Skip to content
View in the app

A better way to browse. Learn more.

Unraid

A full-screen app on your home screen with push notifications, badges and more.

To install this app on iOS and iPadOS
  1. Tap the Share icon in Safari
  2. Scroll the menu and tap Add to Home Screen.
  3. Tap Add in the top-right corner.
To install this app on Android
  1. Tap the 3-dot menu (⋮) in the top-right corner of the browser.
  2. Tap Add to Home screen or Install app.
  3. Confirm by tapping Install.

[Request/Done] Let's Encrypt Container

Featured Replies

Thank you, that was it.

 

The SSL cert is created, now onto the config for the reverse proxy.

 

 

  • Replies 576
  • Views 112.7k
  • Created
  • Last Reply

I am using this with duckdns.org and it works.

From memory you need to put your subdomain into the domain field and leave subdomain blank.

(exactly because you don't own duckdns.org)

 

xxxxx.duckdns.org

 

I am at work at the moment but I can check my config when I get home tonight.

That's right. The url should be the top domain that you want to get certs for (and you can verify ownership of) For duckdns, that would be yoursubdomain.duckdns.org and you can add other (sub)-subdomains like www.yoursubdomain.duckdns.org and ftp.yoursubdomain.duckdns.org to that cert

 

I have got reverse proxy to work, but rutorrent page looks strange? it' the same on other as well, but sabnzbd is OK.

 

my settings for rutorrent

 

 location /rutorrent {
                auth_basic "Restricted";
                auth_basic_user_file /config/nginx/.htpasswd;
                proxy_set_header Authorization "Basic zyz1230";
                rewrite ^/rutorrent(/.*)$ $1 break;
                include /config/nginx/proxy.conf;
                proxy_pass http://192.168.0.190:9080/;
                }

screen1.PNG.9dc23d19256ffc64bc6bbf6262317bc1.PNG

  • 2 weeks later...

I'd like to expose an endpoint of my node red container to the internet whilst protecting the rest of the endpoints:

 

1) I have a dynamic dns setup: xxxxx.duckdns.org and have successfully generated a cert and tested it

 

2) in my default file, I have added:

	location /echo {
        proxy_pass http://192.168.1.22:1880/ui;
}
}

and restarted...

3) If I go to https://xxxx.duckdns.org/echo the url changes in the browser to https://xxxx.duckdns.org/ui but that page is not shown - ie just the default landing page is shown

 

 

any ideas?

I'd like to expose an endpoint of my node red container to the internet whilst protecting the rest of the endpoints:

 

1) I have a dynamic dns setup: xxxxx.duckdns.org and have successfully generated a cert and tested it

 

2) in my default file, I have added:

	location /echo {
        proxy_pass http://192.168.1.22:1880/ui;
}
}

and restarted...

3) If I go to https://xxxx.duckdns.org/echo the url changes in the browser to https://xxxx.duckdns.org/ui but that page is not shown - ie just the default landing page is shown

 

 

any ideas?

 

Try changing it to the following and see if it works:

 

	location /ui {
        proxy_pass http://192.168.1.22:1880/ui;
}
}

 

Some app UIs are weird where they try to force forward to their specific url prefix. I had an issue when I tried to forward sab prefix to sabnzbd where some of the pages would not work due to the app force forwarding to sabnzbd. Once I switched it so it forwards sabnzbd to sabnzbd all issues went away

 

Based on the info here http://nodered.org/docs/configuration it seems there is a setting called httpRoot that will let you change the root url so you might be able to change it to echo instead of ui

 

@ Aptalca,  Having and issue starting this docker.  I've read through this entire thread and haven't been able to find any similar issues.  I have TCP 443 forwarded from my WAN interface to unraid IP TCP 443.  I know that forwarding works because if I start the owncloud docker provided by linuxserver.io listening on TCP 443, I can access from an external PC.  Here's the error and screen shot.  Any help is appreciated.  Thanks

 

"This line is making me think, but I don't see how to register on the LE website.  "You should register before running non-interactively, or provide --agree-tos and --email <email_address> flags"

 

DH parameters successfully created - 2048 bits

Generating new certificate

You should register before running non-interactively, or provide --agree-tos and --email <email_address> flags

/etc/my_init.d/firstrun.sh: line 138: cd: /config/keys: No such file or directory

Error opening input file cert.pem

 

cert.pem: No such file or directory

You should register before running non-interactively, or provide --agree-tos and --email <email_address> flags

/etc/my_init.d/firstrun.sh: line 138: cd: /config/keys: No such file or directory

Error opening input file cert.pem

 

cert.pem: No such file or directory

* Starting nginx nginx

...fail!

