Skip to content
View in the app

A better way to browse. Learn more.

Unraid

A full-screen app on your home screen with push notifications, badges and more.

To install this app on iOS and iPadOS
  1. Tap the Share icon in Safari
  2. Scroll the menu and tap Add to Home Screen.
  3. Tap Add in the top-right corner.
To install this app on Android
  1. Tap the 3-dot menu (⋮) in the top-right corner of the browser.
  2. Tap Add to Home screen or Install app.
  3. Confirm by tapping Install.

[Support] Linuxserver.io - SWAG - Secure Web Application Gateway (Nginx/PHP/Certbot/Fail2ban)

Featured Replies

On ‎9‎/‎25‎/‎2018 at 5:51 AM, Blade said:

I have been noticing that letsencrypt most times does not want to stop properly and it thinks it has stopped but unraid still says it is running

Only way to fix it is to stop and start the docker system

Anyone one seeing this?

Are you using Internet explorer?

Try Edge or firefox.

 

  • Replies 6.2k
  • Views 1.5m
  • Created
  • Last Reply

Top Posters In This Topic

Most Popular Posts

  • Confirming this worked for me too. Not sure I needed to replace both, but I did anyway and Swag and Nextcloud are both back and up and running. For noobs like me, here's what I did: 1. Stop

  • I will only post this once. Feel free to refer folks to this post.   A few points of clarification:   The last update of this image didn't break things. Letsencrypt abruptly disabl

  • BigBoyMarky
    BigBoyMarky

    I replaced both the ssl.conf and nginx.conf files with the sample ones to update them since I did not make any custom modifications to either one of those and this resolved my issue.

Posted Images

19 hours ago, Sinister said:

same ive tried asking and been at this for 16 hours seen the video back and forth many times definitely something missing here only an a super advanced person would know

I guess you now have this working then. What out of interest was your problem?

10 minutes ago, MMW said:

I guess you now have this working then. What out of interest was your problem?

i certainly dont have it working i did everything that was outlined in the video made sure it was right down to the last colon still no dice im waiting for the answer like everyone else

29 minutes ago, Sinister said:

i certainly dont have it working i did everything that was outlined in the video made sure it was right down to the last colon still no dice im waiting for the answer like everyone else

So ............... is not your nextcloud system then?

Edited by MMW

3 minutes ago, MMW said:

So ................ is not your nextcloud system then?

it is which i have removed from the other post cant believe i missed that but it was setup using an old blog from the legendary CHBMB  https://blog.linuxserver.io/2017/05/10/installing-nextcloud-on-unraid-with-letsencrypt-reverse-proxy/

 

and not the way spaceinvaders tutorial is where if setup correctly all you have to do is edit the proxy-conf file and switch the container to the custom network to reverse proxy something

 

8 minutes ago, MMW said:

So  is not your nextcloud system then?

im not sure if you would mind removing that link if not no big

3 minutes ago, Sinister said:

im not sure if you would mind removing that link if not no big

All done. I forgot to remove the .sample from my configs which was causing a problem for me, but apart from that the spaceinvader video worked well for me.

1 minute ago, MMW said:

All done. I forgot to remove the .sample from my configs which was causing a problem for me, but apart from that the spaceinvader video worked well for me.

thank you :) and that definitely isnt my issue i made sure everything was correct there is a comment or 2 on the video itself with a person or 2 having the same issue and even one more user that posted here last night itd be interesting to see if we all made the same mistake but ive followed many tutorials of his and generally they work but this time is a no go for me

23 minutes ago, Sinister said:

thank you :) and that definitely isnt my issue i made sure everything was correct there is a comment or 2 on the video itself with a person or 2 having the same issue and even one more user that posted here last night itd be interesting to see if we all made the same mistake but ive followed many tutorials of his and generally they work but this time is a no go for me

The tone of your message leads me to believe that you think something is still not working. What do you expect to see when you go to that url?

8 hours ago, Jessie said:

Are you using Internet explorer?

Try Edge or firefox.

 

I use Chrome

I do not use Edge or Firefox

 

hello,

I've setup letsencrypt with subdomain for nextcloud successfull, however I don't get how to set it up for not included applications. e.g. I would like to host my own Jira (Atlassian) instance for myself.

