TechMed Posted December 1, 2021 Share Posted December 1, 2021 Hi All, Finally getting around to switching over from Let'sEncrypt to Swag. Curious if anyone has any ideas how to stop this from happening? Spoiler If I let this go, it will just keep adding the same line (to infinity and beyond!) Followed Ed's guide to the letter. Thank in advance! Quote Link to comment
blaine07 Posted December 1, 2021 Share Posted December 1, 2021 Hi All, Finally getting around to switching over from Let'sEncrypt to Swag. Curious if anyone has any ideas how to stop this from happening? Spoiler If I let this go, it will just keep adding the same line (to infinity and beyond!) Followed Ed's guide to the letter. Thank in advance! What’s on line 7 in bitwarden subdomain conf?Sent from my iPhone using Tapatalk Quote Link to comment
TechMed Posted December 1, 2021 Share Posted December 1, 2021 Sorry... @blaine07, I work nights and am headed in now, but wanted to get this to you... it's really a major PITA not having it running (NextCloud, Bitwarden, etc) Thanks for the assist! Spoiler Quote Link to comment
TechMed Posted December 1, 2021 Share Posted December 1, 2021 sorry @blaine07, Did you mean this: server { listen 443 ssl; server_name xxxxxxxxxxbitwarden.*; include /config/nginx/ssl.conf; client_max_body_size 128M; Thanks again... Quote Link to comment
blaine07 Posted December 1, 2021 Share Posted December 1, 2021 sorry @blaine07, Did you mean this: server { listen 443 ssl; server_name xxxxxxxxxxbitwarden.*; include /config/nginx/ssl.conf; client_max_body_size 128M; Thanks again...Somewhere in that file it says “resolver” and it’s being defined twice hence the error. Not sure where else it’s defined but specifically on line 7 it appears. What you sent may be further down than line 7 on your Nextcloud CONF.Edit: you could rename Bitwarden conf, so seat doesn’t include it, temporarily so the rest of your services would work and swag would properly load… Quote Link to comment
TechMed Posted December 2, 2021 Share Posted December 2, 2021 Hi @blaine07, Thank you very much for your help! I commented out the Bitwarden.conf - Thanks a bunch for reminding me. NC is back up and running!!! I hope you do not mind, but I attached both my Bitwarden and NextCloud .conf files. I cannot, for the life of me, find where is says 'resolver' more than once. Would you mind taking a look yourself? Thanks! Have hit the sack for a few before going back in. It has been so bad here that we had to set up a triage area 😷 in the atrium of our hospital... and it aint a small joint!!! nextcloud.subdomain.conf bitwarden.subdomain.confUSE_ME Quote Link to comment
Bjur Posted December 8, 2021 Share Posted December 8, 2021 Hi I've configured Plex in conf file and SWAG starts without any errors, but when I select proxynet in Plex docker, it won't start Plex. All other services are working. Any suggestions? Quote Link to comment
shpitz461 Posted December 12, 2021 Share Posted December 12, 2021 (edited) Hi everyone, I've setup Swag with cloudflare to my domain, according to the IBRACorp video. I also setup all the plugins, log shows 'server ready'. I've added a label to my emby container 'swag_url=media.mydomain.com', but when I connect I get a 502 bad gateway. **** Labels for EmbyServer changed, will generate new conf. **** **** No preset proxy conf found for EmbyServer, generating from scratch **** **** Setting upstream address EmbyServer for EmbyServer **** **** Labels for EmbyServer changed, will generate new conf. **** **** No preset proxy conf found for EmbyServer, generating from scratch **** **** Setting upstream address EmbyServer for EmbyServer **** **** Setting port 1900 for EmbyServer **** **** Setting proto http for EmbyServer **** **** Setting url media.selausa.online for EmbyServer **** nginx: the configuration file /config/nginx/nginx.conf syntax is ok nginx: configuration file /config/nginx/nginx.conf test is successful **** Changes to nginx config are valid, reloading nginx **** How does auto-proxy work? i.e. where does it create the config files for each container? I don't see any change in any files in /appdata/swag. Also, where does this port 1900 come from? how do I change it? My emby server is running on port 56907 internally. Thanks! Edited December 12, 2021 by shpitz461 Quote Link to comment
