bobbintb Posted July 20, 2019 Share Posted July 20, 2019 17 hours ago, saarg said: I think you don't fully understand port forwarding. You are not forwarding port 8008. You are forwarding port 80 on the Wan side to port 8008 on the container. So on the wsn side it's always 443 and 80, but in the actual router/firewall you use the Wan side ports as the source ports and the ports you set in the container template you set as the destination ports. From looking at your screenshot, you are just opening the ports, and not port forwarding. No, I fully understand port forwarding. I'm just really distracted lately and at the risk of getting too personal, I'm on some new ADD meds that are kind of messing with my memory and cognition (and you guys have been super patient with me so thanks). I see what you are saying now, I just didn't notice it before. The router doesn't allow me that level of control like my other did and I just didn't notice it until you said something. It seems I can only forward a port to a specific IP of the SAME port. The layout sucks but it seems start port and end port refers to port range and not source and destination. I included a stock image of the menu (not what I actually have in my settings). So I don't think I can forward port 80 from outside my network to 8008 on my UnRAID server, just 80 to 80. I may have to go back to my previous set up. This is kind of what I meant when I said the feature of ISP branded routers being sub-par. Quote Link to comment
aptalca Posted July 20, 2019 Share Posted July 20, 2019 1 hour ago, bobbintb said: No, I fully understand port forwarding. I'm just really distracted lately and at the risk of getting too personal, I'm on some new ADD meds that are kind of messing with my memory and cognition (and you guys have been super patient with me so thanks). I see what you are saying now, I just didn't notice it before. The router doesn't allow me that level of control like my other did and I just didn't notice it until you said something. It seems I can only forward a port to a specific IP of the SAME port. The layout sucks but it seems start port and end port refers to port range and not source and destination. I included a stock image of the menu (not what I actually have in my settings). So I don't think I can forward port 80 from outside my network to 8008 on my UnRAID server, just 80 to 80. I may have to go back to my previous set up. This is kind of what I meant when I said the feature of ISP branded routers being sub-par. I believe you need to change the remote port shown on there Quote Link to comment
aptalca Posted July 20, 2019 Share Posted July 20, 2019 2 hours ago, Chandler said: Alright, I've been reading through this forum getting all the answers to my problems so far. I was able to figure it out and get everything in a working state. I just have just a few questions now -- On startup I see the alert about the LuaJIT version issue, is that a problem? I also see the warnings for conflicting server names. How do I fix that? I have only used the default templates and only edited them where necessary. Certificate exists; parameters unchanged; starting nginx [cont-init.d] 50-config: exited 0. [cont-init.d] 99-custom-files: executing... [custom-init] no custom files found exiting... [cont-init.d] 99-custom-files: exited 0. [cont-init.d] done. [services.d] starting services [services.d] done. nginx: [alert] detected a LuaJIT version which is not OpenResty's; many optimizations will be disabled and performance will be compromised (see https://github.com/openresty/luajit2 for OpenResty's LuaJIT or, even better, consider using the OpenResty releases from https://openresty.org/en/download.html) nginx: [error] lua_load_resty_core failed to load the