November 4, 20169 yr I'm also trying to reverse proxy linuxserver.io's ruTorrent docker but it's not working. Maybe something to do with not being able to set a URL base? This is the config I'm trying: location /ru { include /config/nginx/proxy.conf; proxy_pass http://192.168.1.252:88/ru; } I get a 404 not found error from nginx. But you are saying http://192.168.1.252:88/ru works fine inside your network?
November 4, 20169 yr Testing it at work. Looks like company firewall blocks access to dynamic DNS! (I can access my domain on my phone). Is there anything else I can do, or should I try a VPN? I learned that it depends on the domain. For example, at my work place they block [yourname].hopto.org, but not [yourname].mynetgear.com. So I suggest you try different free domains before resorting to VPN. BTW, from my work place I can't get on openVPN either unless I switch to an unsecure guest wireless connection. Good luck!
November 4, 20169 yr Did anyone here have success setting up Krusader with reverse proxy? Thanks to this thread I got CP, Deluge, SickBeard and sabnzbd working. But can't figure out Krusader. Any tips? Thanks!
November 4, 20169 yr But you are saying http://192.168.1.252:88/ru works fine inside your network? Errr no, I access it with http://192.168.1.252:88. Ok I realize I should be using that instead of the http://192.168.1.252:88/ru . I thought I tried it but I must be confused. I can now access it via http://mydomain.org/ru but it's like an incomplete page:
November 4, 20169 yr Testing it at work. Looks like company firewall blocks access to dynamic DNS! (I can access my domain on my phone). Is there anything else I can do, or should I try a VPN? You can get your own domain. There is a free option but I cannot remember the name
November 4, 20169 yr But you are saying http://192.168.1.252:88/ru works fine inside your network? Errr no, I access it with http://192.168.1.252:88. Ok I realize I should be using that instead of the http://192.168.1.252:88/ru . I thought I tried it but I must be confused. I can now access it via http://mydomain.org/ru but it's like an incomplete page: You can either use the subdomain method in a new server block, or if you're using the linuxserver version, you can make it use a base url. In the rutorrent config folder, edit the file nginx/nginx.conf and change the line "root /var/www/localhost/rutorrent;" to "root /var/www/localhost;" and restart. Now you'll have to access it at the baseurl "rutorrent" and can set it up for reverse proxy with that
November 5, 20169 yr I'm also trying to reverse proxy linuxserver.io's ruTorrent docker but it's not working. Maybe something to do with not being able to set a URL base? This is the config I'm trying: location /ru { include /config/nginx/proxy.conf; proxy_pass http://192.168.1.252:88/ru; } This is a blind copy paste, I don't know what I'm doing here, but try this. location /ru { include /config/nginx/proxy.conf; rewrite ^/ru$ /ru/ redirect; proxy_pass http://192.168.1.252:88/ru; }
November 5, 20169 yr You can get your own domain. There is a free option but I cannot remember the name I do have a domain I can use, I'll have to figure that out. I'm using a DuckDNS docker right now, will have to look into the CloudFlare docker and figure out how to use it for DDNS. You can either use the subdomain method in a new server block, or if you're using the linuxserver version, you can make it use a base url. In the rutorrent config folder, edit the file nginx/nginx.conf and change the line "root /var/www/localhost/rutorrent;" to "root /var/www/localhost;" and restart. Now you'll have to access it at the baseurl "rutorrent" and can set it up for reverse proxy with that That worked perfectly even though I don't know what I'm doing at all! This is a blind copy paste, I don't know what I'm doing here, but try this. location /ru { include /config/nginx/proxy.conf; rewrite ^/ru$ /ru/ redirect; proxy_pass http://192.168.1.252:88/ru; } Thanks for jumping in but the above code solved it!