* Starting authentication failure monitor fail2ban

ERROR No file(s) found for glob /config/log/nginx/error.log

 

ERROR Failed during configuration: Have not found any log file for nginx-http-auth jail

 

...fail!

*** Running /etc/rc.local...

*** Booting runit daemon...

*** Runit started as PID 136

Aug 24 13:17:42 55052ec99626 syslog-ng[143]: syslog-ng starting up; version='3.5.3'

lets_encrypt_error.jpg.6c39c65efee9903a59a1d7ff78125c83.jpg

Trying to set up reverse proxy as Aptalca showed on page 5 of this thread. The following code works for location /, but returns a 404 error for location /next  (for LSIO's NextCloud). If I paste https://192.168.8.183:843 into a browser, I get the NextCloud login screen.  But when I go to www.kamhighway.com/next I get 404.

 

What am I missing?

 

server {
listen 80 default_server;

listen 443 ssl;

root /config/www;
index index.html index.htm index.php;

server_name .kamhighway.com ;

ssl_certificate /config/keys/fullchain.pem;
ssl_certificate_key /config/keys/privkey.pem;
ssl_dhparam /config/nginx/dhparams.pem;
ssl_ciphers 'ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES256-GCM-SHA384:DHE-RSA-AES128-GCM-SHA256:DHE-DSS-AES128-GCM-SHA256:kEDH+AESGCM:ECDHE-RSA-AES128-SHA256:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA:ECDHE-ECDSA-AES128-SHA:ECDHE-RSA-AES256-SHA384:ECDHE-ECDSA-AES256-SHA384:ECDHE-RSA-AES256-SHA:ECDHE-ECDSA-AES256-SHA:DHE-RSA-AES128-SHA256:DHE-RSA-AES128-SHA:DHE-DSS-AES128-SHA256:DHE-RSA-AES256-SHA256:DHE-DSS-AES256-SHA:DHE-RSA-AES256-SHA:AES128-GCM-SHA256:AES256-GCM-SHA384:AES128-SHA256:AES256-SHA256:AES128-SHA:AES256-SHA:AES:CAMELLIA:DES-CBC3-SHA:!aNULL:!eNULL:!EXPORT:!DES:!RC4:!MD5:!PSK:!aECDH:!EDH-DSS-DES-CBC3-SHA:!EDH-RSA-DES-CBC3-SHA:!KRB5-DES-CBC3-SHA';
ssl_prefer_server_ciphers on;

client_max_body_size 0;

location / {
	try_files $uri $uri/ /index.html /index.php?$args =404;
}
location /next {
            include /config/nginx/proxy.conf;
            proxy_pass https://192.168.8.183:843;
}

}

@ Aptalca,  Having and issue starting this docker.  I've read through this entire thread and haven't been able to find any similar issues.  I have TCP 443 forwarded from my WAN interface to unraid IP TCP 443.  I know that forwarding works because if I start the owncloud docker provided by linuxserver.io listening on TCP 443, I can access from an external PC.  Here's the error and screen shot.  Any help is appreciated.  Thanks

 

"This line is making me think, but I don't see how to register on the LE website.  "You should register before running non-interactively, or provide --agree-tos and --email <email_address> flags"

 

DH parameters successfully created - 2048 bits

Generating new certificate

You should register before running non-interactively, or provide --agree-tos and --email <email_address> flags

/etc/my_init.d/firstrun.sh: line 138: cd: /config/keys: No such file or directory

Error opening input file cert.pem

 

cert.pem: No such file or directory

You should register before running non-interactively, or provide --agree-tos and --email <email_address> flags

/etc/my_init.d/firstrun.sh: line 138: cd: /config/keys: No such file or directory

Error opening input file cert.pem

 

cert.pem: No such file or directory

* Starting nginx nginx

...fail!

* Starting authentication failure monitor fail2ban

ERROR No file(s) found for glob /config/log/nginx/error.log

 

ERROR Failed during configuration: Have not found any log file for nginx-http-auth jail

 

...fail!

