vurt Posted November 4, 2016 Share Posted November 4, 2016 I get a 404 not found error from nginx. Quote Link to comment
JonathanM Posted November 4, 2016 Share Posted November 4, 2016 I'm also trying to reverse proxy linuxserver.io's ruTorrent docker but it's not working. Maybe something to do with not being able to set a URL base? This is the config I'm trying: location /ru { include /config/nginx/proxy.conf; proxy_pass http://192.168.1.252:88/ru; } I get a 404 not found error from nginx. But you are saying http://192.168.1.252:88/ru works fine inside your network? Quote Link to comment
izarkhin Posted November 4, 2016 Share Posted November 4, 2016 Testing it at work. Looks like company firewall blocks access to dynamic DNS! (I can access my domain on my phone). Is there anything else I can do, or should I try a VPN? I learned that it depends on the domain. For example, at my work place they block [yourname].hopto.org, but not [yourname].mynetgear.com. So I suggest you try different free domains before resorting to VPN. BTW, from my work place I can't get on openVPN either unless I switch to an unsecure guest wireless connection. Good luck! Quote Link to comment
izarkhin Posted November 4, 2016 Share Posted November 4, 2016 Did anyone here have success setting up Krusader with reverse proxy? Thanks to this thread I got CP, Deluge, SickBeard and sabnzbd working. But can't figure out Krusader. Any tips? Thanks! Quote Link to comment
vurt Posted November 4, 2016 Share Posted November 4, 2016 But you are saying http://192.168.1.252:88/ru works fine inside your network? Errr no, I access it with http://192.168.1.252:88. Ok I realize I should be using that instead of the http://192.168.1.252:88/ru . I thought I tried it but I must be confused. I can now access it via http://mydomain.org/ru but it's like an incomplete page: Quote Link to comment
aptalca Posted November 4, 2016 Share Posted November 4, 2016 Testing it at work. Looks like company firewall blocks access to dynamic DNS! (I can access my domain on my phone). Is there anything else I can do, or should I try a VPN? You can get your own domain. There is a free option but I cannot remember the name Quote Link to comment
aptalca Posted November 4, 2016 Share Posted November 4, 2016 But you are saying http://192.168.1.252:88/ru works fine inside your network? Errr no, I access it with http://192.168.1.252:88. Ok I realize I should be using that instead of the http://192.168.1.252:88/ru . I thought I tried it but I must be confused. I can now access it via http://mydomain.org/ru but it's like an incomplete page: You can either use the subdomain method in a new server block, or if you're using the linuxserver version, you can make it use a base url. In the rutorrent config folder, edit the file nginx/nginx.conf and change the line "root /var/www/localhost/rutorrent;" to "root /var/www/localhost;" and restart. Now you'll have to access it at the baseurl "rutorrent" and can set it up for reverse proxy with that Quote Link to comment
JonathanM Posted November 5, 2016 Share Posted November 5, 2016 I'm also trying to reverse proxy linuxserver.io's ruTorrent docker but it's not working. Maybe something to do with not being able to set a URL base? This is the config I'm trying: location /ru { include /config/nginx/proxy.conf; proxy_pass http://192.168.1.252:88/ru; } This is a blind copy paste, I don't know what I'm doing here, but try this. location /ru { include /config/nginx/proxy.conf; rewrite ^/ru$ /ru/ redirect; proxy_pass http://192.168.1.252:88/ru; } Quote Link to comment
vurt Posted November 5, 2016 Share Posted November 5, 2016 You can get your own domain. There is a free option but I cannot remember the name I do have a domain I can use, I'll have to figure that out. I'm using a DuckDNS docker right now, will have to look into the CloudFlare docker and figure out how to use it for DDNS. You can either use the subdomain method in a new server block, or if you're using the linuxserver version, you can make it use a base url. In the rutorrent config folder, edit the file nginx/nginx.conf and change the line "root /var/www/localhost/rutorrent;" to "root /var/www/localhost;" and restart. Now you'll have to access it at the baseurl "rutorrent" and can set it up for reverse proxy with that That worked perfectly even though I don't know what I'm doing at all! This is a blind copy paste, I don't know what I'm doing here, but try this. location /ru { include /config/nginx/proxy.conf; rewrite ^/ru$ /ru/ redirect; proxy_pass http://192.168.1.252:88/ru; } Thanks for jumping in but the above code solved it! Quote Link to comment
blacky89 Posted November 7, 2016 Share Posted November 7, 2016 Hey guys, It just doesnt want to work for me. I forwarded port 443 to the Unraid machine in my router, I believe I entered everything correctly. I'm probably just being stupid, but I would really appreciate your help guys: *** Running /etc/my_init.d/00_regen_ssh_host_keys.sh... *** Running /etc/my_init.d/firstrun.sh... Setting the correct time Current default time zone: 'Europe/Berlin' Local time is now: Mon Nov 7 19:18:27 CET 2016. Universal Time is now: Mon Nov 7 18:18:27 UTC 2016. Copying the default nginx.conf Copying the default nginx-fpm.conf Copying the default site config Copying the default landing page Copying the default jail.local Copying default fail2ban filters SUBDOMAINS entered, processing Sub-domains processed are: -d www.XXXXXXXX.duckdns.org Creating DH parameters for additional security. This may take a very long time. There will be another message once this process is completed Generating DH parameters, 2048 bit long safe prime, generator 2 This is going to take a long time ...+....................+...+...+...+...+...+........................................................................................+.........................................+.....................+........................+...+..............................................................................................