ijuarez Posted August 19, 2018 Share Posted August 19, 2018 I might have not been clear. I have a personal domain (not the duckdns). So that domain needs DNS settings for the CNAME's, which I like Cloudlfare's interface for.I also use my own domain, (Google) and use cloudflare for DNS validation because my ISP blocks Port 80. But when I did my certs I use did a wild card so any subdomains would be covered. As far as the cname I have not done that as I use my firewall to the dynamic DNS client so I am going to assume once my LE config file is configured it will work..Sent from my BND-L34 using Tapatalk Quote Link to comment
ijuarez Posted August 20, 2018 Share Posted August 20, 2018 On 8/19/2018 at 1:17 AM, Kaizac said: I might have not been clear. I have a personal domain (not the duckdns). So that domain needs DNS settings for the CNAME's, which I like Cloudlfare's interface for. I had the same problem today took me awhile to figure it out, if you leave the proxy on in cloudflare you are using their proxy and it does not read you config file, it reads theirs. Quote Link to comment
Saldash Posted August 23, 2018 Share Posted August 23, 2018 Hi all, I'm having a small problem trying to get reverse proxy working for specific containers. Following SpaceInvaderOne's YT video (https://www.youtube.com/watch?v=I0lhZc25Sro) - I have Radarr, Sonarr & Heimdall working perfectly fine, but I'd like to pass through the chvb/docker-apache-php docker (named "apache"). Things I've done; I have a custom domain with subdomains CNAME'd to a no-ip ddns address (working) I have passed through all the required ports on my router (working) The LetsEncrypt container has my custom domain set and subdomains are listed (unraid,radarr,sonarr,heimdall,apache,) and it starts and successfully as per the video There wasn't a sample conf file in the LetsEncrypt container for the apache container, so I created one (apache.subdomain.conf) and copied the contents of the heimdall conf file into this file and changed: server_name apache.*; set $upstream_ApachePHP apache; proxy_pass https://$upstream_ApachePHP:8443; # Matches apache container host port 2 :8443, container port :443 Saved, and restarted the letsencrypt container. The problem I'm getting, is that while Radarr, Sonarr & Heimdall work perfectly, if I navigate to apache.mydomain.com I get a 502 Bad Gateway error from nginx. I also get the LetsEncrypt default web site when I try to access unraid.mydomain.com, which is fine as I don't need it, but I don't know why this works. If I change the apache.subdomain.conf file and only change set $upstream_ApachePHP apache; to set $upstream_ApachePHP heimdall; I get Heimdall and not apache (as I expected), so I don't know if this is an issue with the apache container or something else. If someone can help point me in the right direction that would be really great! Thanks Quote Link to comment
GilbN Posted August 23, 2018 Share Posted August 23, 2018 can I ask why you are trying to proxy the apache webserver when you already have a better webserver running? Quote Link to comment
planetwilson Posted August 24, 2018 Share Posted August 24, 2018 (edited) Only discovered the DNS method of updating with Cloudflare today - awesome! much easier UPDATE: and wildcards too! extra awesome! Edited August 24, 2018 by planetwilson Quote Link to comment
Saldash Posted August 24, 2018 Share Posted August 24, 2018 11 hours ago, GilbN said: can I ask why you are trying to proxy the apache webserver when you already have a better webserver running? Out of curiosity and inexperience. I eventually want to pass through a Windows VM running an ASP.NET application, but with the router forwarding all requests to the letsencrypt container I figured I should start there with something less complex first and work my way through. Also, what better web server are you referring to? The LetsEncrypt one? Quote Link to comment
Kaizac Posted August 26, 2018 Share Posted August 26, 2018 On 8/20/2018 at 10:42 PM, ijuarez said: I had the same problem today took me awhile to figure it out, if you leave the proxy on in cloudflare you are using their proxy and it does not read you config file, it reads theirs. Solution is to put the SSL mode in Cloudflare on the Strict mode. Then it works with the CF proxy and your own LE config. Quote Link to comment
ijuarez Posted August 26, 2018 Share Posted August 26, 2018 Solution is to put the SSL mode in Cloudflare on the Strict mode. Then it works with the CF proxy and your own LE config.Cool I will try thatSent from my BND-L34 using Tapatalk Quote Link to comment
Ray Posted August 27, 2018 Share Posted August 27, 2018 I followed Spaceinvaderone's video in getting Nextcloud running with letsencrypt and a personal DNS and everything seems to be working great. However, if I go to my public IP address I land on a page that shows: Welcome to our server The website is currently being setup under this address. For help and support, please contact: [email protected] Is there a way to prevent that? Quote Link to comment