*** Running /etc/rc.local...

*** Booting runit daemon...

*** Runit started as PID 136

Aug 24 13:17:42 55052ec99626 syslog-ng[143]: syslog-ng starting up; version='3.5.3'

Hmm. Agree-to's and email should be provided. I'll look into it

Trying to set up reverse proxy as Aptalca showed on page 5 of this thread. The following code works for location /, but returns a 404 error for location /next  (for LSIO's NextCloud). If I paste https://192.168.8.183:843 into a browser, I get the NextCloud login screen.  But when I go to www.kamhighway.com/next I get 404.

 

What am I missing?

 

server {
listen 80 default_server;

listen 443 ssl;

root /config/www;
index index.html index.htm index.php;

server_name .kamhighway.com ;

ssl_certificate /config/keys/fullchain.pem;
ssl_certificate_key /config/keys/privkey.pem;
ssl_dhparam /config/nginx/dhparams.pem;
ssl_ciphers 'ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES256-GCM-SHA384:DHE-RSA-AES128-GCM-SHA256:DHE-DSS-AES128-GCM-SHA256:kEDH+AESGCM:ECDHE-RSA-AES128-SHA256:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA:ECDHE-ECDSA-AES128-SHA:ECDHE-RSA-AES256-SHA384:ECDHE-ECDSA-AES256-SHA384:ECDHE-RSA-AES256-SHA:ECDHE-ECDSA-AES256-SHA:DHE-RSA-AES128-SHA256:DHE-RSA-AES128-SHA:DHE-DSS-AES128-SHA256:DHE-RSA-AES256-SHA256:DHE-DSS-AES256-SHA:DHE-RSA-AES256-SHA:AES128-GCM-SHA256:AES256-GCM-SHA384:AES128-SHA256:AES256-SHA256:AES128-SHA:AES256-SHA:AES:CAMELLIA:DES-CBC3-SHA:!aNULL:!eNULL:!EXPORT:!DES:!RC4:!MD5:!PSK:!aECDH:!EDH-DSS-DES-CBC3-SHA:!EDH-RSA-DES-CBC3-SHA:!KRB5-DES-CBC3-SHA';
ssl_prefer_server_ciphers on;

client_max_body_size 0;

location / {
	try_files $uri $uri/ /index.html /index.php?$args =404;
}
location /next {
            include /config/nginx/proxy.conf;
            proxy_pass https://192.168.8.183:843;
}

}

 

Yup - I'm working on the exact same issue right now.

@ Aptalca,  Having and issue starting this docker.  I've read through this entire thread and haven't been able to find any similar issues.  I have TCP 443 forwarded from my WAN interface to unraid IP TCP 443.  I know that forwarding works because if I start the owncloud docker provided by linuxserver.io listening on TCP 443, I can access from an external PC.  Here's the error and screen shot.  Any help is appreciated.  Thanks

 

"This line is making me think, but I don't see how to register on the LE website.  "You should register before running non-interactively, or provide --agree-tos and --email <email_address> flags"

 

DH parameters successfully created - 2048 bits

Generating new certificate

You should register before running non-interactively, or provide --agree-tos and --email <email_address> flags

/etc/my_init.d/firstrun.sh: line 138: cd: /config/keys: No such file or directory

Error opening input file cert.pem

 

cert.pem: No such file or directory

You should register before running non-interactively, or provide --agree-tos and --email <email_address> flags

/etc/my_init.d/firstrun.sh: line 138: cd: /config/keys: No such file or directory

Error opening input file cert.pem

 

cert.pem: No such file or directory

* Starting nginx nginx

...fail!

* Starting authentication failure monitor fail2ban

ERROR No file(s) found for glob /config/log/nginx/error.log

 

ERROR Failed during configuration: Have not found any log file for nginx-http-auth jail

 

...fail!

*** Running /etc/rc.local...

*** Booting runit daemon...

*** Runit started as PID 136

Aug 24 13:17:42 55052ec99626 syslog-ng[143]: syslog-ng starting up; version='3.5.3'

+ Attachments and other options

shortcuts: hit alt+s to submit/post or alt+p to preview

 

Hmm. Agree-to's and email should be provided. I'll look into it

 

 

Thanks Aptalca,  let me know when I can test of how I can help

@ Aptalca,  Having and issue starting this docker.  I've read through this entire thread and haven't been able to find any similar issues.  I have TCP 443 forwarded from my WAN interface to unraid IP TCP 443.  I know that forwarding works because if I start the owncloud docker provided by linuxserver.io listening on TCP 443, I can access from an external PC.  Here's the error and screen shot.  Any help is appreciated.  Thanks