+.................+...................................................................................................+...................................................................................+.......................................+...+...+.........................................................................+...........................+....................................................+......................................+...+.....+...+...+...+...+.............+...+.....................................................................+...+...............................................+...+..............+.....................................................................+..........................+.....................................................................+.................................................+.......................................................................+..................+...............................................................................................+...+.............................................+...................................................................+.......................................+...........................................................................................+..............................................................+...+.................................................................................................+..........+...................................................................+.......................................................+..............................................+.........................+....................................................+.....................................................................................+.....................................................................+...+.................................................................................................+........+...+...+...........................+.......+..........+...............................................+...+..........................................................................................+..............+...+............................................................................+.........................................+.......................+..............................+...+............................+...+..................................................................+...+.................................+...+...............................+......................................+................................................................................................+...........................+....+...................................+............................................................+......................................+..............................................+................................................................+....................................................+...........+...............+....................................+.....................................+.................+.......................+...+............................+...++*++* DH parameters successfully created - 2048 bits Generating new certificate Upgrading certbot-auto 0.8.1 to 0.9.3... Replacing certbot-auto... Creating virtual environment... Installing Python packages... Installation succeeded. WARNING: The standalone specific supported challenges flag is deprecated. Please use the --preferred-challenges flag instead. Saving debug log to /var/log/letsencrypt/letsencrypt.log Starting new HTTPS connection (1): acme-v01.api.letsencrypt.org Obtaining a new certificate Performing the following challenges: tls-sni-01 challenge for XXXXXXXX.duckdns.org tls-sni-01 challenge for www.XXXXXXXX.duckdns.org Waiting for verification... Performing the following challenges: tls-sni-01 challenge for XXXXXXXX.duckdns.org tls-sni-01 challenge for www.XXXXXXXX.duckdns.org Waiting for verification... Cleaning up challenges Failed authorization procedure. XXXXXXXX.duckdns.org (tls-sni-01): urn:acme:error:connection :: The server could not connect to the client to verify the domain :: Failed to connect to XX.XXX.XXX.XXX:443 for TLS-SNI-01 challenge, www.XXXXXXXX.duckdns.org (tls-sni-01): urn:acme:error:connection :: The server could not connect to the client to verify the domain :: Failed to connect to XX.XXX.XXX.XXX:443 for TLS-SNI-01 challenge IMPORTANT NOTES: - If you lose your account credentials, you can recover through e-mails sent to [email protected]. - The following errors were reported by the server: Domain: XXXXXXXX.duckdns.org Type: connection Detail: Failed to connect to XX.XXX.XXX.XXX:443 for TLS-SNI-01 challenge Domain: www.XXXXXXXX.duckdns.org Type: connection Detail: Failed to connect to XX.XXX.XXX.XXX:443 for TLS-SNI-01 challenge To fix these errors, please make sure that your domain name was entered correctly and the DNS A record(s) for that domain contain(s) the right IP address. Additionally, please check that your computer has a publicly routable IP address and that no firewalls are preventing the server from communicating with the client. If you're using the webroot plugin, you should also verify that you are serving files from the webroot path you provided. - Your account credentials have been saved in your Certbot configuration directory at /etc/letsencrypt. You should make a secure backup of this folder now. This configuration directory will also contain certificates and private keys obtained by Certbot so making regular backups of this folder is ideal. /etc/my_init.d/firstrun.sh: line 138: cd: /config/keys: No such file or directory Error opening input file cert.pem cert.pem: No such file or directory * Starting nginx nginx ...fail! * Starting authentication failure monitor fail2ban ERROR No file(s) found for glob /config/log/nginx/error.log ERROR Failed during configuration: Have not found any log file for nginx-http-auth jail ...fail! *** Running /etc/rc.local... *** Booting runit daemon... *** Runit started as PID 326 Nov 7 19:20:11 934a18475510 syslog-ng[335]: syslog-ng starting up; version='3.5.3' Quote Link to comment