resty.core module from https://github.com/openresty/lua-resty-core; ensure you are using an OpenResty release from https://openresty.org/en/download.html (rc: 2, reason: module 'resty.core' not found: no field package.preload['resty.core'] no file './resty/core.lua' no file '/usr/share/luajit-2.1.0-beta3/resty/core.lua' no file '/usr/local/share/lua/5.1/resty/core.lua' no file '/usr/local/share/lua/5.1/resty/core/init.lua' no file '/usr/share/lua/5.1/resty/core.lua' no file '/usr/share/lua/5.1/resty/core/init.lua' no file '/usr/share/lua/common/resty/core.lua' no file '/usr/share/lua/common/resty/core/init.lua' no file './resty/core.so' no file '/usr/local/lib/lua/5.1/resty/core.so' no file '/usr/lib/lua/5.1/resty/core.so' no file '/usr/local/lib/lua/5.1/loadall.so' no file './resty.so' no file '/usr/local/lib/lua/5.1/resty.so' no file '/usr/lib/lua/5.1/resty.so' no file '/usr/local/lib/lua/5.1/loadall.so') nginx: [warn] conflicting server name "ombi.*" on 0.0.0.0:443, ignored nginx: [warn] conflicting server name "sl.*" on 0.0.0.0:443, ignored nginx: [warn] conflicting server name "tautulli.*" on 0.0.0.0:443, ignored nginx: [warn] conflicting server name "ombi.*" on [::]:443, ignored nginx: [warn] conflicting server name "sl.*" on [::]:443, ignored nginx: [warn] conflicting server name "tautulli.*" on [::]:443, ignored Server ready In my default site config I enable the http redirect to https server { listen 80; listen [::]:80; server_name _; return 301 https://$host$request_uri; } This works for all dockers except for Tautulli. When I go to the http for that I get page not found, any ideas? Lua issues are harmless. Server name conflicts are a problem you need to fix. You likely have duplicate site configs Quote Link to comment
Chandler Posted July 20, 2019 Share Posted July 20, 2019 16 minutes ago, aptalca said: Lua issues are harmless. Server name conflicts are a problem you need to fix. You likely have duplicate site configs Ok I fixed the name conflicts. Accidentally included subdomains.conf twice in the default. Any idea on the Tautulli not redirecting to https when attempting to reach from http? Quote Link to comment
Greygoose Posted July 20, 2019 Share Posted July 20, 2019 (edited) Hi guys, I am trying to get airsonic to work, i have copied my nextcloud config and changed what i see is required but its not working. i have added the airsonic A RECORD to my domain, also in the docker subdomain Id be most grateful if assistance. NEXTCLOUD server { listen 443 ssl; server_name nextcloud.domain.co.uk; root /config/www; index index.html index.htm index.php; ###SSL Certificates ssl_certificate /config/keys/letsencrypt/fullchain.pem; ssl_certificate_key /config/keys/letsencrypt/privkey.pem; ###Diffie–Hellman key exchange ### ssl_dhparam /config/nginx/dhparams.pem; ###SSL Ciphers ssl_ciphers 'ECDHE-RSA-AES128-GCM-rr:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-rr-GCM-SHA384:DHE-RSA-AES128-GCM-SHA256:DHE-DSS-AES128-GCM-SHA256:kEDH+AESGCM:ECDHE-RSA-AES128-SHA256:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA:ECDHE-ECDSA-AES128-SHA:rr-RSA-AES256-SHA384:ECDHE-ECDSA-AES256-SHA384:ECDHE-RSA-AES256-SHA:ECDHE-ECDSA-rr-SHA:DHE-RSA-AES128-SHA256:DHE-RSA-AES128-SHA:DHE-DSS-AES128-SHA256:DHtE-RSA-AES256-SHA256:DHE-DSS-AES256-SHA:DHE-RSA-AES256-SHA:AES128-GCM-rr:AES256-GCM-SHA384:AES128-SHA256:AES256-SHA256:AES128-SHA:AES256-SHA:AES:CAMELLIA:DES-CBC3-SHA:!aNULL:!eNULL:!EXPORT:!DES:!RC4:!MD5:!PSK:!aECDH:!EDH-DSS-DES-CBC3-SHA:!EDH-RSA-DES-CBC3-SHA:!KRB5-DES-CBC3-SHA'; ###Extra Settings### ssl_prefer_server_ciphers on; ssl_session_cache shared:SSL:10m; ### Add HTTP Strict Transport Security ### add_header Strict-Transport-Security "max-age=63072000; includeSubdomains"; add_header Front-End-Https