 

"This line is making me think, but I don't see how to register on the LE website.  "You should register before running non-interactively, or provide --agree-tos and --email <email_address> flags"

 

DH parameters successfully created - 2048 bits

Generating new certificate

You should register before running non-interactively, or provide --agree-tos and --email <email_address> flags

/etc/my_init.d/firstrun.sh: line 138: cd: /config/keys: No such file or directory

Error opening input file cert.pem

 

cert.pem: No such file or directory

You should register before running non-interactively, or provide --agree-tos and --email <email_address> flags

/etc/my_init.d/firstrun.sh: line 138: cd: /config/keys: No such file or directory

Error opening input file cert.pem

 

cert.pem: No such file or directory

* Starting nginx nginx

...fail!

* Starting authentication failure monitor fail2ban

ERROR No file(s) found for glob /config/log/nginx/error.log

 

ERROR Failed during configuration: Have not found any log file for nginx-http-auth jail

 

...fail!

*** Running /etc/rc.local...

*** Booting runit daemon...

*** Runit started as PID 136

Aug 24 13:17:42 55052ec99626 syslog-ng[143]: syslog-ng starting up; version='3.5.3'

 

Just tested it with a brand new url, brand new e-mail address, new config folder etc. and it worked just fine.

 

Only thing I can think of is, does your e-mail address contain any weird characters?

Trying to set this up and it all makes sense but I don't know what the default username/password is when trying to access my site. Do I need to add a .htpasswd file into one of the directories?

 

I can see from reverse proxy config on page 5 aptalca has this stored here /config/nginx/.htpasswd; ?? My /config directory maps to /mnt/cache/appdata/nginx and I have tried creating the .htpasswd file in here but it didn't help.

 

Also can I add more sub domains to the environment variables after the initial creation? In case I need to add more sites

 

Thanks for the help!

Can someone be kind enough and make a Apache w/ let's encrypt support docker? I'm an Apache guy myself not a fan of Nginx  :P

Trying to set this up and it all makes sense but I don't know what the default username/password is when trying to access my site. Do I need to add a .htpasswd file into one of the directories?

 

I can see from reverse proxy config on page 5 aptalca has this stored here /config/nginx/.htpasswd; ?? My /config directory maps to /mnt/cache/appdata/nginx and I have tried creating the .htpasswd file in here but it didn't help.

 

Also can I add more sub domains to the environment variables after the initial creation? In case I need to add more sites

 

Thanks for the help!

There is no default password. If you want to use one, you have to create the .htpasswd file yourself and add the reference to the site config. Plenty of guides online telling you how to do it.

 

Edit the container settings and add as many subdomains as you like. Comma separated, no spaces. Keep in mind that every time you change the subdomains, the container will revoke the old cert and get a new one. If you do it too many times, letsencrypt will block/throttle your requests for some time.

@ Aptalca,  Having and issue starting this docker.  I've read through this entire thread and haven't been able to find any similar issues.  I have TCP 443 forwarded from my WAN interface to unraid IP TCP 443.  I know that forwarding works because if I start the owncloud docker provided by linuxserver.io listening on TCP 443, I can access from an external PC.  Here's the error and screen shot.  Any help is appreciated.  Thanks

 

"This line is making me think, but I don't see how to register on the LE website.  "You should register before running non-interactively, or provide --agree-tos and --email <email_address> flags"

 

DH parameters successfully created - 2048 bits

Generating new certificate

You should register before running non-interactively, or provide --agree-tos and --email <email_address> flags

/etc/my_init.d/firstrun.sh: line 138: cd: /config/keys: No such file or directory

Error opening input file cert.pem

 

cert.pem: No such file or directory

You should register before running non-interactively, or provide --agree-tos and --email <email_address> flags

/etc/my_init.d/firstrun.sh: line 138: cd: /config/keys: No such file or directory

Error opening input file cert.pem

 

cert.pem: No such file or directory

* Starting nginx nginx

...fail!

* Starting authentication failure monitor fail2ban

ERROR No file(s) found for glob /config/log/nginx/error.log

 

ERROR Failed during configuration: Have not found any log file for nginx-http-auth jail

 

...fail!

