CHBMB Posted February 5, 2016 Share Posted February 5, 2016 Spoke to Sparklyballs about this. He's looking at the implications of this. Depending on your point of view http2 may have some security implications is the concern. I don't know much about this, but perhaps it's the reason why the Ubuntu repo carries an older version. Quote Link to comment
nallar Posted February 5, 2016 Share Posted February 5, 2016 I think it's just because you're on ubuntu trusty/LTS which was released in 2014. They're only including security updates to avoid breaking changes, so nginx is frozen at version 1.4 which was the current version at the time. Ubuntu vivd has nginx 1.6.2, wily includes nginx 1.9.3. If you used ppa:nginx/stable, you'd get nginx 1.8 which doesn't have http2 support (it was introduced in 1.9), but does add some other useful features which aren't in 1.4 such as weak etags for gzipped content. ppa:nginx/development (which tracks nginx mainline versions) does include http2. The nginx release notes are here: http://nginx.org/en/CHANGES If the nginx version is updated, http2 won't be on by default. It's only enabled if "http2" is added to your listen directive(s), for example "listen 443 default_server ssl http2;". I believe there is a breaking change between nginx 1.4 and 1.9 with the default configs. The line "include /etc/nginx/fastcgi_params;" needs to be changed to "include /etc/nginx/fastcgi.conf;". To avoid any impact for users of the container, after performing the update /etc/nginx/fastcgi_params could be symlinked to /etc/nginx/fastcgi.conf. edit: If the repositories are changed, it's probably best to change to ppa:nginx/stable, not development. That doesn't have http2 yet. It tracks official nginx stable releases. Quote Link to comment
keepitshut Posted February 21, 2016 Share Posted February 21, 2016 Hi guys, trying to use this nginx docker as a reverse proxy for pydio. I can't seem to get sharing to work though, I keep getting 404ed and this is in my error log: "Primary script unknown" while reading response header from upstream, client: x.x.x.x, server: xxx, request: "POST /pydio/index.php? HTTP/1.1", upstream: "fastcgi://127.0.0.1:9000", host: "xxx", referrer: "https://xxx/pydio/settings/" My nginx config: location /pydio/ { proxy_pass https://192.168.0.101:444/; location ~ \.php$ { fastcgi_split_path_info ^(.+\.php)(/.+)$; # With php5-cgi alone: fastcgi_pass 127.0.0.1:9000; # With php5-fpm: #fastcgi_pass unix:/var/run/php5-fpm.sock; fastcgi_index index.php; include /etc/nginx/fastcgi_params; } } Any help would be appreciated. I suspect its something to do with the php and cgi thing, but I have no idea how to solve it Quote Link to comment
jnheinz Posted February 28, 2016 Share Posted February 28, 2016 Is there any way to prevent this Docker from making a "default" file/configuration when restarted under /config/nginx/site-confs ? It is messing up my reverse proxy configuration. I delete default & it then works. Kind of a pain. Quote Link to comment
peter_sm Posted March 6, 2016 Share Posted March 6, 2016 I'm trying to get Owncloud working in reverse proxy but no luck. What is the changes I need to do to get this working? //Peter Quote Link to comment
CHBMB Posted March 6, 2016 Share Posted March 6, 2016 I'm trying to get Owncloud working in reverse proxy but no luck. What is the changes I need to do to get this working? //Peter Peter, I don't use nginx, I use Apache, but here's how to get Owncloud working on server.com/owncloud for the config.php file in Owncloud. $CONFIG = array ( 'instanceid' => 'INSTANCEID', 'passwordsalt' => 'PASSWORD', 'secret' => 'SECRET', 'trusted_domains' => array ( 0 => '192.168.0.1', 1 => 'server.com', ), 'datadirectory' => '/var/www/owncloud/data', 'overwritewebroot' => '/owncloud', 'overwrite.cli.url' => 'https://server.com', 'overwritehost' => 'server.com', 'overwriteprotocol' => 'https', 'dbtype' => 'mysql', 'version' => '8.0.3.4', 'dbname' => 'owncloud', 'dbhost' => '192.168.0.1', 'dbtableprefix' => 'oc_', 'dbuser' => 'oc_USER', 'dbpassword' => 'PASSWORD', 'installed' => true, 'forcessl' => true, 'forceSSLforSubdomains' => true, 'mail_smtpmode' => 'smtp', 'mail_smtpsecure' => 'ssl', In Apache the default.conf bit would be <Location /owncloud> ProxyPass https://192.168.0.1:8000 ProxyPassReverse https://192.168.0.1:8000 </Location> Hope that helps a bit. Quote Link to comment
peter_sm Posted March 6, 2016 Share Posted March 6, 2016 Thanks, I will try this. But open port 443 to the web server might be an issue? But that is needed to get this to work? Quote Link to comment
CHBMB Posted March 6, 2016 Share Posted March 6, 2016 Thanks, I will try this. But open port 443 to the web server might be an issue? But that is needed to get this to work? I'm not sure whether it will work on port 80 alone or not as I run everything over 443, got my certificates for Apache from StartSSL which is free for up to 5 subdomains. All traffic on my webserver gets automatically redirected to 443. Quote Link to comment
peter_sm Posted March 6, 2016 Share Posted March 6, 2016 I'm also using 443 and ssl certificate , is it safe Then to open port 443 in router and forward this to unraid ip? Quote Link to comment
CHBMB Posted March 7, 2016 Share Posted March 7, 2016 Yes as long as you've got nginx secured properly. Quote Link to comment