on; client_max_body_size 0; location / { proxy_pass https://192.168.1.200:446/; proxy_max_temp_file_size 2048m; include /config/nginx/proxy.conf; } AIRSONIC server { listen 443 ssl; server_name airsonic.domain.co.uk; root /config/www; index index.html index.htm index.php; ###SSL Certificates ssl_certificate /config/keys/letsencrypt/fullchain.pem; ssl_certificate_key /config/keys/letsencrypt/privkey.pem; ###Diffie–Hellman key exchange ### ssl_dhparam /config/nginx/dhparams.pem; ###SSL Ciphers ssl_ciphers 'ECDHE-RSA-AES128-GCM-rr:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-rr-GCM-SHA384:DHE-RSA-AES128-GCM-SHA256:DHE-DSS-AES128-GCM-SHA256:kEDH+AESGCM:ECDHE-RSA-AES128-SHA256:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA:ECDHE-ECDSA-AES128-SHA:rr-RSA-AES256-SHA384:ECDHE-ECDSA-AES256-SHA384:ECDHE-RSA-AES256-SHA:ECDHE-ECDSA-rr-SHA:DHE-RSA-AES128-SHA256:DHE-RSA-AES128-SHA:DHE-DSS-AES128-SHA256:DHtE-RSA-AES256-SHA256:DHE-DSS-AES256-SHA:DHE-RSA-AES256-SHA:AES128-GCM-rr:AES256-GCM-SHA384:AES128-SHA256:AES256-SHA256:AES128-SHA:AES256-SHA:AES:CAMELLIA:DES-CBC3-SHA:!aNULL:!eNULL:!EXPORT:!DES:!RC4:!MD5:!PSK:!aECDH:!EDH-DSS-DES-CBC3-SHA:!EDH-RSA-DES-CBC3-SHA:!KRB5-DES-CBC3-SHA'; ###Extra Settings### ssl_prefer_server_ciphers on; ssl_session_cache shared:SSL:10m; ### Add HTTP Strict Transport Security ### add_header Strict-Transport-Security "max-age=63072000; includeSubdomains"; add_header Front-End-Https on; client_max_body_size 0; location / { proxy_pass https://192.168.1.200:4040/; proxy_max_temp_file_size 2048m; include /config/nginx/proxy.conf; } Edited July 20, 2019 by Greygoose Quote Link to comment
aptalca Posted July 20, 2019 Share Posted July 20, 2019 12 hours ago, Chandler said: Ok I fixed the name conflicts. Accidentally included subdomains.conf twice in the default. Any idea on the Tautulli not redirecting to https when attempting to reach from http? Try incognito, 301 redirects are supposed to be permanent and are cached by the browser Quote Link to comment
aptalca Posted July 20, 2019 Share Posted July 20, 2019 16 minutes ago, Greygoose said: Hi guys, I am trying to get airsonic to work, i have copied my nextcloud config and changed what i see is required but its not working. i have added the airsonic A RECORD to my domain, also in the docker subdomain Id be most grateful if assistance. NEXTCLOUD server { listen 443 ssl; server_name nextcloud.domain.co.uk; root /config/www; index index.html index.htm index.php; ###SSL Certificates ssl_certificate /config/keys/letsencrypt/fullchain.pem; ssl_certificate_key /config/keys/letsencrypt/privkey.pem; ###Diffie–Hellman key exchange ### ssl_dhparam /config/nginx/dhparams.pem; ###SSL Ciphers ssl_ciphers 'ECDHE-RSA-AES128-GCM-rr:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-rr-GCM-SHA384:DHE-RSA-AES128-GCM-SHA256:DHE-DSS-AES128-GCM-SHA256:kEDH+AESGCM:ECDHE-RSA-AES128-SHA256:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA:ECDHE-ECDSA-AES128-SHA:rr-RSA-AES256-SHA384:ECDHE-ECDSA-AES256-SHA384:ECDHE-RSA-AES256-SHA:ECDHE-ECDSA-rr-SHA:DHE-RSA-AES128-SHA256:DHE-RSA-AES128-SHA:DHE-DSS-AES128-SHA256:DHtE-RSA-AES256-SHA256:DHE-DSS-AES256-SHA:DHE-RSA-AES256-SHA:AES128-GCM-rr:AES256-GCM-SHA384:AES128-SHA256:AES256-SHA256:AES128-SHA:AES256-SHA:AES:CAMELLIA:DES-CBC3-SHA:!aNULL:!eNULL:!EXPORT:!DES:!RC4:!MD5:!PSK:!aECDH:!EDH-DSS-DES-CBC3-SHA:!EDH-RSA-DES-CBC3-SHA:!KRB5-DES-CBC3-SHA'; ###Extra Settings### ssl_prefer_server_ciphers on; ssl_session_cache shared:SSL:10m; ### Add HTTP Strict Transport Security ### add_header Strict-Transport-Security "max-age=63072000; includeSubdomains"; add_header Front-End-Https on; client_max_body_size 0; location / { proxy_pass https://192.168.1.200:446/; proxy_max_temp_file_size 2048m; include /config/nginx/proxy.conf; } AIRSONIC server { listen 443 ssl; server_name airsonic.domain.co.uk; root /config/www; index index.html index.htm index.php; ###SSL Certificates ssl_certificate /config/keys/letsencrypt/fullchain.pem; ssl_certificate_key /config/keys/letsencrypt/privkey.pem; ###Diffie–Hellman key exchange ### ssl_dhparam /config/nginx/dhparams.pem; ###SSL Ciphers ssl_ciphers 'ECDHE-RSA-AES128-GCM-rr:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-rr-GCM-SHA384:DHE-RSA-AES128-GCM-SHA256:DHE-DSS-AES128-GCM-SHA256:kEDH+AESGCM:ECDHE-RSA-AES128-SHA256:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA:ECDHE-ECDSA-AES128-SHA:rr-RSA-AES256-SHA384:ECDHE-ECDSA-AES256-SHA384:ECDHE-RSA-AES256-SHA:ECDHE-ECDSA-rr-SHA:DHE-RSA-AES128-SHA256:DHE-RSA-AES128-SHA:DHE-DSS-AES128-SHA256:DHtE-RSA-AES256-SHA256:DHE-DSS-AES256-SHA:DHE-RSA-AES256-SHA:AES128-GCM-rr:AES256-GCM-SHA384:AES128-SHA256:AES256-SHA256:AES128-SHA:AES256-SHA:AES:CAMELLIA:DES-CBC3-SHA:!aNULL:!eNULL:!EXPORT:!DES:!RC4:!MD5:!PSK:!aECDH:!EDH-DSS-DES-CBC3-SHA:!EDH-RSA-DES-CBC3-SHA:!KRB5-DES-CBC3-SHA'; ###Extra Settings### ssl_prefer_server_ciphers on; ssl_session_cache shared:SSL:10m; ### Add HTTP Strict Transport Security ### add_header Strict-Transport-Security "max-age=63072000; includeSubdomains"; add_header Front-End-Https on; client_max_body_size 0; location / { proxy_pass https://192.168.1.200:4040/; proxy_max_temp_file_size 2048m; include /config/nginx/proxy.conf; } Define not working Quote Link to comment
Greygoose Posted July 20, 2019 Share Posted July 20, 2019 unable to access the airsonic from web browser via Quote Link to comment
aptalca Posted July 20, 2019 Share Posted July 20, 2019 1 hour ago, Greygoose said: unable to access the airsonic from web browser via Your confs don't match your logs. The web address you're trying to connect to has http auth turned on. It looks like you have a conf somewhere that has an incorrect server name set (with /airsonic at the end), etc. Either go back to defaults and start over, it post your full config or it is impossible for us to help you Quote Link to comment
Greygoose Posted July 20, 2019 Share Posted July 20, 2019 Thanks for the help Aptalca this is my default file server { listen 80; server_name www.domain.co.uk; return 301 https://.co.uk$request_uri; } server { listen 443; server_name www.domain.co.uk; return 301 https://.co.uk$request_uri; } server { listen 80; server_name domain.com; return 301 https://domain.co.uk$request_uri; } server { listen 443 ssl default_server; server_name domain.co.uk; add_header Front-End-Https on; root /config/www; index index.html index.htm index.php; location ~ \.php$ { fastcgi_split_path_info ^(.+\.php)(/.+)$; # With php5-cgi alone: fastcgi_pass 127.0.0.1:9000; # With php5-fpm: #fastcgi_pass unix:/var/run/php5-fpm.sock; fastcgi_index index.php; include /etc/nginx/fastcgi_params; } location /books { proxy_pass http://192.168.0.1:9083; proxy_set_header Host $http_host; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; proxy_set_header X-Scheme $scheme; proxy_set_header X-Script-Name /books; } # location ^~/books { # proxy_pass http://192.168.0.1:82/; # rewrite /books/?(.*) /$1 break; # auth_basic "Restricted"; # auth_basic_user_file /config/nginx/.htpasswd; # include /config/nginx/proxy.conf; #} location /booksonic { proxy_pass http://192.168.0.1:4040/booksonic; proxy_set_header X-Real-IP $remote_addr; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; } location /couch { proxy_pass http://192.168.0.1:5050/couch; auth_basic "Restricted"; auth_basic_user_file /config/nginx/.htpasswd; include /config/nginx/proxy.conf; } location /deluge { proxy_pass http://192.168.0.1:8112/; proxy_set_header X-Deluge-Base "/deluge/"; auth_basic "Restricted"; auth_basic_user_file /config/nginx/.htpasswd; include /config/nginx/proxy.conf; } location /emby { # Send traffic to the backend proxy_pass http://192.168.0.1:8096/emby; proxy_set_header X-Real-IP $remote_addr; proxy_set_header X-Forwarded-for $proxy_add_x_forwarded_for; proxy_set_header Host $host; proxy_set_header X-Forwarded-Proto $remote_addr; proxy_set_header X-Forwarded-Protocol $scheme; proxy_redirect off; # Send websocket data to the backend aswell proxy_http_version 1.1; proxy_set_header Upgrade $http_upgrade; proxy_set_header Connection "upgrade"; } location /headphones { proxy_pass http://192.168.0.1:8178/headphones; auth_basic "Restricted"; auth_basic_user_file /config/nginx/.htpasswd; include /config/nginx/proxy.conf; } location /htpc { proxy_pass http://192.168.0.1:8085/htpc; auth_basic "Restricted"; auth_basic_user_file /config/nginx/.htpasswd; include /config/nginx/proxy.conf; } location /lazylibrarian { proxy_pass http://192.168.0.1:5299/lazylibrarian; auth_basic "Restricted"; auth_basic_user_file /config/nginx/.htpasswd; include /config/nginx/proxy.conf; } location /mylar { proxy_pass http://192.168.0.1:8090/mylar; auth_basic "Restricted"; auth_basic_user_file /config/nginx/.htpasswd; include /config/nginx/proxy.conf; } location /nzbget { proxy_pass http://192.168.0.1:6789/nzbget; auth_basic "Restricted"; auth_basic_user_file /config/nginx/.htpasswd; include /config/nginx/proxy.conf; } location /hydra { proxy_pass http://192.168.0.1:5075/hydra; auth_basic "Restricted"; auth_basic_user_file /config/nginx/.htpasswd; include /config/nginx/proxy.conf; } location /plex { proxy_pass http://192.168.1.200:32400/web; include /config/nginx/proxy.conf; } location /web { proxy_pass http://192.168.0.150:32400/web; include /config/nginx/proxy.conf; } location /plexpy/ { proxy_pass http://192.168.0.1:8181; include /config/nginx/proxy.conf; proxy_bind $server_addr; proxy_set_header X-Forwarded-Host $server_name; proxy_set_header X-Forwarded-Ssl on; auth_basic "Restricted"; auth_basic_user_file /config/nginx/.htpasswd; } location /requests { proxy_pass http://192.168.0.1:3579/requests; include /config/nginx/proxy.conf; } location /radarr { proxy_pass http://192.168.1.200:7878/radarr; auth_basic "Restricted"; auth_basic_user_file /config/nginx/.htpasswd; include /config/nginx/proxy.conf; } location /sonarr { proxy_pass http://192.168.1.200:8989/sonarr; auth_basic "Restricted"; auth_basic_user_file /config/nginx/.htpasswd; include /config/nginx/proxy.conf; } location /ubooquity { proxy_pass http://192.168.0.1:2202/ubooquity; auth_basic "Restricted"; auth_basic_user_file /config/nginx/.htpasswd; include /config/nginx/proxy.conf; } location /airsonic { proxy_pass http://192.168.0.1:4040/airsonic; auth_basic "Restricted"; auth_basic_user_file /config/nginx/.htpasswd; include /config/nginx/proxy.conf; } Quote Link to comment
Greygoose Posted July 20, 2019 Share Posted July 20, 2019 this is my airsonic file server { listen 443 ssl; server_name airsonic.domain.co.uk; root /config/www; index index.html index.htm index.php; ###SSL Certificates ssl_certificate /config/keys/letsencrypt/fullchain.pem; ssl_certificate_key /config/keys/letsencrypt/privkey.pem; ###Diffie–Hellman key exchange ### ssl_dhparam /config/nginx/dhparams.pem; ###SSL Ciphers ssl_ciphers 'ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES256-GCM-SHA384:DHE-RSA-AES128-GCM-SHA256:DHE-DSS-AES128-GCM-SHA256:kEDH+AESGCM:ECDHE-RSA-AES128-SHA256:ECDHE-ECDSA-AES128-SHA256:ECDHE-C3-SHA'; ###Extra Settings### ssl_prefer_server_ciphers on; ssl_session_cache shared:SSL:10m; ### Add HTTP Strict Transport Security ### add_header Strict-Transport-Security "max-age=63072000; includeSubdomains"; add_header Front-End-Https on; client_max_body_size 0; location / { proxy_pass https://192.168.1.200:4040/; proxy_max_temp_file_size 2048m; include /config/nginx/proxy.conf; } } Quote Link to comment