*** Running /etc/rc.local...

*** Booting runit daemon...

*** Runit started as PID 136

Aug 24 13:17:42 55052ec99626 syslog-ng[143]: syslog-ng starting up; version='3.5.3'

Hmm. Agree-to's and email should be provided. I'll look into it

@ Aptalca,  Having and issue starting this docker.  I've read through this entire thread and haven't been able to find any similar issues.  I have TCP 443 forwarded from my WAN interface to unraid IP TCP 443.  I know that forwarding works because if I start the owncloud docker provided by linuxserver.io listening on TCP 443, I can access from an external PC.  Here's the error and screen shot.  Any help is appreciated.  Thanks

 

"This line is making me think, but I don't see how to register on the LE website.  "You should register before running non-interactively, or provide --agree-tos and --email <email_address> flags"

 

DH parameters successfully created - 2048 bits

Generating new certificate

You should register before running non-interactively, or provide --agree-tos and --email <email_address> flags

/etc/my_init.d/firstrun.sh: line 138: cd: /config/keys: No such file or directory

Error opening input file cert.pem

 

cert.pem: No such file or directory

You should register before running non-interactively, or provide --agree-tos and --email <email_address> flags

/etc/my_init.d/firstrun.sh: line 138: cd: /config/keys: No such file or directory

Error opening input file cert.pem

 

cert.pem: No such file or directory

* Starting nginx nginx

...fail!

* Starting authentication failure monitor fail2ban

ERROR No file(s) found for glob /config/log/nginx/error.log

 

ERROR Failed during configuration: Have not found any log file for nginx-http-auth jail

 

...fail!

*** Running /etc/rc.local...

*** Booting runit daemon...

*** Runit started as PID 136

Aug 24 13:17:42 55052ec99626 syslog-ng[143]: syslog-ng starting up; version='3.5.3'

Hmm. Agree-to's and email should be provided. I'll look into it

 

I know the issue, just not sure how to correct.  my domain is registered with godaddy which does not support DDNS.  I have created CNAME records on godaddy DNS and pointed my sub domains to my duckdns.org domain. (xyz.duckdns.org).  so...  owncloud.mygodaddydomain.com is aliased to xyz.duckdns.org which resolves to my WAN IP.  This works perfectly for any sub domain of mygodaddydomain.com.  however  the root "@" record for "mygodaddydomain.com" is assigned to godaddy IP.  because of this I cannot authenticate mygodaddydomain.com but I could authenticate owncloud.mygodaddydomain.com.

 

any Ideas how to get around it?  does anyone know how to use ddns with godaddy?

 

here's one solution, I just don't want to mess with my google apps subdomain that are registered configured with my domain.

https://saschpe.wordpress.com/2013/11/12/godaddy-dyndns-for-the-poor/

@ Aptalca,  Having and issue starting this docker.  I've read through this entire thread and haven't been able to find any similar issues.  I have TCP 443 forwarded from my WAN interface to unraid IP TCP 443.  I know that forwarding works because if I start the owncloud docker provided by linuxserver.io listening on TCP 443, I can access from an external PC.  Here's the error and screen shot.  Any help is appreciated.  Thanks

 

"This line is making me think, but I don't see how to register on the LE website.  "You should register before running non-interactively, or provide --agree-tos and --email <email_address> flags"

 

DH parameters successfully created - 2048 bits

Generating new certificate

You should register before running non-interactively, or provide --agree-tos and --email <email_address> flags

/etc/my_init.d/firstrun.sh: line 138: cd: /config/keys: No such file or directory

Error opening input file cert.pem

 

cert.pem: No such file or directory

You should register before running non-interactively, or provide --agree-tos and --email <email_address> flags

/etc/my_init.d/firstrun.sh: line 138: cd: /config/keys: No such file or directory

Error opening input file cert.pem

 

cert.pem: No such file or directory

* Starting nginx nginx

...fail!

* Starting authentication failure monitor fail2ban

ERROR No file(s) found for glob /config/log/nginx/error.log

 

ERROR Failed during configuration: Have not found any log file for nginx-http-auth jail

 

...fail!