tuxbass Posted December 13, 2021 Share Posted December 13, 2021 (edited) How do we enable the MaxMinds's GeoLite2 db? Did generate their licence key and set it as MAXMINDDB_LICENSE_KEY env var, yet nothing is downloaded into /config/geoip2db/ directory. After env var was set & service was restarted, then 'geo' nor 'maxmind' no longer can be found in the log. Maxmind licence page says the key has never been used ('Last used' column not set). Edited December 13, 2021 by tuxbass Quote Link to comment
Trenta27 Posted December 16, 2021 Share Posted December 16, 2021 On 12/13/2021 at 6:01 AM, tuxbass said: How do we enable the MaxMinds's GeoLite2 db? Did generate their licence key and set it as MAXMINDDB_LICENSE_KEY env var, yet nothing is downloaded into /config/geoip2db/ directory. After env var was set & service was restarted, then 'geo' nor 'maxmind' no longer can be found in the log. Maxmind licence page says the key has never been used ('Last used' column not set). I'm also having the same issue. Nothing has been downloaded to the appdata/swag/geoip2db folder. Variable is set to MAXMINDDB_LICENSE_KEY with my key as well. It doesn't show that it has been accessed on the maxmind site, but I get the below activity in the log like it is downloading it. Quote Link to comment
Flubster Posted December 18, 2021 Share Posted December 18, 2021 (edited) They've moved maxmind into a docker mod. Not sure if it was previously configured and working if it'll stop working or not but https://github.com/linuxserver/docker-mods/tree/swag-maxmind Dave Edit: I also needed to cycle the docker twice to get it to download, first time "enabled" the mod, second time downloaded the database Edited December 18, 2021 by Flubster Quote Link to comment
Aerodb Posted December 18, 2021 Share Posted December 18, 2021 Hello all, I have a new error and I think I have an idea what the issue is but I'm unsure how to resolve it. nginx: [emerg] cannot load certificate "/config/keys/letsencrypt/fullchain.pem": BIO_new_file() failed (SSL: error:02001002:system library:fopen:No such file or directory:fopen('/config/keys/letsencrypt/fullchain.pem','r') error:2006D080:BIO routines:BIO_new_file:no such file) When I check that directory, there is no file with the name fullchain.pem . I do see priv-fullchain-bundle.pem . I suspect this is a consolidated file and my thought is to point swag to this to resolve but I haven't been able to find which config to edit. Any guidance is greatly appreciated. Quote Link to comment
Aerodb Posted December 18, 2021 Share Posted December 18, 2021 28 minutes ago, Aerodb said: Hello all, I have a new error and I think I have an idea what the issue is but I'm unsure how to resolve it. nginx: [emerg] cannot load certificate "/config/keys/letsencrypt/fullchain.pem": BIO_new_file() failed (SSL: error:02001002:system library:fopen:No such file or directory:fopen('/config/keys/letsencrypt/fullchain.pem','r') error:2006D080:BIO routines:BIO_new_file:no such file) When I check that directory, there is no file with the name fullchain.pem . I do see priv-fullchain-bundle.pem . I suspect this is a consolidated file and my thought is to point swag to this to resolve but I haven't been able to find which config to edit. Any guidance is greatly appreciated. EDIT: if you have this issue on unraid, check the SWAG appdata directory etc/letsencrypt/live directory to be sure you don't have a folder with the -0001 ending. I changed the original file to anything else and the -0001 folder back to the original name. It started working right away. Seems there was some sort of permission or access issue. (ex. with two folders named examplefolder-0001 and examplefolder , changed examplefolder to examplefolder-01 and examplefolder-0001 to examplefolder . It worked right away and the swag log had no errors. 1 Quote Link to comment