ijuarez Posted August 27, 2018 Share Posted August 27, 2018 I followed Spaceinvaderone's video in getting Nextcloud running with letsencrypt and a personal DNS and everything seems to be working great. However, if I go to my public IP address I land on a page that shows: Welcome to our server The website is currently being setup under this address. For help and support, please contact: [email protected] Is there a way to prevent that? You can change the default index.html page to a meme of can I haz a cheeseburger if you want. Very easy it's in the ngix/www subfolder of the let'sencrypt config folder. Sent from my BND-L34 using Tapatalk Quote Link to comment
Ray Posted August 27, 2018 Share Posted August 27, 2018 19 minutes ago, ijuarez said: You can change the default index.html page to a meme of can I haz a cheeseburger if you want. Very easy it's in the ngix/www subfolder of the let'sencrypt config folder. Sent from my BND-L34 using Tapatalk Can I have it not respond at all? Quote Link to comment
aptalca Posted August 27, 2018 Share Posted August 27, 2018 14 minutes ago, Ray said: Can I have it not respond at all? Sure, remove the location block for "/" or that whole server block 1 Quote Link to comment
ijuarez Posted August 27, 2018 Share Posted August 27, 2018 16 hours ago, Kaizac said: Solution is to put the SSL mode in Cloudflare on the Strict mode. Then it works with the CF proxy and your own LE config. worked like a charmed Quote Link to comment
alturismo Posted August 31, 2018 Share Posted August 31, 2018 (edited) Hi, may i ask if there is a working solution to get unraid webgui working, im stuck to get it running on a friends place where i installed unraid. he uses 1 dyndns address, so i tried location / ... as /unraid shouldnt work at all what i readed so far. but i get no chance to get it properly displayed, and as i need both ports (80 and 443) for certbot renewal ... i would then prefer unraid behind the reverse proxy. may a sample config therefore ? thanks ahead. ### solved had to remove following default values location ~ \.php$ { fastcgi_split_path_info ^(.+\.php)(/.+)$; # With php7-cgi alone: fastcgi_pass 127.0.0.1:9000; # With php7-fpm: #fastcgi_pass unix:/var/run/php7-fpm.sock; fastcgi_index index.php; include /etc/nginx/fastcgi_params; } may a hint what this is good for ? i use nginx as reverse proxy only ... Edited August 31, 2018 by alturismo solved Quote Link to comment
GilbN Posted September 1, 2018 Share Posted September 1, 2018 13 hours ago, alturismo said: Hi, may i ask if there is a working solution to get unraid webgui working, im stuck to get it running on a friends place where i installed unraid. he uses 1 dyndns address, so i tried location / ... as /unraid shouldnt work at all what i readed so far. but i get no chance to get it properly displayed, and as i need both ports (80 and 443) for certbot renewal ... i would then prefer unraid behind the reverse proxy. may a sample config therefore ? thanks ahead. ### solved had to remove following default values location ~ \.php$ { fastcgi_split_path_info ^(.+\.php)(/.+)$; # With php7-cgi alone: fastcgi_pass 127.0.0.1:9000; # With php7-fpm: #fastcgi_pass unix:/var/run/php7-fpm.sock; fastcgi_index index.php; include /etc/nginx/fastcgi_params; } may a hint what this is good for ? i use nginx as reverse proxy only ... It's for serving php web pages. Don't reverse proxy the unraid gui, use a VPN instead.. 1000x more secure. Quote Link to comment
alturismo Posted September 1, 2018 Share Posted September 1, 2018 i know VPN ... still not an option and i would be fine with htauth (also listening ONLY on dns name), no idea what i did, now its not working anymore properly with disabling the php lines ... so, if someone has an tutorial would be nice. im just confused cause on my server with its own unraid.mydomain.com its just easy as ... on my friends server i only have 1 domain for everything, so name.mydomain.com should be unraid, and the sub like name.mydomain.com/plex should point to plex ... Quote Link to comment
ijuarez Posted September 1, 2018 Share Posted September 1, 2018 On 8/26/2018 at 11:07 PM, ijuarez said: worked like a charmed So i this has been working but noticed that when i check on my cert (cause im that guy) it looks like its been provided by Comodo, which is cloudlflares. Its a little odd i think. Quote Link to comment
Chess Posted September 3, 2018 Share Posted September 3, 2018 Hello All, I've been trying to get this docker to work, however I'm not able to even get the default nginx page to be displayed. If I put the nginx container on the same ports I get the default page. I don't get anything in the logs for the docker, so I'm not sure where to look. Chess Quote Link to comment
aptalca Posted September 3, 2018 Share Posted September 3, 2018 12 hours ago, Chess said: Hello All, I've been trying to get this docker to work, however I'm not able to even get the default nginx page to be displayed. If I put the nginx container on the same ports I get the default page. I don't get anything in the logs for the docker, so I'm not sure where to look. Chess You're in the crystal ball territory Quote Link to comment
Chess Posted September 3, 2018 Share Posted September 3, 2018 1 hour ago, aptalca said: You're in the crystal ball territory Yep, I know. I'll keep plugging away and see if I can get some logs or something else to give us some hints to work from. Quote Link to comment