November 7, 20169 yr Hey guys, It just doesnt want to work for me. I forwarded port 443 to the Unraid machine in my router, I believe I entered everything correctly. I'm probably just being stupid, but I would really appreciate your help guys: *** Running /etc/my_init.d/00_regen_ssh_host_keys.sh... *** Running /etc/my_init.d/firstrun.sh... Setting the correct time Current default time zone: 'Europe/Berlin' Local time is now: Mon Nov 7 19:18:27 CET 2016. Universal Time is now: Mon Nov 7 18:18:27 UTC 2016. Copying the default nginx.conf Copying the default nginx-fpm.conf Copying the default site config Copying the default landing page Copying the default jail.local Copying default fail2ban filters SUBDOMAINS entered, processing Sub-domains processed are: -d www.XXXXXXXX.duckdns.org Creating DH parameters for additional security. This may take a very long time. There will be another message once this process is completed Generating DH parameters, 2048 bit long safe prime, generator 2 This is going to take a long time ...+....................+...+...+...+...+...+........................................................................................+.........................................+.....................+........................+...+..............................................................................................+.................+...................................................................................................+...................................................................................+.......................................+...+...+.........................................................................+...........................+....................................................+......................................+...+.....+...+...+...+...+.............+...+.....................................................................+...+...............................................+...+..............+.....................................................................+..........................+.....................................................................+.................................................+.......................................................................+..................+...............................................................................................+...+.............................................+...................................................................+.......................................+...........................................................................................+..............................................................+...+.................................................................................................+..........+...................................................................+.......................................................+..............................................+.........................+....................................................+.....................................................................................+.....................................................................+...+.................................................................................................+........+...+...+...........................+.......+..........+...............................................+...+..........................................................................................+..............+...+............................................................................+.........................................+.......................+..............................+...+............................+...+..................................................................+...+.................................+...+...............................+......................................+................................................................................................+...........................+....+...................................+............................................................+......................................+..............................................+................................................................+....................................................+...........+...............+....................................+.....................................+.................+.......................+...+............................+...++*++* DH parameters successfully created - 2048 bits Generating new certificate Upgrading certbot-auto 0.8.1 to 0.9.3... Replacing certbot-auto... Creating virtual environment... Installing Python packages... Installation succeeded. WARNING: The standalone specific supported challenges flag is deprecated. Please use the --preferred-challenges flag instead. Saving debug log to /var/log/letsencrypt/letsencrypt.log Starting new HTTPS connection (1): acme-v01.api.letsencrypt.org Obtaining a new certificate Performing the following challenges: tls-sni-01 challenge for XXXXXXXX.duckdns.org tls-sni-01 challenge for www.XXXXXXXX.duckdns.org Waiting for verification... Performing the following challenges: tls-sni-01 challenge for XXXXXXXX.duckdns.org tls-sni-01 challenge for www.XXXXXXXX.duckdns.org Waiting for verification... Cleaning up challenges Failed authorization procedure. XXXXXXXX.duckdns.org (tls-sni-01): urn:acme:error:connection :: The server could not connect to the client to verify the domain :: Failed to connect to XX.XXX.XXX.XXX:443 for TLS-SNI-01 challenge, www.XXXXXXXX.duckdns.org (tls-sni-01): urn:acme:error:connection :: The server could not connect to the client to verify the domain :: Failed to connect to XX.XXX.XXX.XXX:443 for TLS-SNI-01 challenge IMPORTANT NOTES: - If you lose your account credentials, you can recover through e-mails sent to [email protected]. - The following errors were reported by the server: Domain: XXXXXXXX.duckdns.org Type: connection Detail: Failed to connect to XX.XXX.XXX.XXX:443 for TLS-SNI-01 challenge Domain: www.XXXXXXXX.duckdns.org Type: connection Detail: Failed to connect to XX.XXX.XXX.XXX:443 for TLS-SNI-01 challenge To fix these errors, please make sure that your domain name was entered correctly and the DNS A record(s) for that domain contain(s) the right IP address. Additionally, please check that your computer has a publicly routable IP address and that no firewalls are preventing the server from communicating with the client. If you're using the webroot plugin, you should also verify that you are serving files from the webroot path you provided. - Your account credentials have been saved in your Certbot configuration directory at /etc/letsencrypt. You should make a secure backup of this folder now. This configuration directory will also contain certificates and private keys obtained by Certbot so making regular backups of this folder is ideal. /etc/my_init.d/firstrun.sh: line 138: cd: /config/keys: No such file or directory Error opening input file cert.pem cert.pem: No such file or directory * Starting nginx nginx ...fail! * Starting authentication failure monitor fail2ban ERROR No file(s) found for glob /config/log/nginx/error.log ERROR Failed during configuration: Have not found any log file for nginx-http-auth jail ...fail! *** Running /etc/rc.local... *** Booting runit daemon... *** Runit started as PID 326 Nov 7 19:20:11 934a18475510 syslog-ng[335]: syslog-ng starting up; version='3.5.3'
November 7, 20169 yr Forward port 80 also. Its a good idea to do this regardless and then use the code below to redirect any http requests to https. server { listen 80; server_name mydomain.tld www.mydomain.tld; return 301 https://$host$request_uri; }