Greygoose Posted July 20, 2019 Share Posted July 20, 2019 this is my proxy conf client_max_body_size 10m; client_body_buffer_size 128k; #Timeout if the real server is dead proxy_next_upstream error timeout invalid_header http_500 http_502 http_503; # Advanced Proxy Config send_timeout 5m; proxy_read_timeout 240; proxy_send_timeout 240; proxy_connect_timeout 240; # Basic Proxy Config proxy_set_header Host $host:$server_port; proxy_set_header X-Real-IP $remote_addr; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; proxy_set_header X-Forwarded-Proto https; proxy_redirect http:// $scheme://; proxy_http_version 1.1; proxy_set_header Connection ""; proxy_cache_bypass $cookie_session; proxy_no_cache $cookie_session; proxy_buffers 32 4k; Quote Link to comment
saarg Posted July 20, 2019 Share Posted July 20, 2019 51 minutes ago, Greygoose said: this is my proxy conf client_max_body_size 10m; client_body_buffer_size 128k; #Timeout if the real server is dead proxy_next_upstream error timeout invalid_header http_500 http_502 http_503; # Advanced Proxy Config send_timeout 5m; proxy_read_timeout 240; proxy_send_timeout 240; proxy_connect_timeout 240; # Basic Proxy Config proxy_set_header Host $host:$server_port; proxy_set_header X-Real-IP $remote_addr; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; proxy_set_header X-Forwarded-Proto https; proxy_redirect http:// $scheme://; proxy_http_version 1.1; proxy_set_header Connection ""; proxy_cache_bypass $cookie_session; proxy_no_cache $cookie_session; proxy_buffers 32 4k; Why not use our supplied airsonic proxy conf that works? Quote Link to comment
Greygoose Posted July 20, 2019 Share Posted July 20, 2019 Hi Sarrg, I have tried this using the airconic, domain sample. I renamed it to airsonic and copied into the nginx/site-confs folder # make sure that your dns has a cname set for airsonic and that your airsonic container is not using a base url server { listen 443 ssl; listen [::]:443 ssl; server_name airsonic.domain.co.uk*; include /config/nginx/ssl.conf; client_max_body_size 0; # enable for ldap auth, fill in ldap details in ldap.conf #include /config/nginx/ldap.conf; location / { # enable the next two lines for http auth #auth_basic "Restricted"; #auth_basic_user_file /config/nginx/.htpasswd; # enable the next two lines for ldap auth #auth_request /auth; #error_page 401 =200 /login; include /config/nginx/proxy.conf; resolver 127.0.0.11 valid=30s; set $upstream_airsonic airsonic; proxy_pass http://192.168.1.100:4040; } } } Quote Link to comment
Greygoose Posted July 20, 2019 Share Posted July 20, 2019 now ghet this from lets encypt logs Quote Link to comment
Greygoose Posted July 20, 2019 Share Posted July 20, 2019 So i renamed the subdomain conf file to airsonic and copyed into the site-confs folder, still getting the issue above. # make sure that your dns has a cname set for airsonic and that your airsonic container is not using a base url server { listen 443 ssl; listen [::]:443 ssl; server_name airsonic.*; include /config/nginx/ssl.conf; client_max_body_size 0; # enable for ldap auth, fill in ldap details in ldap.conf #include /config/nginx/ldap.conf; location / { # enable the next two lines for http auth #auth_basic "Restricted"; #auth_basic_user_file /config/nginx/.htpasswd; # enable the next two lines for ldap auth #auth_request /auth; #error_page 401 =200 /login; include /config/nginx/proxy.conf; resolver 127.0.0.11 valid=30s; set $upstream_airsonic airsonic; proxy_pass http://$upstream_airsonic:4040; } } Quote Link to comment