*** Running /etc/rc.local...

*** Booting runit daemon...

*** Runit started as PID 136

Aug 24 13:17:42 55052ec99626 syslog-ng[143]: syslog-ng starting up; version='3.5.3'

Hmm. Agree-to's and email should be provided. I'll look into it

@ Aptalca,  Having and issue starting this docker.  I've read through this entire thread and haven't been able to find any similar issues.  I have TCP 443 forwarded from my WAN interface to unraid IP TCP 443.  I know that forwarding works because if I start the owncloud docker provided by linuxserver.io listening on TCP 443, I can access from an external PC.  Here's the error and screen shot.  Any help is appreciated.  Thanks

 

"This line is making me think, but I don't see how to register on the LE website.  "You should register before running non-interactively, or provide --agree-tos and --email <email_address> flags"

 

DH parameters successfully created - 2048 bits

Generating new certificate

You should register before running non-interactively, or provide --agree-tos and --email <email_address> flags

/etc/my_init.d/firstrun.sh: line 138: cd: /config/keys: No such file or directory

Error opening input file cert.pem

 

cert.pem: No such file or directory

You should register before running non-interactively, or provide --agree-tos and --email <email_address> flags

/etc/my_init.d/firstrun.sh: line 138: cd: /config/keys: No such file or directory

Error opening input file cert.pem

 

cert.pem: No such file or directory

* Starting nginx nginx

...fail!

* Starting authentication failure monitor fail2ban

ERROR No file(s) found for glob /config/log/nginx/error.log

 

ERROR Failed during configuration: Have not found any log file for nginx-http-auth jail

 

...fail!

*** Running /etc/rc.local...

*** Booting runit daemon...

*** Runit started as PID 136

Aug 24 13:17:42 55052ec99626 syslog-ng[143]: syslog-ng starting up; version='3.5.3'

Hmm. Agree-to's and email should be provided. I'll look into it

 

I know the issue, just not sure how to correct.  my domain is registered with godaddy which does not support DDNS.  I have created CNAME records on godaddy DNS and pointed my sub domains to my duckdns.org domain. (xyz.duckdns.org).  so...  owncloud.mygodaddydomain.com is aliased to xyz.duckdns.org which resolves to my WAN IP.  This works perfectly for any sub domain of mygodaddydomain.com.  however  the root "@" record for "mygodaddydomain.com" is assigned to godaddy IP.  because of this I cannot authenticate mygodaddydomain.com but I could authenticate owncloud.mygodaddydomain.com.

 

any Ideas how to get around it?  does anyone know how to use ddns with godaddy?

 

here's one solution, I just don't want to mess with my google apps subdomain that are registered configured with my domain.

https://saschpe.wordpress.com/2013/11/12/godaddy-dyndns-for-the-poor/

Use the option for subdomains only. It is detailed on the docker hub page

perfect. Ty  I did read it but forgot what I read  ;D

First off thanks for the docker and help so far Aptalca.  I know when I get this working it'll be golden!  So I've made a lot of progress.  My cert issue is resolved and I've moved on to the proxy.  I got the proxy to work with the code below.  I the edited it creating a new server section for each subdomain.  at the same time I edited the allowed "ssl_ciphers" to basically remove support for old browsers etc...  There was a post in this thread that I followed.  anyhow after modifying the ciphers nginx won't start.  simply says "FAIL".  so I restored the original unmodified default file in ./ngix/site-confs but nginx still won't start.  so two questions....

 

1. where is more detailed logging?  I can't find anything in the appdata dir or inside the container.

2. any idea what I need to repair / replace / edit to get it working again.  I don't want to remove and start over for fear let'sEncrpty will blacklist me.

 

thanks

 

server {
        listen 443 ssl;

        server_name movies.mydomain.com;

        ssl_certificate /config/keys/fullchain.pem;
        ssl_certificate_key /config/keys/privkey.pem;
        ssl_dhparam /config/nginx/dhparams.pem;
        ssl_prefer_server_ciphers on;

        client_max_body_size 0;

        location / {
                proxy_pass http://192.168.XXX.XXX:5050;
                proxy_set_header Host $host;
                proxy_set_header X-Real-IP $remote_addr;
                proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
                proxy_connect_timeout 150;
                proxy_send_timeout 100;
                proxy_read_timeout 100;
                proxy_buffers 4 32k;
                client_max_body_size 8m;
                client_body_buffer_size 128k;
        }
}

ok, found this in /var/log...

 

2016/08/25 17:32:43 [emerg] 120#120: unexpected "E" in /config/nginx/site-confs/default.all_domains_not_working:38

 

I'll google it.  anyone have an idea?