November 7, 20169 yr Hey guys, It just doesnt want to work for me. I forwarded port 443 to the Unraid machine in my router, I believe I entered everything correctly. I'm probably just being stupid, but I would really appreciate your help guys: *** Running /etc/my_init.d/00_regen_ssh_host_keys.sh... *** Running /etc/my_init.d/firstrun.sh... Setting the correct time Current default time zone: 'Europe/Berlin' Local time is now: Mon Nov 7 19:18:27 CET 2016. Universal Time is now: Mon Nov 7 18:18:27 UTC 2016. Copying the default nginx.conf Copying the default nginx-fpm.conf Copying the default site config Copying the default landing page Copying the default jail.local Copying default fail2ban filters SUBDOMAINS entered, processing Sub-domains processed are: -d www.XXXXXXXX.duckdns.org Creating DH parameters for additional security. This may take a very long time. There will be another message once this process is completed Generating DH parameters, 2048 bit long safe prime, generator 2 This is going to take a long time ...+....................+...+...+...+...+...+........................................................................................+.........................................+.....................+........................+...+..............................................................................................+.................+...................................................................................................+...................................................................................+.......................................+...+...+.........................................................................+...........................+....................................................+......................................+...+.....+...+...+...+...+.............+...+.....................................................................+...+...............................................+...+..............+.....................................................................+..........................+.....................................................................+.................................................+.......................................................................+..................+...............................................................................................+...+.............................................+...................................................................+.......................................+...........................................................................................+..............................................................+...+.................................................................................................+..........+...................................................................+.......................................................+..............................................+.........................+....................................................+.....................................................................................+.....................................................................+...+.................................................................................................+........+...+...+...........................+.......+..........+...............................................+...+..........................................................................................+..............+...+............................................................................+.........................................+.......................+..............................+...+............................+...+..................................................................+...+.................................+...+...............................+......................................+................................................................................................+...........................+....+...................................+............................................................+......................................+..............................................+................................................................+....................................................+...........+...............+....................................+.....................................+.................+.......................+...+............................+...++*++* DH parameters successfully created - 2048 bits Generating new certificate Upgrading certbot-auto 0.8.1 to 0.9.3... Replacing certbot-auto... Creating virtual environment... Installing Python packages... Installation succeeded. WARNING: The standalone specific supported challenges flag is deprecated. Please use the --preferred-challenges flag instead. Saving debug log to /var/log/letsencrypt/letsencrypt.log Starting new HTTPS connection (1): acme-v01.api.letsencrypt.org Obtaining a new certificate Performing the following challenges: tls-sni-01 challenge for XXXXXXXX.duckdns.org tls-sni-01 challenge for www.XXXXXXXX.duckdns.org Waiting for verification... Performing the following challenges: tls-sni-01 challenge for XXXXXXXX.duckdns.org tls-sni-01 challenge for www.XXXXXXXX.duckdns.org Waiting for verification... Cleaning up challenges Failed authorization procedure. XXXXXXXX.duckdns.org (tls-sni-01): urn:acme:error:connection :: The server could not connect to the client to verify the domain :: Failed to connect to XX.XXX.XXX.XXX:443 for TLS-SNI-01 challenge, www.XXXXXXXX.duckdns.org (tls-sni-01): urn:acme:error:connection :: The server could not connect to the client to verify the domain :: Failed to connect to XX.XXX.XXX.XXX:443 for TLS-SNI-01 challenge IMPORTANT NOTES: - If you lose your account credentials, you can recover through e-mails sent to [email protected]. - The following errors were reported by the server: Domain: XXXXXXXX.duckdns.org Type: connection Detail: Failed to connect to XX.XXX.XXX.XXX:443 for TLS-SNI-01 challenge Domain: www.XXXXXXXX.duckdns.org Type: connection Detail: Failed to connect to XX.XXX.XXX.XXX:443 for TLS-SNI-01 challenge To fix these errors, please make sure that your domain name was entered correctly and the DNS A record(s) for that domain contain(s) the right IP address. Additionally, please check that your computer has a publicly routable IP address and that no firewalls are preventing the server from communicating with the client. If you're using the webroot plugin, you should also verify that you are serving files from the webroot path you provided. - Your account credentials have been saved in your Certbot configuration directory at /etc/letsencrypt. You should make a secure backup of this folder now. This configuration directory will also contain certificates and private keys obtained by Certbot so making regular backups of this folder is ideal. /etc/my_init.d/firstrun.sh: line 138: cd: /config/keys: No such file or directory Error opening input file cert.pem cert.pem: No such file or directory * Starting nginx nginx ...fail! * Starting authentication failure monitor fail2ban ERROR No file(s) found for glob /config/log/nginx/error.log ERROR Failed during configuration: Have not found any log file for nginx-http-auth jail ...fail! *** Running /etc/rc.local... *** Booting runit daemon... *** Runit started as PID 326 Nov 7 19:20:11 934a18475510 syslog-ng[335]: syslog-ng starting up; version='3.5.3' What is your docker run command? (or you can post a screenshot of your container settings)
November 7, 20169 yr Community Expert The docker run command as seen in this, from the Docker FAQ sticky: I need some help! What info does the community need to help me?
