aptalca Posted April 11, 2018 Share Posted April 11, 2018 2 hours ago, Drider said: Is there a guide or tutorial on setting up the \nginx\site-confs\default file? I'm on unRAID 6.1.9 (I know old), and when I configure a fresh install everything works great, meaning I can remote to my mail server 400 miles away, browse to subdomain.mydomain.com and get it to redirect me to the https://subdomain.mydomain.com default index.html. I actually impressed myself because I got it to work through Godaddy redirecting a CNAME to my free-dns subdomain back to the dynamic IP here at home, while keeping the secure lock and correct address in the address bar. Problem is, I've been hitting a severe roadblock trying to get the correct format in the default site-confs file to get to my OMBI docker container. It seems like everytime I edit the default file, it borks the whole system, and no matter where I connect from I get an ERROR_CONNECTION_REFUSED. Trying to undo edits and save, or replacing the file with a backup resolves nothing, and I end up having to uninstall/reinstall the container, to get back to functional. EDIT: I did try newperms Tool on my appdata folder, which actually help to speed up my server GUI navigation, but nothing else... Maybe someone can give me the quick version, but a guide or reference for editing that file would be just as appreciated. My base url for ombi: /request Ports are default at 3579 for both container and host as I can't seem to find where I can change that. and the server's host address is 192.168.0.69 I know I'm close, but just can't seem to get it... It would also be nice to utilize just the sub-domain.domain address for my users navigating to the site omitting </request>. From what I can tell in the default file example this is possible, no? Bonus Round: I have basic authentication turned on for myself and my users, using the built in PLEX account authentication, but what's the most secure way to implement this? To quote linuxserver.io: Is this something I should be interested in setting as well? Any guides, or reference for implementation? I appreciate the help, as i'm finally getting around to actually using the 2xE5-2670 128GB RAM beast I built a couple years back, ... (The first one at least...) Googling subdomain reverse proxy, nginx site config and htpasswd will get you tons of guides. None of those are specific to docker or unraid, they are all universal concepts to do with nginx. Some people also posted guides or their site configs on this forum. There are examples in the default site config for both subfolder and subdomain methods. Check out the example for subdomain, pay attention to the description that says "no base url" and use the same settings for ombi Quote Link to comment
allanp81 Posted April 11, 2018 Share Posted April 11, 2018 4 hours ago, EdgarWallace said: Thank you very much @aptalca adding a comma into the subdomain(s) field is working well (adding a blank isn't working btw. this is what I tried earlier..) @allanp81 you might want to try that as well. Let me know if it is working for you too. Yep, that works for me too Quote Link to comment
Skrumpy Posted April 11, 2018 Share Posted April 11, 2018 (edited) Had my site working fine the other day. But now when headed to my host.domain.net (obfuscated) I'm getting '401 authorization required, nginx' outside my network. Oddly enough, when I access on my phone (on cell network) via Chrome it works, but not Firefox (401 auth), even after clearing cache. Others were able to connect as of last night, but now are getting the same 401 but on either browser. Originally I thought this had something to do with installing Pi-Hole the other day and changing the DNS in my router to the docker IP (changes since reverted to try to troubleshoot this). I don't know if that would've caused an issue, but PH was working fine and I had people accessing the server remotely. I do own my own domain and the host is setup as DNS (A) and I have ports setup correctly (80->81, 443->444) setup in the LE docker. Using No-IP and have their DUC updating my IP every 5min. host.domain.net works perfectly on local network. Unraid 6.5.0 running LE + Organizr, both dockers current. Edit: I thought there may have been something wrong at my host level so I tossed them a support ticket and got this: Quote It looks like host.domain.net is connecting on 80 and getting redirected to 443, but the SSL is not available there: curl -v host.domain.net * Rebuilt URL to: host.domain.net / * Trying MYIP... * Connected to host.domain.net (MYIP) port 80 (#0) GET / HTTP/1.1 Host: host.domain.net User-Agent: curl/7.43.0 Accept: / < HTTP/1.1 301 Moved Permanently < Server: nginx/1.12.2 < Date: Wed, 