Aug 24 13:17:42 55052ec99626 syslog-ng[143]: syslog-ng starting up; version='3.5.3' + Attachments and other options shortcuts: hit alt+s to submit/post or alt+p to preview Hmm. Agree-to's and email should be provided. I'll look into it Thanks Aptalca, let me know when I can test of how I can help Quote Link to comment
aptalca Posted August 24, 2016 Share Posted August 24, 2016 @ Aptalca, Having and issue starting this docker. I've read through this entire thread and haven't been able to find any similar issues. I have TCP 443 forwarded from my WAN interface to unraid IP TCP 443. I know that forwarding works because if I start the owncloud docker provided by linuxserver.io listening on TCP 443, I can access from an external PC. Here's the error and screen shot. Any help is appreciated. Thanks "This line is making me think, but I don't see how to register on the LE website. "You should register before running non-interactively, or provide --agree-tos and --email <email_address> flags" DH parameters successfully created - 2048 bits Generating new certificate You should register before running non-interactively, or provide --agree-tos and --email <email_address> flags /etc/my_init.d/firstrun.sh: line 138: cd: /config/keys: No such file or directory Error opening input file cert.pem cert.pem: No such file or directory You should register before running non-interactively, or provide --agree-tos and --email <email_address> flags /etc/my_init.d/firstrun.sh: line 138: cd: /config/keys: No such file or directory Error opening input file cert.pem cert.pem: No such file or directory * Starting nginx nginx ...fail! * Starting authentication failure monitor fail2ban ERROR No file(s) found for glob /config/log/nginx/error.log ERROR Failed during configuration: Have not found any log file for nginx-http-auth jail ...fail! *** Running /etc/rc.local... *** Booting runit daemon... *** Runit started as PID 136 Aug 24 13:17:42 55052ec99626 syslog-ng[143]: syslog-ng starting up; version='3.5.3' Just tested it with a brand new url, brand new e-mail address, new config folder etc. and it worked just fine. Only thing I can think of is, does your e-mail address contain any weird characters? Quote Link to comment
itsdandandan Posted August 25, 2016 Share Posted August 25, 2016 Trying to set this up and it all makes sense but I don't know what the default username/password is when trying to access my site. Do I need to add a .htpasswd file into one of the directories? I can see from reverse proxy config on page 5 aptalca has this stored here /config/nginx/.htpasswd; ?? My /config directory maps to /mnt/cache/appdata/nginx and I have tried creating the .htpasswd file in here but it didn't help. Also can I add more sub domains to the environment variables after the initial creation? In case I need to add more sites Thanks for the help! Quote Link to comment
jrdnlc Posted August 25, 2016 Share Posted August 25, 2016 Can someone be kind enough and make a Apache w/ let's encrypt support docker? I'm an Apache guy myself not a fan of Nginx Quote Link to comment
aptalca Posted August 25, 2016 Share Posted August 25, 2016 Trying to set this up and it all makes sense but I don't know what the default username/password is when trying to access my site. Do I need to add a .htpasswd file into one of the directories? I can see from reverse proxy config on page 5 aptalca has this stored here /config/nginx/.htpasswd; ?? My /config directory maps to /mnt/cache/appdata/nginx and I have tried creating the .htpasswd file in here but it didn't help. Also can I add more sub domains to the environment variables after the initial creation? In case I need to add more sites Thanks for the help! There is no default password. If you want to use one, you have to create the .htpasswd file yourself and add the reference to the site config. Plenty of guides online telling you how to do it. Edit the container settings and add as many subdomains as you like. Comma separated, no spaces. Keep in mind that every time you change the subdomains, the container will revoke the old cert and get a new one. If you do it too many times, letsencrypt will block/throttle your requests for some time. Quote Link to comment