 

This is what I did:

 

server {
    listen 443 ssl;

    server_name jira.*;

    include /config/nginx/ssl.conf;

    client_max_body_size 0;

    # enable for ldap auth, fill in ldap details in ldap.conf 
    #include /config/nginx/ldap.conf;

    location / {
        # enable the next two lines for http auth
        #auth_basic "Restricted";
        #auth_basic_user_file /config/nginx/.htpasswd;

        # enable the next two lines for ldap auth
        #auth_request /auth;
        #error_page 401 =200 /login;

        include /config/nginx/proxy.conf;
        resolver 127.0.0.11 valid=30s;
        set $upstream_jira jira;
        proxy_pass http://$upstream_jira:8020;
    }
}

However when accessing it I get an 502 error. However the certificates are created so I'm sure it's liked to the subdomain file. Maybe someone can help me figure it out.

 

Thanks,

Matt

2 hours ago, twok said:

hello,

I've setup letsencrypt with subdomain for nextcloud successfull, however I don't get how to set it up for not included applications. e.g. I would like to host my own Jira (Atlassian) instance for myself.

 

This is what I did:

 


server {
    listen 443 ssl;

    server_name jira.*;

    include /config/nginx/ssl.conf;

    client_max_body_size 0;

    # enable for ldap auth, fill in ldap details in ldap.conf 
    #include /config/nginx/ldap.conf;

    location / {
        # enable the next two lines for http auth
        #auth_basic "Restricted";
        #auth_basic_user_file /config/nginx/.htpasswd;

        # enable the next two lines for ldap auth
        #auth_request /auth;
        #error_page 401 =200 /login;

        include /config/nginx/proxy.conf;
        resolver 127.0.0.11 valid=30s;
        set $upstream_jira jira;
        proxy_pass http://$upstream_jira:8020;
    }
}

However when accessing it I get an 502 error. However the certificates are created so I'm sure it's liked to the subdomain file. Maybe someone can help me figure it out.

 

Thanks,

Matt

Port should be 8080 and make sure both jira and letsencrypt are in the same "user defined bridge" network

9 minutes ago, aptalca said:

Port should be 8080

I've changed the default port to 8020 (sorry should have noted it) - full configuration attached. Proxynet beeing the letsencrypt network. As per spaceinvador1 guide.
image.png.cfe08b0bead3a78decbf6f6be30ea331.png

In Jira I've adjusted the base url to match the config.

 

Previously I got it working using the jwilder letsencrypt nginx proxy. however with that I couldn't get nextcloud to work which is a higher priority to me.

 

thanks.

Is there a particular reason you changed the default port on the Nextcloud docker? 

20 hours ago, jonathanm said:

The tone of your message leads me to believe that you think something is still not working. What do you expect to see when you go to that url?

when i set it up as demonstrated in the video using the proxy-conf files i expect to be able to reach the intended container and not the letsencrypt landing page my sonarr,radarr,nextcloud certainly does not come up the way it should . now im not claiming to be an expert at all but im pretty good at following instructions and i have and i have not been able to achieve the same result maybe there is a setting in Unraid thats making it not work i dont know again im no expert and just asking for help

12 minutes ago, Sinister said:

when i set it up as demonstrated in the video using the proxy-conf files i expect to be able to reach the intended container and not the letsencrypt landing page my sonarr,radarr,nextcloud certainly does not come up the way it should . now im not claiming to be an expert at all but im pretty good at following instructions and i have and i have not been able to achieve the same result maybe there is a setting in Unraid thats making it not work i dont know again im no expert and just asking for help

Assuming the url that mmw posted is in fact yours, it's definitely up and working right now for nextcloud.

2 minutes ago, Sinister said:

because as i said in one of my previous posts it is setup this way  https://blog.linuxserver.io/2017/05/10/installing-nextcloud-on-unraid-with-letsencrypt-reverse-proxy/             using CHBMBs method and not the way in the video

I'm sorry, I'm not following.

 

Currently, your nextcloud instance is up and available on https://nextcloud(removed for privacy).duckdns.org/

What url are you wanting to use?

4 minutes ago, jonathanm said:

I'm sorry, I'm not following.

 

Currently, your nextcloud instance is up and available on https://nextcloud(removed for privacy).duckdns.org/

What url are you wanting to use?

ok let me be more specific the URL is not the issue the issue is the method that i had to use to set it up to reverse proxy it if you click the link in the last post youll see CHBMB made a blog post about How to set it up. His method is different from the method spaceinvaderone demonstrates in is tutorial where after setting everything up all you have to do is edit the proxy-conf file and switch the container to your custom network within unraid that is not how my instance is currently setup what i want is to be able to reverse proxy any container using the quick and simple method in the video

6 hours ago, twok said:

I've changed the default port to 8020 (sorry should have noted it) - full configuration attached. Proxynet beeing the letsencrypt network. As per spaceinvador1 guide.
image.png.cfe08b0bead3a78decbf6f6be30ea331.png

In Jira I've adjusted the base url to match the config.