Greygoose Posted July 20, 2019 Share Posted July 20, 2019 when i remove the airsonic file from the site-confs folder then nextcloud works fine without any issues. I'm lost. 4hrs into this now Quote Link to comment
Greygoose Posted July 20, 2019 Share Posted July 20, 2019 PROGRESS I deleted the letsencrypt docker & folder. I started fresh with spaceinvader one guide. 10minutes later things look much better,. however I now get this error, its getting the airsonic docker via the domain but this error below Quote Link to comment
saarg Posted July 21, 2019 Share Posted July 21, 2019 2 hours ago, Greygoose said: PROGRESS I deleted the letsencrypt docker & folder. I started fresh with spaceinvader one guide. 10minutes later things look much better,. however I now get this error, its getting the airsonic docker via the domain but this error below You don't move the files. You just remove the sample part from the file. And also read the top of the file to check if you have to make any changes. Quote Link to comment
aptalca Posted July 21, 2019 Share Posted July 21, 2019 You're only supposed to rename the files, not move them to different folders. Documentation is pretty clear on that. 1 Quote Link to comment
Greygoose Posted July 21, 2019 Share Posted July 21, 2019 guys, sorry for wasting your time. all sorted now. I also changed the context path in the airsonic docker to work using airsonic.domain instead of the airsonic.domain/airsonic I was making things way too complex, you guys did all the work. Thank you, thnak you for now loosing it with me Quote Link to comment
strike Posted July 21, 2019 Share Posted July 21, 2019 (edited) Any news on adding the geoip2 module? I see from this link that @aptalca submitted a PR https://gitlab.alpinelinux.org/alpine/aports/issues/10068 Edit: Maybe I should try and update the container, clicking the PR link I see it was added to 3.10. Yup, update was all that was needed. I love you guys! 😍 Edited July 21, 2019 by strike Quote Link to comment
bobbintb Posted July 22, 2019 Share Posted July 22, 2019 On 7/19/2019 at 8:02 PM, aptalca said: I believe you need to change the remote port shown on there Weird, that column is in the stock image but not on my actual router. I did try the remote port settings but I must have done it wrong initially because I tried it just now and it worked. Hopefully I can manage from here. Thanks for the help, I know I wasn't making things easy but I just really needed another set of eyes because I haven't been able to keep things straight lately. Quote Link to comment
Lien1454 Posted July 23, 2019 Share Posted July 23, 2019 On 7/15/2019 at 11:10 PM, aptalca said: That command creates the credentials file. Then edit your site config files to enable it for whatever location you want I'm trying this in the console for the letsencrypt docker. I must be doing something wrong... root@27g4c5326171:/# docker exec -it letsencrypt htpasswd -c /config/nginx/.htpasswd sh: docker: not found root@27g4c5326171:/# exec -it letsencrypt htpasswd -c /config/nginx/.htpasswd sh: exec: illegal option -i root@27g4c5326171:/# Quote Link to comment
aptalca Posted July 24, 2019 Share Posted July 24, 2019 4 hours ago, Lien1454 said: I'm trying this in the console for the letsencrypt docker. I must be doing something wrong... root@27g4c5326171:/# docker exec -it letsencrypt htpasswd -c /config/nginx/.htpasswd sh: docker: not found root@27g4c5326171:/# exec -it letsencrypt htpasswd -c /config/nginx/.htpasswd sh: exec: illegal option -i root@27g4c5326171:/# "docker exec -it letsencrypt" is used to run things things inside the container while you're on the host console, outside of the container. If you're already inside the container, just run the part that starts with htpasswd Quote Link to comment
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.