nekromantik Posted December 18, 2021 Share Posted December 18, 2021 Is it possible to use both LetsEncrypt and zeroSSL automation or is it one or other only? Quote Link to comment
Trenta27 Posted December 19, 2021 Share Posted December 19, 2021 On 12/18/2021 at 4:24 AM, Flubster said: They've moved maxmind into a docker mod. Not sure if it was previously configured and working if it'll stop working or not but https://github.com/linuxserver/docker-mods/tree/swag-maxmind Dave Edit: I also needed to cycle the docker twice to get it to download, first time "enabled" the mod, second time downloaded the database Yeah, sorry. I forgot that I switched over to the docker mod for it. It should be working as my other mods are as well. Cycling didn't help. Quote Link to comment
Dotfo Posted December 22, 2021 Share Posted December 22, 2021 (edited) Hi guys, maybe a bit of a noob question, but can anybody tell me what the purpose of this line in the default authelia-server.conf is? if ($request_uri ~ [^a-zA-Z0-9_+-=\!@$%&*?~.:#'\;\(\)\[\]]) { return 401; } As far as I understand it's preventing illegal characters in the request_uri but this is causing problems with some urls for me. Urls similar to this cause an infinite realoding of an error page: https://redacted.org/content?c={"type":"x"}&perPage=n&sortby=xyz After I removed the line everything worked fine for me so what is it used for? Edited December 22, 2021 by Dotfo Quote Link to comment
Abigel Posted December 22, 2021 Share Posted December 22, 2021 Hi, I used the sample for guacamole docker and adjusted only IP address but I am getting only 502 Bad Gateway Spoiler GNU nano 5.3 guacamole.subdomain.conf ## Version 2021/05/18 # make sure that your dns has a cname set for guacamole and that your guacamole container is not using a > server { listen 443 ssl; listen [::]:443 ssl; server_name guacamole.*; include /config/nginx/ssl.conf; client_max_body_size 0; # enable for ldap auth, fill in ldap details in ldap.conf #include /config/nginx/ldap.conf; # enable for Authelia #include /config/nginx/authelia-server.conf; location / { # enable the next two lines for http auth #auth_basic "Restricted"; #auth_basic_user_file /config/nginx/.htpasswd; # enable the next two lines for ldap auth #auth_request /auth; #error_page 401 =200 /ldaplogin; # enable for Authelia #include /config/nginx/authelia-location.conf; include /config/nginx/proxy.conf; include /config/nginx/resolver.conf; set $upstream_app 192.168.2.212; set $upstream_port 8080; set $upstream_proto http; proxy_pass $upstream_proto://$upstream_app:$upstream_port; proxy_buffering off; } } I can access the docker in local network via http://192.168.2.212:8080 The DNS is showing to the right IP-address Can somebody please help me? Quote Link to comment
touz Posted December 24, 2021 Share Posted December 24, 2021 On 12/19/2021 at 6:15 PM, Trenta27 said: Yeah, sorry. I forgot that I switched over to the docker mod for it. It should be working as my other mods are as well. Cycling didn't help. Were you able to solve this? I have the exact same issue. I can enable the new mod, I see activity of it in the log, it's working, but it's not downloading the new GeoLite2-City.mmdb file and I don't see any activity on the maxmind website. It was working file previously. Quote Link to comment
Steace Posted December 27, 2021 Share Posted December 27, 2021 On 2/15/2021 at 1:41 PM, Stubbs said: I am getting this warning in my Swag log: nginx: [warn] "ssl_stapling" ignored, host not found in OCSP responder "r3.o.lencr.org" in the certificate "/config/keys/letsencrypt/fullchain.pem" nginx: [warn] "ssl_stapling" ignored, host not found in OCSP responder "r3.o.lencr.org" in the certificate "/config/keys/letsencrypt/fullchain.pem" nginx: [warn] "ssl_stapling" ignored, host not found in OCSP responder "r3.o.lencr.org" in the certificate "/config/keys/letsencrypt/fullchain.pem" nginx: [warn] "ssl_stapling" ignored, host not found in OCSP responder "r3.o.lencr.org" in the certificate "/config/keys/letsencrypt/fullchain.pem" nginx: [warn] "ssl_stapling" ignored, host not found in OCSP responder "r3.o.lencr.org" in the certificate "/config/keys/letsencrypt/fullchain.pem" nginx: [warn] "ssl_stapling" ignored, host not found in OCSP responder "r3.o.lencr.org" in the certificate "/config/keys/letsencrypt/fullchain.pem" Is this anything to worry about? Hi, I just got this too, did you managed it? Quote Link to comment