11 Apr 2018 19:27:13 GMT < Content-Type: text/html < Content-Length: 185 < Connection: keep-alive < Location: https://host.domain.net/ < Expires: Thu, 01 Jan 1970 00:00:01 GMT < Cache-Control: no-cache < Strict-Transport-Security: max-age=31536000; includeSubDomains; preload; < X-Frame-Options: SAMEORIGIN < X-Content-Type-Options: nosniff < X-XSS-Protection: 1; mode=block < X-Robots-Tag: none < <html> <head><title>301 Moved Permanently</title></head> <body bgcolor="white"> <center><h1>301 Moved Permanently</h1></center> <hr><center>nginx/1.12.2</center> </body> </html> * Connection #0 to host host.domain.net left intact I checked port 443 just to be sure, and it looks like there is no SSL handshake as suspected: openssl s_client -connect host.domain.net:443 CONNECTED(00000003) 29438:error:14077410:SSL routines:SSL23_GET_SERVER_HELLO:sslv3 alert handshake failure:/BuildRoot/Library/Caches/com.apple.xbs/Sources/OpenSSL098/OpenSSL098-59.60.1/src/ssl/s23_clnt.c:593: My power went out the other day, is it possible that something got messed up somehow in my config (or elsewhere) because of it? Ran a parity check and everything was fine, and it appeared that everything was working correctly after that.. but this issue has me at a loss. Edit #2: So cleared all browser cache, certs, etc from Chrome and now also getting the same 401 error. Some sort of cert error? What could this possibly be? I'm not getting any errors in docker dashboard log or in Unraid log. I deleted docker image and reinstalled LE and Organizr.. to the same effect. Edited April 11, 2018 by Skrumpy Quote Link to comment
Encino Stan Posted April 11, 2018 Share Posted April 11, 2018 Since unRaid has Let's Encrypt and nginx installed in the OS (as of 6.4), could one use the built-in applications rather than running them seperately in a docker container? Pros and Cons of doing that way? Quote Link to comment
aptalca Posted April 12, 2018 Share Posted April 12, 2018 6 hours ago, Skrumpy said: Had my site working fine the other day. But now when headed to my host.domain.net (obfuscated) I'm getting '401 authorization required, nginx' outside my network. Oddly enough, when I access on my phone (on cell network) via Chrome it works, but not Firefox (401 auth), even after clearing cache. Others were able to connect as of last night, but now are getting the same 401 but on either browser. Originally I thought this had something to do with installing Pi-Hole the other day and changing the DNS in my router to the docker IP (changes since reverted to try to troubleshoot this). I don't know if that would've caused an issue, but PH was working fine and I had people accessing the server remotely. I do own my own domain and the host is setup as DNS (A) and I have ports setup correctly (80->81, 443->444) setup in the LE docker. Using No-IP and have their DUC updating my IP every 5min. host.domain.net works perfectly on local network. Unraid 6.5.0 running LE + Organizr, both dockers current. Edit: I thought there may have been something wrong at my host level so I tossed them a support ticket and got this: My power went out the other day, is it possible that something got messed up somehow in my config (or elsewhere) because of it? Ran a parity check and everything was fine, and it appeared that everything was working correctly after that.. but this issue has me at a loss. Edit #2: So cleared all browser cache, certs, etc from Chrome and now also getting the same 401 error. Some sort of cert error? What could this possibly be? I'm not getting any errors in docker dashboard log or in Unraid log. I deleted docker image and reinstalled LE and Organizr.. to the same effect. Could be an issue with the site config, or port forwarding. Are you sure you're not accidentally forwarding 443 to unraid gui? Post your site config and we'll take a look Quote Link to comment
GilbN Posted April 12, 2018 Share Posted April 12, 2018 19 hours ago, Drider said: Is there a guide or tutorial on setting up the \nginx\site-confs\default file? I'm on unRAID 6.1.9 (I know old), and when I configure a fresh install everything works great, meaning I can remote to my mail server 400 miles away, browse to subdomain.mydomain.com and get it to redirect me to the https://subdomain.mydomain.com default index.html. I actually impressed myself because I got it to work through Godaddy redirecting a CNAME to my free-dns subdomain back to the dynamic IP here at home, while keeping the secure lock and correct address in the address bar. Problem is, I've been hitting a severe roadblock trying to get the correct format in the default site-confs file to get to my OMBI docker container. It seems like everytime I edit the default file, it