Shamalamadindong Posted November 7, 2016 Share Posted November 7, 2016 Forward port 80 also. Its a good idea to do this regardless and then use the code below to redirect any http requests to https. server { listen 80; server_name mydomain.tld www.mydomain.tld; return 301 https://$host$request_uri; } Quote Link to comment
aptalca Posted November 7, 2016 Share Posted November 7, 2016 Hey guys, It just doesnt want to work for me. I forwarded port 443 to the Unraid machine in my router, I believe I entered everything correctly. I'm probably just being stupid, but I would really appreciate your help guys: *** Running /etc/my_init.d/00_regen_ssh_host_keys.sh... *** Running /etc/my_init.d/firstrun.sh... Setting the correct time Current default time zone: 'Europe/Berlin' Local time is now: Mon Nov 7 19:18:27 CET 2016. Universal Time is now: Mon Nov 7 18:18:27 UTC 2016. Copying the default nginx.conf Copying the default nginx-fpm.conf Copying the default site config Copying the default landing page Copying the default jail.local Copying default fail2ban filters SUBDOMAINS entered, processing Sub-domains processed are: -d www.XXXXXXXX.duckdns.org Creating DH parameters for additional security. This may take a very long time. There will be another message once this process is completed Generating DH parameters, 2048 bit long safe prime, generator 2 This is going to take a long time ...+....................+...+...+...+...+...+........................................................................................+.........................................+.....................+........................+...+..............................................................................................+.................+...................................................................................................+...................................................................................+.......................................+...+...+.........................................................................+...........................+....................................................+......................................+...+.....+...+...+...+...+.............+...+.....................................................................+...+...............................................+...+..............+.....................................................................+..........................+.....................................................................+.................................................+.......................................................................+..................+...............................................................................................+...+.............................................+...................................................................+.......................................+...........................................................................................+..............................................................+...+.................................................................................................+..........+...................................................................+.......................................................+..............................................+.........................+....................................................+.....................................................................................+.....................................................................+...+.................................................................................................+........+...+...+...........................+.......+..........+...............................................+...+..........................................................................................+..............+...+............................................................................+.........................................+.......................+..............................+...+............................+...+..................................................................+...+.................................+...+...............................+......................................+................................................................................................+...........................+....+...................................+............................................................+......................................+..............................................+................................................................+....................................................+...........+...............+....................................+.....................................+.................+.......................+...+............................+...++*++* DH parameters successfully created - 2048 bits Generating new certificate Upgrading certbot-auto 0.8.1 to 0.9.3... Replacing certbot-auto... Creating virtual environment... Installing Python packages... Installation succeeded. WARNING: The standalone specific supported challenges flag is deprecated. Please use the --preferred-challenges flag instead. Saving debug log to /var/log/letsencrypt/letsencrypt.log Starting new HTTPS connection (1): acme-v01.api.letsencrypt.org Obtaining a new certificate Performing the following challenges: tls-sni-01 challenge for XXXXXXXX.duckdns.org tls-sni-01 challenge for www.XXXXXXXX.duckdns.org Waiting for verification... Performing the following challenges: tls-sni-01 challenge for XXXXXXXX.duckdns.org tls-sni-01 challenge for www.XXXXXXXX.duckdns.org Waiting for verification... Cleaning up challenges Failed authorization procedure. XXXXXXXX.duckdns.org (tls-sni-01): urn:acme:error:connection :: The server could not connect to the client to verify the domain :: Failed to connect to XX.XXX.XXX.XXX:443 for TLS-SNI-01 challenge, www.XXXXXXXX.duckdns.org (tls-sni-01): urn:acme:error:connection :: The server could not connect to the client to verify the domain :: Failed to connect to XX.XXX.XXX.XXX:443 for TLS-SNI-01 challenge IMPORTANT NOTES: - If you lose your account credentials, you can recover through e-mails sent to [email protected]. - The following errors were reported by the server: Domain: XXXXXXXX.duckdns.org Type: connection Detail: Failed to connect to XX.XXX.XXX.XXX:443 for TLS-SNI-01 challenge Domain: www.XXXXXXXX.duckdns.org Type: connection Detail: Failed to connect to XX.XXX.XXX.XXX:443 for TLS-SNI-01 challenge To fix these errors, please make sure that your domain name was entered correctly and the DNS A record(s) for that domain contain(s) the right IP address. Additionally, please check that your computer has a publicly routable IP address and that no firewalls are preventing the server from communicating with the client. If you're using the webroot plugin, you should also verify that you are serving files from the webroot path you provided. - Your account credentials have been saved in your Certbot configuration directory at /etc/letsencrypt. You should make a secure backup of this folder now. This configuration directory will also contain certificates and private keys obtained by Certbot so making regular backups of this folder is ideal. /etc/my_init.d/firstrun.sh: line 138: cd: /config/keys: No such file or directory Error opening input file cert.pem cert.pem: No such file or directory * Starting nginx nginx ...fail! * Starting authentication failure monitor fail2ban ERROR No file(s) found for glob /config/log/nginx/error.log ERROR Failed during configuration: Have not found any log file for nginx-http-auth jail ...fail! *** Running /etc/rc.local... *** Booting runit daemon... *** Runit started as PID 326 Nov 7 19:20:11 934a18475510 syslog-ng[335]: syslog-ng starting up; version='3.5.3' What is your docker run command? (or you can post a screenshot of your container settings) Quote Link to comment
trurl Posted November 7, 2016 Share Posted November 7, 2016 The docker run command as seen in this, from the Docker FAQ sticky: I need some help! What info does the community need to help me? Quote Link to comment
blacky89 Posted November 7, 2016 Share Posted November 7, 2016 root@localhost:# /usr/local/emhttp/plugins/dynamix.docker.manager/scripts/docker run -d --name="Nginx-letsencrypt" --net="bridge" --privileged="true" -e TZ="Europe/Berlin" -e HOST_OS="unRAID" -e "EMAIL"="[email protected]" -e "URL"="XXXXXXX.duckdns.org" -e "SUBDOMAINS"="www" -p 2132:80/tcp -p 443:443/tcp -v "/mnt/user/appdata/Nginx-letsencrypt":"/config":rw aptalca/nginx-letsencrypt adb8d02c04a3c41e18866e7be435ed10dd33ed416c18ea7eab31f4a2f269ea41 Quote Link to comment
CHBMB Posted November 7, 2016 Share Posted November 7, 2016 root@localhost:# /usr/local/emhttp/plugins/dynamix.docker.manager/scripts/docker run -d --name="Nginx-letsencrypt" --net="bridge" --privileged="true" -e TZ="Europe/Berlin" -e HOST_OS="unRAID" -e "EMAIL"="[email protected]" -e "URL"="XXXXXXX.duckdns.org" -e "SUBDOMAINS"="www" -p 2132:80/tcp -p 443:443/tcp -v "/mnt/user/appdata/Nginx-letsencrypt":"/config":rw aptalca/nginx-letsencrypt adb8d02c04a3c41e18866e7be435ed10dd33ed416c18ea7eab31f4a2f269ea41 So you need to forward WAN port 80 to 2132 on Unraid. Quote Link to comment
blacky89 Posted November 7, 2016 Share Posted November 7, 2016 Just did that before running it, same result :'( Quote Link to comment
JonathanM Posted November 7, 2016 Share Posted November 7, 2016 Just did that before running it, same result :'( Does the IP address returned from http://whatismyipaddress.com/ match the IP address that returns when you ping XXXXXXX.duckdns.org? Quote Link to comment
blacky89 Posted November 7, 2016 Share Posted November 7, 2016 Yes, the ddns is working perfectly. For example, I have the jdownloader docker running and forwarded its port. I can connect to its interface via XXXX.duckdns.org:JdownloaderPort just fine. Quote Link to comment
CHBMB Posted November 7, 2016 Share Posted November 7, 2016 OK, just to rule out silly problems, why don't you post a snippet of a screenshot with your port forwards. No offence meant, just I'm the guy who spent 2 hours last night wrestling with TVheadend and minisatip before I realised I should have put it into host mode... Quote Link to comment
blacky89 Posted November 7, 2016 Share Posted November 7, 2016 No offence taken at all. Sometimes you just get confused and someone else just needs to look at it for a second. I have no doubt I'm just making a rookie mistake. Router interface is german, but it should be self explanatory. I really do appreciate your help. Quote Link to comment
blacky89 Posted November 7, 2016 Share Posted November 7, 2016 shouldn't I at least be able to see the default landing page from unraidmachine:2132 from within the local network ? Because I cant. Its like its not running. Or would that only be running after the connection was successful? Quote Link to comment
CHBMB Posted November 7, 2016 Share Posted November 7, 2016 If the webserver was up and running you should see an Nginx landing page. Could try the ls.io non-LE version of Nginx to check that out I suppose. Then it would only leave LE as the problem. Quote Link to comment
blacky89 Posted November 7, 2016 Share Posted November 7, 2016 yup. installed the nginx docker. I can reach the landing page from that one from within the network as well as from the ddns. Quote Link to comment
Shamalamadindong Posted November 7, 2016 Share Posted November 7, 2016 Yea no you can see Nginx fail to start in the log he posted. * Starting nginx nginx ...fail! Just to be certain use this to see if your ports really are open. http://www.canyouseeme.org/ Quote Link to comment
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.