surfshack66 Posted March 15, 2016 Share Posted March 15, 2016 Smdion, any chance you have that write up? I'm having some trouble with nginx config for reverse proxies. Also, the links below are broken. If you (or someone else) still have the config file that would help. Is there a guide somewhere on how to get the reverse proxy working? I've always wanted to do this to make all the different services such as Sabnzbd and Sickrage easier to access. I've been messing with it for about 2 hours now and I'm completely lost... Hey bb12489, I wrote a guide a while back for Apache (https://www.linuxserver.io/index.php/overview-reverse-proxy-with-docker/). I just converted over to nginx and do not have a write up yet (i plan too, just been busy) Here is my old apache config - https://www.seandion.com/owncloud/index.php/s/R4tJqfqb4opuOsp Here is my new nginx config - https://www.seandion.com/owncloud/index.php/s/XpFigScMblZO2dJ Those should help a bit more and I will be doing an nginx addition to that guide. Quote Link to comment
CHBMB Posted March 15, 2016 Share Posted March 15, 2016 Smdion, any chance you have that write up? I'm having some trouble with nginx config for reverse proxies. Also, the links below are broken. If you (or someone else) still have the config file that would help. Sorry, but smdion has been missing for quite some time.. Quote Link to comment
peter_sm Posted March 16, 2016 Share Posted March 16, 2016 I have done a lot of test for reverse proxy soluitions but it always fail :-( What I like to see is a docker with reverse proxy/nginx/owncloud/letsencrypt/fail2ban :-) I think that this can't be done ;-) //Peter Quote Link to comment
surfshack66 Posted March 16, 2016 Share Posted March 16, 2016 error.log is showing connect() failed (111: Connection refused) while connecting to upstream, client: 192.168.1.3, server: localhost, request: "GET /couchpotato HTTP/1.1", upstream: "http://127.0.0.1:5050/couchpotato", host: "192.168.1.2" any ideas what could be causing this? Quote Link to comment
CHBMB Posted March 17, 2016 Share Posted March 17, 2016 Use the IP address of your unraid box instead of 127.0.0.1 Quote Link to comment
bigjme Posted March 27, 2016 Share Posted March 27, 2016 Any chance we can get access to the php.ini file within the docker? There are a couple of php security changes i would like to make such as turning off allow_url_fopen but can not access the php.ini file in the config folder Its a small one but would be useful if its possible Quote Link to comment
FL4T Posted April 3, 2016 Share Posted April 3, 2016 Hey all, if this is a dumb question sorry. I am extremely new to all of this. - I'm having trouble seeing the default welcome page after nginx docker installation. My UnRaid webgui is using port 80 so I set up the nginx container port=80 / host port=8008 but all I see is an "unable to connect" page. I've been reading through tons of documentation but I guess I'm just not seeing what I need to see. Is there more configuration required just to be able to see the default welcome page? Thanks in advance Quote Link to comment
CHBMB Posted April 3, 2016 Share Posted April 3, 2016 Hey all, if this is a dumb question sorry. I am extremely new to all of this. - I'm having trouble seeing the default welcome page after nginx docker installation. My UnRaid webgui is using port 80 so I set up the nginx container port=80 / host port=8008 but all I see is an "unable to connect" page. I've been reading through tons of documentation but I guess I'm just not seeing what I need to see. Is there more configuration required just to be able to see the default welcome page? Thanks in advance The webui link in the docker page will need changing, but try going to http://tower:8008 Also check the nginx log via the docker page in the Unraid webui to make sure it's finished setup before you do so. If it still doesn't work then a browser cache clear or try an alternative browser. Quote Link to comment
kenthaug Posted April 26, 2016 Share Posted April 26, 2016 Hi Are there any hardcore coders that have the skills to add the RTMP module for Nginx to this Docker? I’m currently running a Windows Server installation with Nginx that I’m using to as an HTS live feed, and I am really interested to moving this to a Docker. Quote Link to comment
bb12489 Posted September 12, 2016 Share Posted September 12, 2016 Just checking in here to see if anyone has been able to reverse proxy their DDWRT web gui's ? Quote Link to comment
CHBMB Posted September 28, 2016 Share Posted September 28, 2016 Just checking in here to see if anyone has been able to reverse proxy their DDWRT web gui's ? Just seen this, why? Sounds like a really really bad idea to me if this is going to be WAN facing.... Quote Link to comment
Guest Posted October 4, 2016 Share Posted October 4, 2016 If anybody has the time, it would be nice to add Let's Encrypt support to the docker image so I can actually secure my website. (it should all be automatic once it's going, though) Also, what on earth is reverse proxy? Let's say I have a Wordpress site. Does having reverse proxy let me connect to websites in my 'internal' network? Would it be something like this? Client(Me) ------> Internet -----> Home Server -------> WordPress ------> Nginx -------(some reverse proxy thing)----> Owncloud and other apps? Is it something like this? Quote Link to comment
CHBMB Posted October 4, 2016 Share Posted October 4, 2016 Reverse proxy: Client > Internet > Server > Reverse Proxy and from there onto app1, app2, app3 etc Sent from my LG-H815 using Tapatalk Quote Link to comment
Guest Posted October 4, 2016 Share Posted October 4, 2016 Reverse proxy: Client > Internet > Server > Reverse Proxy and from there onto app1, app2, app3 etc Sent from my LG-H815 using Tapatalk Thanks - but does that mean I have to set up all the apps one by one in the site-confs/? Quote Link to comment
CHBMB Posted October 4, 2016 Share Posted October 4, 2016 Yes Sent from my LG-H815 using Tapatalk Quote Link to comment
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.