 

Thanks

First off thanks for the docker and help so far Aptalca.  I know when I get this working it'll be golden!  So I've made a lot of progress.  My cert issue is resolved and I've moved on to the proxy.  I got the proxy to work with the code below.  I the edited it creating a new server section for each subdomain.  at the same time I edited the allowed "ssl_ciphers" to basically remove support for old browsers etc...  There was a post in this thread that I followed.  anyhow after modifying the ciphers nginx won't start.  simply says "FAIL".  so I restored the original unmodified default file in ./ngix/site-confs but nginx still won't start.  so two questions....

 

1. where is more detailed logging?  I can't find anything in the appdata dir or inside the container.

2. any idea what I need to repair / replace / edit to get it working again.  I don't want to remove and start over for fear let'sEncrpty will blacklist me.

 

thanks

 

server {
        listen 443 ssl;

        server_name movies.mydomain.com;

        ssl_certificate /config/keys/fullchain.pem;
        ssl_certificate_key /config/keys/privkey.pem;
        ssl_dhparam /config/nginx/dhparams.pem;
        ssl_prefer_server_ciphers on;

        client_max_body_size 0;

        location / {
                proxy_pass http://192.168.XXX.XXX:5050;
                proxy_set_header Host $host;
                proxy_set_header X-Real-IP $remote_addr;
                proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
                proxy_connect_timeout 150;
                proxy_send_timeout 100;
                proxy_read_timeout 100;
                proxy_buffers 4 32k;
                client_max_body_size 8m;
                client_body_buffer_size 128k;
        }
}

 

Ok so I found the issue.  hopefully this will help others.  I was saving copies of ./ngnix/sites-confs/default file in the same directory.  you can't do this.  any file in that directory will be read by ngnix.conf  because of this line...  " include /config/nginx/site-confs/*;"

 

so I removed all files except for "default" to a different directory in ./ngnix/config_backups.  restarted, and all worked.

 

OM!%^&$#$G!!!  sometimes computers really piss me off >:(

 

I though I was doing a good thing by making a copy before editing.

First off thanks for the docker and help so far Aptalca.  I know when I get this working it'll be golden!  So I've made a lot of progress.  My cert issue is resolved and I've moved on to the proxy.  I got the proxy to work with the code below.  I the edited it creating a new server section for each subdomain.  at the same time I edited the allowed "ssl_ciphers" to basically remove support for old browsers etc...  There was a post in this thread that I followed.  anyhow after modifying the ciphers nginx won't start.  simply says "FAIL".  so I restored the original unmodified default file in ./ngix/site-confs but nginx still won't start.  so two questions....

 

1. where is more detailed logging?  I can't find anything in the appdata dir or inside the container.

2. any idea what I need to repair / replace / edit to get it working again.  I don't want to remove and start over for fear let'sEncrpty will blacklist me.

 

thanks

 

server {
        listen 443 ssl;

        server_name movies.mydomain.com;

        ssl_certificate /config/keys/fullchain.pem;
        ssl_certificate_key /config/keys/privkey.pem;
        ssl_dhparam /config/nginx/dhparams.pem;
        ssl_prefer_server_ciphers on;

        client_max_body_size 0;

        location / {
                proxy_pass http://192.168.XXX.XXX:5050;
                proxy_set_header Host $host;
                proxy_set_header X-Real-IP $remote_addr;
                proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
                proxy_connect_timeout 150;
                proxy_send_timeout 100;
                proxy_read_timeout 100;
                proxy_buffers 4 32k;
                client_max_body_size 8m;
                client_body_buffer_size 128k;
        }
}

 

Ok so I found the issue.  hopefully this will help others.  I was saving copies of ./ngnix/sites-confs/default file in the same directory.  you can't do this.  any file in that directory will be read by ngnix.conf  because of this line...  " include /config/nginx/site-confs/*;"

 

so I removed all files except for "default" to a different directory in ./ngnix/config_backups.  restarted, and all worked.

 

OM!%^&$#$G!!!  sometimes computers really piss me off >:(

 

I though I was doing a good thing by making a copy before editing.

 

 

Ahhh! Thanks!!!, have been troubleshooting the exact same problem and this resolved it.

Archived

This topic is now archived and is closed to further replies.

Account

Navigation

Search

Search

Configure browser push notifications

Chrome (Android)
  1. Tap the lock icon next to the address bar.
  2. Tap Permissions → Notifications.
  3. Adjust your preference.
Chrome (Desktop)
  1. Click the padlock icon in the address bar.
  2. Select Site settings.
  3. Find Notifications and adjust your preference.