 

Previously I got it working using the jwilder letsencrypt nginx proxy. however with that I couldn't get nextcloud to work which is a higher priority to me.

 

thanks.

You changed the host port. The container port is still 8080. Nginx is connecting directly to the container via docker network, not going through host. Use 8080 in the proxy pass statement. 

I followed spaceinvaderone's guide to setting up reverse proxies and letsencrypt and wanted to get this to work for me with plex. I do the following:

  • Create a CNAME for my domain called 'plex', so should be able to access plex through 'plex.mydomain.com' (not my real domain obviously)
  • Put my duckdns domain + token into the DuckDNS container settings
  • Setup port forwarding as described in the spaceinvaderone video (80 -> 180, 443 -> 1443)
  • Setup a user defined network 'proxynet'
  • Run letsencrypt using 'proxynet'
  • Install linuxserver.io's plex container and make it use the 'proxynet' network
  • Check that the plex.subdomain.conf file is set up correctly, shown below


I then try to run plex by clicking on the WebGUI option in the docker tab and my browser fails to open plex - I get 'Problem loading page' and the address bar at the top of the browser writes http://172.18.0.4:32400/web. I cannot access the Plex GUI by typing 192.168.0.18:32400, https://plex.mydomain.com doesn't work either. In essence it does not seem to work in any other way than host mode, and even in host mode Plex gets stuck on this page:

 


Any help would be appreciated.

# make sure that your dns has a cname set for plex, if plex is running in bridge mode, the below config should w$g the IP$address of plex
# replace the line "proxy_pass https://$upstream_plex:32400;" with "proxy_pass https://HOSTIP:32400;" HOSTIP bei$.yourdom$in.url:443")
# in plex server settings, under network, fill in "Custom server access URLs" with your domain (ie. "https://ple$

server {
    listen 443 ssl;

    server_name plex.*;

    include /config/nginx/ssl.conf;

    client_max_body_size 0;
    proxy_redirect off;
    proxy_buffering off;

    # enable for ldap auth, fill in ldap details in ldap.conf
    #include /config/nginx/ldap.conf;


    location / {
        # enable the next two lines for http auth
        #auth_basic "Restricted";
        #auth_basic_user_file /config/nginx/.htpasswd;

        # enable the next two lines for ldap auth
        #auth_request /auth;
        #error_page 401 =200 /login;

        include /config/nginx/proxy.conf;
        resolver 127.0.0.11 valid=30s;
        set $upstream_plex plex;
        proxy_pass https://$upstream_plex:32400;

        proxy_set_header Upgrade $http_upgrade;
        proxy_set_header Connection "upgrade";

        proxy_set_header X-Plex-Client-Identifier $http_x_plex_client_identifier;
        proxy_set_header X-Plex-Device $http_x_plex_device;                                                      
        proxy_set_header X-Plex-Device-Name $http_x_plex_device_name;                                           
        proxy_set_header X-Plex-Platform $http_x_plex_platform;
        proxy_set_header X-Plex-Platform-Version $http_x_plex_platform_version;
        proxy_set_header X-Plex-Product $http_x_plex_product;
        proxy_set_header X-Plex-Token $http_x_plex_token;
        proxy_set_header X-Plex-Version $http_x_plex_version;
        proxy_set_header X-Plex-Nocache $http_x_plex_nocache;
        proxy_set_header X-Plex-Provides $http_x_plex_provides;
        proxy_set_header X-Plex-Device-Vendor $http_x_plex_device_vendor;
        proxy_set_header X-Plex-Model $http_x_plex_model;
    }
}



 

@Gobs please try/ check the following things (helped me)
 

  • is plex also changed to be in the proxynet network?
  • is the docker container of plex really called "plex" or maybe changed?
  • is your firewall configured to allow the port to be accessed from external? (check with sites like "is my port open")
  • check if logged in to duckdns if your external ip is correctly upgraded
On 9/28/2018 at 8:13 PM, aptalca said:

You changed the host port. The container port is still 8080. Nginx is connecting directly to the container via docker network, not going through host. Use 8080 in the proxy pass statement. 

thank you so much! I thought with multiple dockers (jira + jira service desk) using the same port, I would need to go thru the external port. boy was I wrong. such a simple solution. thanks again!