borks the whole system, and no matter where I connect from I get an ERROR_CONNECTION_REFUSED. Trying to undo edits and save, or replacing the file with a backup resolves nothing, and I end up having to uninstall/reinstall the container, to get back to functional. EDIT: I did try newperms Tool on my appdata folder, which actually help to speed up my server GUI navigation, but nothing else... Maybe someone can give me the quick version, but a guide or reference for editing that file would be just as appreciated. My base url for ombi: /request Ports are default at 3579 for both container and host as I can't seem to find where I can change that. and the server's host address is 192.168.0.69 I know I'm close, but just can't seem to get it... It would also be nice to utilize just the sub-domain.domain address for my users navigating to the site omitting </request>. From what I can tell in the default file example this is possible, no? Bonus Round: I have basic authentication turned on for myself and my users, using the built in PLEX account authentication, but what's the most secure way to implement this? To quote linuxserver.io: Is this something I should be interested in setting as well? Any guides, or reference for implementation? I appreciate the help, as i'm finally getting around to actually using the 2xE5-2670 128GB RAM beast I built a couple years back, ... (The first one at least...) I have some guides on https://technicalramblings.com https://technicalramblings.com/blog/how-to-setup-organizr-with-letsencrypt-on-unraid/ It's for Organizr but has lots of sub directory examples. If you want live support I recommend checking out the Organizr discord. https://organizr.us/discord We help people from scratch getting all set up with a domain and reverse proxy everything everyday. 1 Quote Link to comment
dalben Posted April 12, 2018 Share Posted April 12, 2018 On 11/04/2018 at 12:10 PM, aptalca said: Post a docker log Not sure if this was missed or not. 23 hours ago, dalben said: Two logs attached. One fresh start after zapping the container. One after a restart (in case it makes a difference). A couple of screen shots showing access to the nginx container from the interweb log_new.txt log_restart.txt Quote Link to comment
Drider Posted April 12, 2018 Share Posted April 12, 2018 (edited) 14 hours ago, GilbN said: I have some guides on https://technicalramblings.com https://technicalramblings.com/blog/how-to-setup-organizr-with-letsencrypt-on-unraid/ It's for Organizr but has lots of sub directory examples. If you want live support I recommend checking out the Organizr discord. https://organizr.us/discord We help people from scratch getting all set up with a domain and reverse proxy everything everyday. Thank you so much for your offer, it's a delightful change from the normal response I find on the infrequent posts for help I place here in the forums. I forced my way though 16 hours of reading posts, (10 invested before my original post), here in the forums, and trial and error after the initial response to my inquiry was basically met with the same information inquired by my posting. It's always frustrating learning new things with unRAID. Spending countless hours scouring Threads that are 100's of pages long, to finally piece together an understanding of a site-conf file, (and change a Cloudflare SSL setting I've still not seen mentioned), is just .... nerve wracking. Especially looking at it now in a completed working form, and seeing it's literally a 10 minute job. If only a quick reference of working files were stickied at the top of a thread, and not needing pieced together through 1800 posts.. (Many examples I found were conflicting, and took a lot of time to find correct syntax) ... and I know I've looked before, but am I not seeing where a Search Thread, or discussion option is?.. I don't even find it in the advanced search... Searching the entire forum for a specific item is ... Futile. Anyway, I was able to get to the point of a 502 error, and from there I backtracked to one of these posts I'd read having the same issue, and resolving. (setting proxy_pass to http and not https, again conflicting posts in this thread mostly showing https) I own a Business to Business consulting firm, and I really would love to start offing the benefits of unRAID to our clientele, but the support system is just infuriating. I just can't risk the time that could be potentially lost in troubleshooting answers in the bottomless abyss of these forums. Disclaimer to those that might think I'm being to harsh: No, I'm not a linux expert, Yes, I know what the search button does, and I typically don't even post until I've worn the thing out. Yes I HAVE learned many things from this forum. Yes, I understand every setup is different, and with different variables. Though I'm not an expert in all things I.T. I have enough natural talent in the field that I mostly piece things together by deciphering working examples. I'm sorry for the rant, I guess I'm just very analytical, and wish there was a better learn "on your own support system" for unRAID, or at least a more organized way of finding key information. Time is quite valuable. Thanks again for your offer of assistance. (It's late, and been a long day, I'm sure there's a few typos in this post, my apologies.) Edited April 12, 2018 by Drider Quote Link to comment