Trenta27 Posted December 28, 2021 Share Posted December 28, 2021 On 12/23/2021 at 8:54 PM, touz said: Were you able to solve this? I have the exact same issue. I can enable the new mod, I see activity of it in the log, it's working, but it's not downloading the new GeoLite2-City.mmdb file and I don't see any activity on the maxmind website. It was working file previously. Sadly not. I have the file that I downloaded manually in that location now but I can't get the auto download to work in any way. I think I'm just gonna let Cloudflare handle that portion... 1 Quote Link to comment
Alchemist Zim Posted December 29, 2021 Share Posted December 29, 2021 I've got SWAG setup, and logs are reporting "SERVER READY" I'm using the default subdomain confs for freshrss, jackett, radarr, and sonarr freshrss is working jackett returns a 502 error sonarr and radarr both return the swag interface page i had to add the dns records to pi-hole, now i can ping the containers from an unRAID console how can i get jackett, radarr, and sonarr to work also i have qbittorrent running through an openvpn-client container, is it possible to have that work via reverse proxy as well? Quote Link to comment
Alchemist Zim Posted December 29, 2021 Share Posted December 29, 2021 36 minutes ago, Alchemist Zim said: I've got SWAG setup, and logs are reporting "SERVER READY" I'm using the default subdomain confs for freshrss, jackett, radarr, and sonarr freshrss is working jackett returns a 502 error sonarr and radarr both return the swag interface page i had to add the dns records to pi-hole, now i can ping the containers from an unRAID console how can i get jackett, radarr, and sonarr to work also i have qbittorrent running through an openvpn-client container, is it possible to have that work via reverse proxy as well? i haddn't noticed the lines in the conf files saying to add base urls to the jackett, sonarr, and radarr containers😑, so those are working now...internally and externally now my only question...Is it possible to access a qbittorrent container that has the network setup to go through a VPN container? Quote Link to comment
Alchemist Zim Posted December 29, 2021 Share Posted December 29, 2021 42 minutes ago, Alchemist Zim said: i haddn't noticed the lines in the conf files saying to add base urls to the jackett, sonarr, and radarr containers😑, so those are working now...internally and externally now my only question...Is it possible to access a qbittorrent container that has the network setup to go through a VPN container? figured it out..i pointed my DNS to the unRAID ip address instead of the container ip...worked like a charm😁 Quote Link to comment
Cornd00g Posted December 31, 2021 Share Posted December 31, 2021 On 4/19/2021 at 6:41 PM, Wolbaz said: Having issues with overseerr. Works great and is fast and snappy with network set to bridge. When I add it to proxynet, however, it is consistently slow, and sometimes hangs up for minutes at a time. This is both using the local IP as well as the external domain. All of my other dockers on proxynet work fine. I brought that up on overseerr discord support and they insist it's a docker problem. Did this ever get resolved? I am having the exact same issue and do not know how to fix it. Quote Link to comment
Wolbaz Posted January 3, 2022 Share Posted January 3, 2022 On 12/31/2021 at 10:02 AM, Cornd00g said: Did this ever get resolved? I am having the exact same issue and do not know how to fix it. I was able to solve it temporarily by switching the container network to host. I just changed it back to proxynet to test if it was still an issue and it seems to be working at first glance. I've changed a ton of things since then so I'm not sure what the issue was. Quote Link to comment
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.