jtroberts Posted August 25, 2016 Share Posted August 25, 2016 @ Aptalca, Having and issue starting this docker. I've read through this entire thread and haven't been able to find any similar issues. I have TCP 443 forwarded from my WAN interface to unraid IP TCP 443. I know that forwarding works because if I start the owncloud docker provided by linuxserver.io listening on TCP 443, I can access from an external PC. Here's the error and screen shot. Any help is appreciated. Thanks "This line is making me think, but I don't see how to register on the LE website. "You should register before running non-interactively, or provide --agree-tos and --email <email_address> flags" DH parameters successfully created - 2048 bits Generating new certificate You should register before running non-interactively, or provide --agree-tos and --email <email_address> flags /etc/my_init.d/firstrun.sh: line 138: cd: /config/keys: No such file or directory Error opening input file cert.pem cert.pem: No such file or directory You should register before running non-interactively, or provide --agree-tos and --email <email_address> flags /etc/my_init.d/firstrun.sh: line 138: cd: /config/keys: No such file or directory Error opening input file cert.pem cert.pem: No such file or directory * Starting nginx nginx ...fail! * Starting authentication failure monitor fail2ban ERROR No file(s) found for glob /config/log/nginx/error.log ERROR Failed during configuration: Have not found any log file for nginx-http-auth jail ...fail! *** Running /etc/rc.local... *** Booting runit daemon... *** Runit started as PID 136 Aug 24 13:17:42 55052ec99626 syslog-ng[143]: syslog-ng starting up; version='3.5.3' Hmm. Agree-to's and email should be provided. I'll look into it @ Aptalca, Having and issue starting this docker. I've read through this entire thread and haven't been able to find any similar issues. I have TCP 443 forwarded from my WAN interface to unraid IP TCP 443. I know that forwarding works because if I start the owncloud docker provided by linuxserver.io listening on TCP 443, I can access from an external PC. Here's the error and screen shot. Any help is appreciated. Thanks "This line is making me think, but I don't see how to register on the LE website. "You should register before running non-interactively, or provide --agree-tos and --email <email_address> flags" DH parameters successfully created - 2048 bits Generating new certificate You should register before running non-interactively, or provide --agree-tos and --email <email_address> flags /etc/my_init.d/firstrun.sh: line 138: cd: /config/keys: No such file or directory Error opening input file cert.pem cert.pem: No such file or directory You should register before running non-interactively, or provide --agree-tos and --email <email_address> flags /etc/my_init.d/firstrun.sh: line 138: cd: /config/keys: No such file or directory Error opening input file cert.pem cert.pem: No such file or directory * Starting nginx nginx ...fail! * Starting authentication failure monitor fail2ban ERROR No file(s) found for glob /config/log/nginx/error.log ERROR Failed during configuration: Have not found any log file for nginx-http-auth jail ...fail! *** Running /etc/rc.local... *** Booting runit daemon... *** Runit started as PID 136 Aug 24 13:17:42 55052ec99626 syslog-ng[143]: syslog-ng starting up; version='3.5.3' Hmm. Agree-to's and email should be provided. I'll look into it I know the issue, just not sure how to correct. my domain is registered with godaddy which does not support DDNS. I have created CNAME records on godaddy DNS and pointed my sub domains to my duckdns.org domain. (xyz.duckdns.org). so... owncloud.mygodaddydomain.com is aliased to xyz.duckdns.org which resolves to my WAN IP. This works perfectly for any sub domain of mygodaddydomain.com. however the root "@" record for "mygodaddydomain.com" is assigned to godaddy IP. because of this I cannot authenticate mygodaddydomain.com but I could authenticate owncloud.mygodaddydomain.com. any Ideas how to get around it? does anyone know how to use ddns with godaddy? here's one solution, I just don't want to mess with my google apps subdomain that are registered configured with my domain. https://saschpe.wordpress.com/2013/11/12/godaddy-dyndns-for-the-poor/ Quote Link to comment
aptalca Posted August 25, 2016 Share Posted August 25, 2016 @ Aptalca, Having and issue starting this docker. I've read through this entire thread and haven't been able to find any similar issues. I have TCP 443 forwarded from my WAN interface to unraid IP TCP 443. I know that forwarding works because if I start the owncloud docker provided by linuxserver.io listening on TCP 443, I can access from an external PC. Here's the error and screen shot. Any help is appreciated. Thanks "This line is making me think, but I don't see how to register on the LE website. "You should register before running non-interactively, or provide --agree-tos and --email <email_address> flags" DH parameters successfully created - 2048 bits Generating new certificate You should register before running non-interactively, or provide --agree-tos and --email <email_address> flags /etc/my_init.d/firstrun.sh: line 138: cd: /config/keys: No such file or directory Error opening input file cert.pem cert.pem: No such file or directory You should register before running non-interactively, or provide --agree-tos and --email <email_address> flags /etc/my_init.d/firstrun.sh: line 138: cd: /config/keys: No such file or directory Error opening input file cert.pem cert.pem: No such file or directory * Starting nginx nginx ...fail! * Starting authentication failure monitor fail2ban ERROR No file(s) found for glob /config/log/nginx/error.log ERROR Failed during configuration: Have not found any log file for nginx-http-auth jail ...fail! *** Running /etc/rc.local... *** Booting runit daemon... *** Runit started as PID 136 Aug 24 13:17:42 55052ec99626 syslog-ng[143]: syslog-ng starting up; version='3.5.3' Hmm. Agree-to's and email should be provided. I'll look into it @ Aptalca, Having and issue starting this docker. I've read through this entire thread and haven't been able to find any similar issues. I have TCP 443 forwarded from my WAN interface to unraid IP TCP 443. I know that forwarding works because if I start the owncloud docker provided by linuxserver.io listening on TCP 443, I can access from an external PC. Here's the error and screen shot. Any help is appreciated. Thanks "This line is making me think, but I don't see how to register on the LE website. "You should register before running non-interactively, or provide --agree-tos and --email <email_address> flags" DH parameters successfully created - 2048 bits Generating new certificate You should register before running non-interactively, or provide --agree-tos and --email <email_address> flags /etc/my_init.d/firstrun.sh: line 138: cd: /config/keys: No such file or directory Error opening input file cert.pem cert.pem: No such file or directory You should register before running non-interactively, or provide --agree-tos and --email <email_address> flags /etc/my_init.d/firstrun.sh: line 138: cd: /config/keys: No such file or directory Error opening input file cert.pem cert.pem: No such file or directory * Starting nginx nginx ...fail! * Starting authentication failure monitor fail2ban ERROR No file(s) found for glob /config/log/nginx/error.log ERROR Failed during configuration: Have not found any log file for nginx-http-auth jail ...fail! *** Running /etc/rc.local... *** Booting runit daemon... *** Runit started as PID 136 Aug 24 13:17:42 55052ec99626 syslog-ng[143]: syslog-ng starting up; version='3.5.3' Hmm. Agree-to's and email should be provided. I'll look into it I know the issue, just not sure how to correct. my domain is registered with godaddy which does not support DDNS. I have created CNAME records on godaddy DNS and pointed my sub domains to my duckdns.org domain. (xyz.duckdns.org). so... owncloud.mygodaddydomain.com is aliased to xyz.duckdns.org which resolves to my WAN IP. This works perfectly for any sub domain of mygodaddydomain.com. however the root "@" record for "mygodaddydomain.com" is assigned to godaddy IP. because of this I cannot authenticate mygodaddydomain.com but I could authenticate owncloud.mygodaddydomain.com. any Ideas how to get around it? does anyone know how to use ddns with godaddy? here's one solution, I just don't want to mess with my google apps subdomain that are registered configured with my domain. https://saschpe.wordpress.com/2013/11/12/godaddy-dyndns-for-the-poor/ Use the option for subdomains only. It is detailed on the docker hub page Quote Link to comment
jtroberts Posted August 25, 2016 Share Posted August 25, 2016 perfect. Ty I did read it but forgot what I read Quote Link to comment
jtroberts Posted August 25, 2016 Share Posted August 25, 2016 First off thanks for the docker and help so far Aptalca. I know when I get this working it'll be golden! So I've made a lot of progress. My cert issue is resolved and I've moved on to the proxy. I got the proxy to work with the code below. I the edited it creating a new server section for each subdomain. at the same time I edited the allowed "ssl_ciphers" to basically remove support for old browsers etc... There was a post in this thread that I followed. anyhow after modifying the ciphers nginx won't start. simply says "FAIL". so I restored the original unmodified default file in ./ngix/site-confs but nginx still won't start. so two questions.... 1. where is more detailed logging? I can't find anything in the appdata dir or inside the container. 2. any idea what I need to repair / replace / edit to get it working again. I don't want to remove and start over for fear let'sEncrpty will blacklist me. thanks server { listen 443 ssl; server_name movies.mydomain.com; ssl_certificate /config/keys/fullchain.pem; ssl_certificate_key /config/keys/privkey.pem; ssl_dhparam /config/nginx/dhparams.pem; ssl_prefer_server_ciphers on; client_max_body_size 0; location / { proxy_pass http://192.168.XXX.XXX:5050; proxy_set_header Host $host; proxy_set_header X-Real-IP $remote_addr; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; proxy_connect_timeout 150; proxy_send_timeout 100; proxy_read_timeout 100; proxy_buffers 4 32k; client_max_body_size 8m; client_body_buffer_size 128k; } } Quote Link to comment