sse450 Posted April 12, 2018 Share Posted April 12, 2018 (edited) I had a working letsencrpyt+nextcloud dockers with cloudflare wild card dns cert. I relocated the server to a new physical location with again a static IP. However, lan ip range was also changed from 192.168.1.* to 10.0.0.*. I changed unRAID ip fine. I also changed all A records at cloudflare for the new IP and made the necessary port forward (443 --> 444, 80 --> 81). Restarted the docker without any error. I did also the changes in NC config.php. But, still I cannot access to nextcloud using https://cloud.mydomain.com.The browser says that it is an illegal certificate. What am I missing? Thanks. EDIT: Never mind. The port was wrong. Thanks. Edited April 12, 2018 by sse450 Quote Link to comment
aptalca Posted April 12, 2018 Share Posted April 12, 2018 5 hours ago, dalben said: Not sure if this was missed or not. This is the problem: Domain: <myDomain>.com Type: unauthorized Detail: Invalid response from http://<myDomain>.com/.well-known/acme-challenge/rJ8VKGkOO2WhCIj6JJkgTrQCRrLU_Lno-XuWe6pU10U [222.164.xxx.xxx]: 404 When letsencrypt tries to connect to your domain at port 80, it doesn't reach the right container. Either there is a problem with the port forwarding, or there's something else that's listening on port 80. Oy can post your port forward and dns settings here if you want us to take a look Quote Link to comment
dalben Posted April 12, 2018 Share Posted April 12, 2018 1 hour ago, aptalca said: Oy can post your port forward and dns settings here if you want us to take a look I came home to find the server had hung. Power cycled it to get it going with no problem. Started the letsencrypt docker so I could see the logs again and FMD letsencrypt started fine, pulled the certs and installed everything. I just checked from my phone and the site is accessible. I have no idea what it didn't work or why it works now. Nothing has changed. But I remember now why "have you tried restarting your machine" was the first question asked from support people. Thanks and sorry for wasting your time Quote Link to comment
aptalca Posted April 13, 2018 Share Posted April 13, 2018 22 hours ago, dalben said: I came home to find the server had hung. Power cycled it to get it going with no problem. Started the letsencrypt docker so I could see the logs again and FMD letsencrypt started fine, pulled the certs and installed everything. I just checked from my phone and the site is accessible. I have no idea what it didn't work or why it works now. Nothing has changed. But I remember now why "have you tried restarting your machine" was the first question asked from support people. Thanks and sorry for wasting your time Glad it's working now Quote Link to comment
sgt_spike Posted April 13, 2018 Share Posted April 13, 2018 Could someone point me in the right direction to setup a connection to mariadb? I want to be able to connect to a db from a webpage and query it. Quote Link to comment
aptalca Posted April 13, 2018 Share Posted April 13, 2018 2 hours ago, sgt_spike said: Could someone point me in the right direction to setup a connection to mariadb? I want to be able to connect to a db from a webpage and query it. Do you need help with connecting to mariadb or are you looking for a web based software solution that does remote mysql queries? Quote Link to comment
sgt_spike Posted April 13, 2018 Share Posted April 13, 2018 (edited) 1 hour ago, aptalca said: Do you need help with connecting to mariadb or are you looking for a web based software solution that does remote mysql queries? connecting to mariadb I have letsencrypt docker and mariadb docker installed on unraid. I want to host a site that can query the db to some me movie titles thx Edited April 13, 2018 by sgt_spike Quote Link to comment
aptalca Posted April 13, 2018 Share Posted April 13, 2018 1 hour ago, sgt_spike said: connecting to mariadb I have letsencrypt docker and mariadb docker installed on unraid. I want to host a site that can query the db to some me movie titles thx While you're setting up the site, when it asks for the database info, enter your host (unraid) ip adress and the port you mapped 3306 to Quote Link to comment