On 9/30/2018 at 8:43 AM, Gobs said:

I followed spaceinvaderone's guide to setting up reverse proxies and letsencrypt and wanted to get this to work for me with plex. I do the following:

  • Create a CNAME for my domain called 'plex', so should be able to access plex through 'plex.mydomain.com' (not my real domain obviously)
  • Put my duckdns domain + token into the DuckDNS container settings
  • Setup port forwarding as described in the spaceinvaderone video (80 -> 180, 443 -> 1443)
  • Setup a user defined network 'proxynet'
  • Run letsencrypt using 'proxynet'
  • Install linuxserver.io's plex container and make it use the 'proxynet' network
  • Check that the plex.subdomain.conf file is set up correctly, shown below


I then try to run plex by clicking on the WebGUI option in the docker tab and my browser fails to open plex - I get 'Problem loading page' and the address bar at the top of the browser writes http://172.18.0.4:32400/web. I cannot access the Plex GUI by typing 192.168.0.18:32400, https://plex.mydomain.com doesn't work either. In essence it does not seem to work in any other way than host mode, and even in host mode Plex gets stuck on this page:

 

 


Any help would be appreciated.


# make sure that your dns has a cname set for plex, if plex is running in bridge mode, the below config should w$g the IP$address of plex
# replace the line "proxy_pass https://$upstream_plex:32400;" with "proxy_pass https://HOSTIP:32400;" HOSTIP bei$.yourdom$in.url:443")
# in plex server settings, under network, fill in "Custom server access URLs" with your domain (ie. "https://ple$

server {
    listen 443 ssl;

    server_name plex.*;

    include /config/nginx/ssl.conf;

    client_max_body_size 0;
    proxy_redirect off;
    proxy_buffering off;

    # enable for ldap auth, fill in ldap details in ldap.conf
    #include /config/nginx/ldap.conf;


    location / {
        # enable the next two lines for http auth
        #auth_basic "Restricted";
        #auth_basic_user_file /config/nginx/.htpasswd;

        # enable the next two lines for ldap auth
        #auth_request /auth;
        #error_page 401 =200 /login;

        include /config/nginx/proxy.conf;
        resolver 127.0.0.11 valid=30s;
        set $upstream_plex plex;
        proxy_pass https://$upstream_plex:32400;

        proxy_set_header Upgrade $http_upgrade;
        proxy_set_header Connection "upgrade";

        proxy_set_header X-Plex-Client-Identifier $http_x_plex_client_identifier;
        proxy_set_header X-Plex-Device $http_x_plex_device;                                                      
        proxy_set_header X-Plex-Device-Name $http_x_plex_device_name;                                           
        proxy_set_header X-Plex-Platform $http_x_plex_platform;
        proxy_set_header X-Plex-Platform-Version $http_x_plex_platform_version;
        proxy_set_header X-Plex-Product $http_x_plex_product;
        proxy_set_header X-Plex-Token $http_x_plex_token;
        proxy_set_header X-Plex-Version $http_x_plex_version;
        proxy_set_header X-Plex-Nocache $http_x_plex_nocache;
        proxy_set_header X-Plex-Provides $http_x_plex_provides;
        proxy_set_header X-Plex-Device-Vendor $http_x_plex_device_vendor;
        proxy_set_header X-Plex-Model $http_x_plex_model;
    }
}



 

 

Gobs, I had the same issues setting up plex. Here's what I did......

If you are using a user defined network for LE and plex, the plex port must be mapped to the host (unraid). 

   To do this edit the config, Docker->click on edit.  Change to Advance mode.  In the "Extra Parameters" section add this line (changing info to your info)

       "-p UnRaidIP:32400:32400"  this should look something like -p 192.168.1.10:32400:32400 This will allow the webui to load on local.

   I have not been able to get plex to load via a custom web address as the proxy.config file instructions seems a bit confusing IMHO.

Edited by sgt_spike

I just spotted that my /log/nginx/access.log file has hit 4GB with entries going back nearly a year.  is there a way to control the size of the log, other than deleting it (which I have)?

 

Thanks

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.

Guest
Reply to this topic...

Account

Navigation

Search

Search

Configure browser push notifications

Chrome (Android)
  1. Tap the lock icon next to the address bar.
  2. Tap Permissions → Notifications.
  3. Adjust your preference.
Chrome (Desktop)
  1. Click the padlock icon in the address bar.
  2. Select Site settings.
  3. Find Notifications and adjust your preference.