Saldash Posted September 4, 2018 Share Posted September 4, 2018 On 8/24/2018 at 11:28 AM, Saldash said: Out of curiosity and inexperience. I eventually want to pass through a Windows VM running an ASP.NET application, but with the router forwarding all requests to the letsencrypt container I figured I should start there with something less complex first and work my way through. Also, what better web server are you referring to? The LetsEncrypt one? Just as a matter of closure, I managed to achieve everything I wanted to (docker apps + windows server vm serving asp.net app). It's actually been quite fun discovering that the LetsEncrypt app is handling the SSL for me - IIS on the server only knows how to deal with HTTP but with this I get full SSL on my public sub.domain.com address. So I'm happy as a clam (until someone tells me I've done something critically foolish, which is bound to happen sooner or later!) Quote Link to comment
CHBMB Posted September 4, 2018 Share Posted September 4, 2018 Just as a matter of closure, I managed to achieve everything I wanted to (docker apps + windows server vm serving asp.net app). It's actually been quite fun discovering that the LetsEncrypt app is handling the SSL for me - IIS on the server only knows how to deal with HTTP but with this I get full SSL on my public sub.domain.com address. So I'm happy as a clam (until someone tells me I've done something critically foolish, which is bound to happen sooner or later!)Only used IIS for about a year and nearly put me off using web servers for life. Apache and Nginx are a damn dream after using that abomination.Sent from my Mi A1 using Tapatalk Quote Link to comment
ijuarez Posted September 4, 2018 Share Posted September 4, 2018 Only used IIS for about a year and nearly put me off using web servers for life. Apache and Nginx are a damn dream after using that abomination.Sent from my Mi A1 using TapatalkI agree, having to manage an iis server is painful. But it comes with Windows and has nice buttons that you can click onSent from my BND-L34 using Tapatalk Quote Link to comment
ijuarez Posted September 4, 2018 Share Posted September 4, 2018 Need a little help, setup ApacheGuacamole container and modified the sonarr proxy-conf with the guac settings. When i try to get it to it i get a 502 bad gateway. I am using dns validation since isp blocks port 80 (cloudflare) added the subdomain to CF as i did with my others. Container is on the same docker network called proxynet. Added my new subdomain to LE config so it created a new cert. i can access guac internally. Not sure what i am missing. this is working on test vps that i use before modifying my server. Below is code and attached picture. The only error i get is in the ngix error log about not being able to resolve, but not sure where to look. Fairly certain I missing something obvious. # make sure that your dns has a cname set for sonarr and that your sonarr container is not using a base url # to enable password access, uncomment the two auth_basic lines server { listen 443 ssl; server_name guacamole.*; include /config/nginx/ssl.conf; client_max_body_size 0; location / { # auth_basic "Restricted"; # auth_basic_user_file /config/nginx/.htpasswd; include /config/nginx/proxy.conf; resolver 127.0.0.11 valid=30s; set $upstream_guacamole ApacheGuacamole; proxy_pass http://$upstream_guacamole:8080; } } 2018/09/04 10:24:51 [error] 381#381: *20 apacheguacamole could not be resolved (3: Host not found), client: 172.69.68.37, server: guacamole.*, request: "GET / HTTP/1.1", host: "guacamole.lahoma.org" 2018/09/04 10:31:21 [error] 381#381: *21 apacheguacamole could not be resolved (3: Host not found), client: 172.69.68.4, server: guacamole.*, request: "GET / HTTP/1.1", host: "guacamole.lahoma.org" Quote Link to comment
aptalca Posted September 4, 2018 Share Posted September 4, 2018 2 hours ago, ijuarez said: Need a little help, setup ApacheGuacamole container and modified the sonarr proxy-conf with the guac settings. When i try to get it to it i get a 502 bad gateway. I am using dns validation since isp blocks port 80 (cloudflare) added the subdomain to CF as i did with my others. Container is on the same docker network called proxynet. Added my new subdomain to LE config so it created a new cert. i can access guac internally. Not sure what i am missing. this is working on test vps that i use before modifying my server. Below is code and attached picture. The only error i get is in the ngix error log about not being able to resolve, but not sure where to look. Fairly certain I missing something obvious. # make sure that your dns has a cname set for sonarr and that your sonarr container is not using a base url # to enable password access, uncomment the two auth_basic lines server { listen 443 ssl; server_name guacamole.*; include /config/nginx/ssl.conf; client_max_body_size 0; location / { # auth_basic "Restricted"; # auth_basic_user_file /config/nginx/.htpasswd; include /config/nginx/proxy.conf; resolver 127.0.0.11 valid=30s; set $upstream_guacamole ApacheGuacamole; proxy_pass http://$upstream_guacamole:8080; } } 2018/09/04 10:24:51 [error] 381#381: *20 apacheguacamole could not be resolved (3: Host not found), client: 172.69.68.37, server: guacamole.*, request: "GET / HTTP/1.1", host: "guacamole.lahoma.org" 2018/09/04 10:31:21 [error] 381#381: *21 apacheguacamole could not be resolved (3: Host not found), client: 172.69.68.4, server: guacamole.*, request: "GET / HTTP/1.1", host: "guacamole.lahoma.org" It seems the issue may be uppercase/lowercase related in the container name Quote Link to comment
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.