jtroberts Posted August 25, 2016 Share Posted August 25, 2016 ok, found this in /var/log... 2016/08/25 17:32:43 [emerg] 120#120: unexpected "E" in /config/nginx/site-confs/default.all_domains_not_working:38 I'll google it. anyone have an idea? Thanks Quote Link to comment
Solid Rhino Posted August 25, 2016 Share Posted August 25, 2016 Can someone please help me setup plexauth with this docker? https://github.com/hjone72/PlexAuth Quote Link to comment
jtroberts Posted August 26, 2016 Share Posted August 26, 2016 First off thanks for the docker and help so far Aptalca. I know when I get this working it'll be golden! So I've made a lot of progress. My cert issue is resolved and I've moved on to the proxy. I got the proxy to work with the code below. I the edited it creating a new server section for each subdomain. at the same time I edited the allowed "ssl_ciphers" to basically remove support for old browsers etc... There was a post in this thread that I followed. anyhow after modifying the ciphers nginx won't start. simply says "FAIL". so I restored the original unmodified default file in ./ngix/site-confs but nginx still won't start. so two questions.... 1. where is more detailed logging? I can't find anything in the appdata dir or inside the container. 2. any idea what I need to repair / replace / edit to get it working again. I don't want to remove and start over for fear let'sEncrpty will blacklist me. thanks server { listen 443 ssl; server_name movies.mydomain.com; ssl_certificate /config/keys/fullchain.pem; ssl_certificate_key /config/keys/privkey.pem; ssl_dhparam /config/nginx/dhparams.pem; ssl_prefer_server_ciphers on; client_max_body_size 0; location / { proxy_pass http://192.168.XXX.XXX:5050; proxy_set_header Host $host; proxy_set_header X-Real-IP $remote_addr; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; proxy_connect_timeout 150; proxy_send_timeout 100; proxy_read_timeout 100; proxy_buffers 4 32k; client_max_body_size 8m; client_body_buffer_size 128k; } } Ok so I found the issue. hopefully this will help others. I was saving copies of ./ngnix/sites-confs/default file in the same directory. you can't do this. any file in that directory will be read by ngnix.conf because of this line... " include /config/nginx/site-confs/*;" so I removed all files except for "default" to a different directory in ./ngnix/config_backups. restarted, and all worked. OM!%^&$#$G!!! sometimes computers really piss me off I though I was doing a good thing by making a copy before editing. Quote Link to comment
itsdandandan Posted August 26, 2016 Share Posted August 26, 2016 First off thanks for the docker and help so far Aptalca. I know when I get this working it'll be golden! So I've made a lot of progress. My cert issue is resolved and I've moved on to the proxy. I got the proxy to work with the code below. I the edited it creating a new server section for each subdomain. at the same time I edited the allowed "ssl_ciphers" to basically remove support for old browsers etc... There was a post in this thread that I followed. anyhow after modifying the ciphers nginx won't start. simply says "FAIL". so I restored the original unmodified default file in ./ngix/site-confs but nginx still won't start. so two questions.... 1. where is more detailed logging? I can't find anything in the appdata dir or inside the container. 2. any idea what I need to repair / replace / edit to get it working again. I don't want to remove and start over for fear let'sEncrpty will blacklist me. thanks server { listen 443 ssl; server_name movies.mydomain.com; ssl_certificate /config/keys/fullchain.pem; ssl_certificate_key /config/keys/privkey.pem; ssl_dhparam /config/nginx/dhparams.pem; ssl_prefer_server_ciphers on; client_max_body_size 0; location / { proxy_pass http://192.168.XXX.XXX:5050; proxy_set_header Host $host; proxy_set_header X-Real-IP $remote_addr; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; proxy_connect_timeout 150; proxy_send_timeout 100; proxy_read_timeout 100; proxy_buffers 4 32k; client_max_body_size 8m; client_body_buffer_size 128k; } } Ok so I found the issue. hopefully this will help others. I was saving copies of ./ngnix/sites-confs/default file in the same directory. you can't do this. any file in that directory will be read by ngnix.conf because of this line... " include /config/nginx/site-confs/*;" so I removed all files except for "default" to a different directory in ./ngnix/config_backups. restarted, and all worked. OM!%^&$#$G!!! sometimes computers really piss me off I though I was doing a good thing by making a copy before editing. Ahhh! Thanks!!!, have been troubleshooting the exact same problem and this resolved it. Quote Link to comment
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.