sgt_spike Posted April 13, 2018 Share Posted April 13, 2018 6 minutes ago, aptalca said: While you're setting up the site, when it asks for the database info, enter your host (unraid) ip adress and the port you mapped 3306 to Can you please be more specific? Quote Link to comment
mkono87 Posted April 14, 2018 Share Posted April 14, 2018 So while I was on vacation my Edgerouter X decided to stop responding so when I got home, I had no choice to hard reset it and reconfigure it. Most things are working in Nas and can confirm my ddns is working but all my web apps going through nginx says refuse to connect. Also noticed things like tautulli is not sending me pushbullet updates. Would it be a good idea to resintall the docker and copy over the nginx default file? Im not sure what else to do. Everything looks untouched and I made sure the port forwarding is correct in my router. Quote Link to comment
saarg Posted April 14, 2018 Share Posted April 14, 2018 2 hours ago, mkono87 said: So while I was on vacation my Edgerouter X decided to stop responding so when I got home, I had no choice to hard reset it and reconfigure it. Most things are working in Nas and can confirm my ddns is working but all my web apps going through nginx says refuse to connect. Also noticed things like tautulli is not sending me pushbullet updates. Would it be a good idea to resintall the docker and copy over the nginx default file? Im not sure what else to do. Everything looks untouched and I made sure the port forwarding is correct in my router. I wouldn't touch the containers. The error was with your router, so it's something not configured correctly there I guess. Quote Link to comment
mkono87 Posted April 14, 2018 Share Posted April 14, 2018 (edited) 8 hours ago, saarg said: I wouldn't touch the containers. The error was with your router, so it's something not configured correctly there I guess. funny thing is I decided to have unraid static from within settings. Before, I use my router to map static ips to the Mac address. so I did that I got some notifications in tautulli working again. still no proxy working but step in the right direction. edit: reinstalled the container, then copy and pasted the config and everything is working again Edited April 15, 2018 by mkono87 Quote Link to comment
Rene Posted April 14, 2018 Share Posted April 14, 2018 Can you help me setup this docker, I want to use it with nextcloud? Quote Link to comment
Sinister Posted April 15, 2018 Share Posted April 15, 2018 (edited) cqan someone please point me in the right direction im trying to set this docker up with owjncloud i folled chmb guide here https://blog.linuxserver.io/2017/05/10/installing-nextcloud-on-unraid-with-letsencrypt-reverse-proxy and for the most part have things going when i launch the letsencrypt docker i get taken to welcome to our server but when i launch owncloud i get 502 bad gateway ive been at this for 22 hours any help would be greatly appreciated Edited April 15, 2018 by Sinister Quote Link to comment
GilbN Posted April 15, 2018 Share Posted April 15, 2018 (edited) 4 hours ago, Sinister said: cqan someone please point me in the right direction im trying to set this docker up with owjncloud i folled chmb guide here https://blog.linuxserver.io/2017/05/10/installing-nextcloud-on-unraid-with-letsencrypt-reverse-proxy and for the most part have things going when i launch the letsencrypt docker i get taken to welcome to our server but when i launch owncloud i get 502 bad gateway ive been at this for 22 hours any help would be greatly appreciated 1. You are proxy_passing http not https. AND you are proxy_passing the letsencrypt container?! you need to proxy_pass the NEXTCLOUD container! proxy_pass https://192.168.1.113:8443; 2: you config.php is wrong it needs to be 'overwrite.cli.url' => 'https://YOURsubdomain.duckdns.org', NOT you localip to nextcloud Edited April 15, 2018 by GilbN Quote Link to comment
GilbN Posted April 15, 2018 Share Posted April 15, 2018 14 hours ago, Rene said: Can you help me setup this docker, I want to use it with nextcloud? https://blog.linuxserver.io/2017/05/10/installing-nextcloud-on-unraid-with-letsencrypt-reverse-proxy/ Quote Link to comment
Rene Posted April 15, 2018 Share Posted April 15, 2018 2 hours ago, GilbN said: https://blog.linuxserver.io/2017/05/10/installing-nextcloud-on-unraid-with-letsencrypt-reverse-proxy/ I don't know how to do the Let's Encrypt part, I'm not good with the command line stuff. Quote Link to comment
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.