November 7, 20169 yr root@localhost:# /usr/local/emhttp/plugins/dynamix.docker.manager/scripts/docker run -d --name="Nginx-letsencrypt" --net="bridge" --privileged="true" -e TZ="Europe/Berlin" -e HOST_OS="unRAID" -e "EMAIL"="[email protected]" -e "URL"="XXXXXXX.duckdns.org" -e "SUBDOMAINS"="www" -p 2132:80/tcp -p 443:443/tcp -v "/mnt/user/appdata/Nginx-letsencrypt":"/config":rw aptalca/nginx-letsencrypt adb8d02c04a3c41e18866e7be435ed10dd33ed416c18ea7eab31f4a2f269ea41
November 7, 20169 yr root@localhost:# /usr/local/emhttp/plugins/dynamix.docker.manager/scripts/docker run -d --name="Nginx-letsencrypt" --net="bridge" --privileged="true" -e TZ="Europe/Berlin" -e HOST_OS="unRAID" -e "EMAIL"="[email protected]" -e "URL"="XXXXXXX.duckdns.org" -e "SUBDOMAINS"="www" -p 2132:80/tcp -p 443:443/tcp -v "/mnt/user/appdata/Nginx-letsencrypt":"/config":rw aptalca/nginx-letsencrypt adb8d02c04a3c41e18866e7be435ed10dd33ed416c18ea7eab31f4a2f269ea41 So you need to forward WAN port 80 to 2132 on Unraid.
November 7, 20169 yr Just did that before running it, same result :'( Does the IP address returned from http://whatismyipaddress.com/ match the IP address that returns when you ping XXXXXXX.duckdns.org?
November 7, 20169 yr Yes, the ddns is working perfectly. For example, I have the jdownloader docker running and forwarded its port. I can connect to its interface via XXXX.duckdns.org:JdownloaderPort just fine.
November 7, 20169 yr OK, just to rule out silly problems, why don't you post a snippet of a screenshot with your port forwards. No offence meant, just I'm the guy who spent 2 hours last night wrestling with TVheadend and minisatip before I realised I should have put it into host mode...
November 7, 20169 yr No offence taken at all. Sometimes you just get confused and someone else just needs to look at it for a second. I have no doubt I'm just making a rookie mistake. Router interface is german, but it should be self explanatory. I really do appreciate your help.
November 7, 20169 yr shouldn't I at least be able to see the default landing page from unraidmachine:2132 from within the local network ? Because I cant. Its like its not running. Or would that only be running after the connection was successful?
November 7, 20169 yr If the webserver was up and running you should see an Nginx landing page. Could try the ls.io non-LE version of Nginx to check that out I suppose. Then it would only leave LE as the problem.
November 7, 20169 yr yup. installed the nginx docker. I can reach the landing page from that one from within the network as well as from the ddns.
November 7, 20169 yr Yea no you can see Nginx fail to start in the log he posted. * Starting nginx nginx ...fail! Just to be certain use this to see if your ports really are open. http://www.canyouseeme.org/
Archived
This topic is now archived and is closed to further replies.