CHBMB Posted December 11, 2016 Share Posted December 11, 2016 Here's what I got in nginx location /plexpy/ { proxy_pass http://192.168.0.1:8181; include /config/nginx/proxy.conf; proxy_bind $server_addr; proxy_set_header X-Forwarded-Host $server_name; proxy_set_header X-Forwarded-Ssl on; auth_basic "Restricted"; auth_basic_user_file /config/.htpasswd; } Here's what I got in Plexpy And in my plexpy docker log 2016-12-11 15:25:11 - INFO :: MainThread : PlexPy WebStart :: Starting PlexPy web server on http://0.0.0.0:8181/plexpy/ Quote Link to comment
Living Legend Posted December 12, 2016 Share Posted December 12, 2016 Thumbs up! Finally working! Time to start closing down some ports, and adding this to other dockers. If you guys are interested, I could certainly try and put together some sort of generic tutorial on how to get this working. Sometimes it's best understood coming from someone with minimal knowledge on the stuff so it's dumbed down. Quote Link to comment
Living Legend Posted December 12, 2016 Share Posted December 12, 2016 I've gotten a few others working messing around with this. I love it! One issue I'm having is with Plex. I can get it to work with https://server.com/plex. But now, after removing the forwarding of port 32400 on my router, I can no longer access it through my apps. Only through a web interface. Is there a way to fix this? Quote Link to comment
CHBMB Posted December 12, 2016 Share Posted December 12, 2016 I've gotten a few others working messing around with this. I love it! One issue I'm having is with Plex. I can get it to work with https://server.com/plex. But now, after removing the forwarding of port 32400 on my router, I can no longer access it through my apps. Only through a web interface. Is there a way to fix this? No, sorry should have told you, Plex requires you to forward the port for apps. You'd still be able to watch through the webui I think with the port closed, but the apps require the port open. Quote Link to comment
Living Legend Posted December 12, 2016 Share Posted December 12, 2016 Yeah, the WEB GUI works, but apps don't. Oh well! I read some complicated stuff about attempting to resolve this, but far above what I can deal with. Quote Link to comment
CHBMB Posted December 12, 2016 Share Posted December 12, 2016 Yeah, the WEB GUI works, but apps don't. Oh well! I read some complicated stuff about attempting to resolve this, but far above what I can deal with. As far as I can work out it's because the apps are hardcoded to get your server address from the Plex site, which functions as a dynamic DNS essentially. There's no way to tell the apps to "cut out the middle man" as it were. Quote Link to comment
Living Legend Posted December 13, 2016 Share Posted December 13, 2016 Now attempting to configure letsencrypt to work with nextcloud. I'm trying to piece things together from different posts. This is what I have done: 1. On the nextcloud end: Edit nextcloud/www/nextcloud/config/config.php <?php $CONFIG = array ( 'memcache.local' => '\\OC\\Memcache\\APCu', 'datadirectory' => '/data', 'instanceid' => 'xxxxxxxxxx', 'passwordsalt' => 'xxxxxxxxxxxxxxxxxxxxxxxxxx', 'secret' => 'xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx', 'trusted_domains' => array ( 0 => '192.168.1.3:444', 1 => 'server.com', ), 'overwrite.cli.url' => 'https://server.com', 'overwritehost' => 'server.com', 'overwriteprotocol' => 'https', 'overwritewebroot' => '/nextcloud', 'dbtype' => 'mysql', 'version' => '9.1.2.2', 'dbname' => 'nextcloud', 'dbhost' => '192.168.1.3:3306', 'dbport' => '', 'dbtableprefix' => 'oc_', 'dbuser' => 'oc_xxxxxx', 'dbpassword' => 'xxxxxxxxxxxx', 'logtimezone' => 'UTC', 'installed' => true, ); 2. On the letsencrypt end Edit letsencrypt/nginx/site-confs/default location /nextcloud { proxy_pass https://192.168.1.3:444/nextcloud; } On a local machine I try to go to: 192.168.1.3:444 It auto redirects to https://server.com/nextcloud/index.php/apps/files Same error for https://server.com/nextcloud. Addtionally, if I edit the letsencrypt file and leave out the /nextcloud in the proxy_pass section, I get this error: Thanks again for the help! And don't forget my offer to write up a n00bie guide on how to do stuff. Check my signature. So severely outdated, but I wrote up a very basic how to back in the day on how to add mysql. Quote Link to comment
pickthenimp Posted December 13, 2016 Share Posted December 13, 2016 If you guys are interested, I could certainly try and put together some sort of generic tutorial on how to get this working. Sometimes it's best understood coming from someone with minimal knowledge on the stuff so it's dumbed down. Yes please, I am struggling to get out of the gate with this! Quote Link to comment
CHBMB Posted December 14, 2016 Share Posted December 14, 2016 I can only recommend setting up nextcloud as nextcloud.server.com Seen too many issues trying to set it up server.com/nextcloud tbh To do the former. Create a file called nextcloud in /config/nginx/site-confs/ containing this. server { listen 80; server_name nextcloud.server.com; return 301 https://$server_name$request_uri; } server { listen 443 ssl; server_name nextcloud.server.com; root /config/www; index index.html index.htm index.php; ###SSL Certificates ssl_certificate /config/keys/letsencrypt/fullchain.pem; ssl_certificate_key /config/keys/letsencrypt/privkey.pem; ###Diffie–Hellman key exchange ### ssl_dhparam /config/nginx/dhparams.pem; ###SSL Ciphers ssl_ciphers 'ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES256-GCM-SHA384:DHE-RSA-AES128-GCM-SHA256:DHE-DSS-AES128-GCM-SHA256:kEDH+AESGCM:ECDHE-RSA-AES128-SHA256:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA:ECDHE-ECDSA-AES128-SHA:ECDHE-RSA-AES256-SHA384:ECDHE-ECDSA-AES256-SHA384:ECDHE-RSA-AES256-SHA:ECDHE-ECDSA-AES256-SHA:DHE-RSA-AES128-SHA256:DHE-RSA-AES128-SHA:DHE-DSS-AES128-SHA256:DHE-RSA-AES256-SHA256:DHE-DSS-AES256-SHA:DHE-RSA-AES256-SHA:AES128-GCM-SHA256:AES256-GCM-SHA384:AES128-SHA256:AES256-SHA256:AES128-SHA:AES256-SHA:AES:CAMELLIA:DES-CBC3-SHA:!aNULL:!eNULL:!EXPORT:!DES:!RC4:!MD5:!PSK:!aECDH:!EDH-DSS-DES-CBC3-SHA:!EDH-RSA-DES-CBC3-SHA:!KRB5-DES-CBC3-SHA'; ###Extra Settings### ssl_prefer_server_ciphers on; ssl_session_cache shared:SSL:10m; ### Add HTTP Strict Transport Security ### add_header Strict-Transport-Security "max-age=63072000; includeSubdomains"; add_header Front-End-Https on; client_max_body_size 0; location / { proxy_pass https://192.168.0.1:444/; } } Edit config.php of nextcloud <?php $CONFIG = array ( 'memcache.local' => '\\OC\\Memcache\\APCu', 'datadirectory' => '/data', 'instanceid' => 'xxxxxxxxxxxx', 'passwordsalt' => 'xxxxxxxxxxxxxxxxxxxxxxxxxxxxxx', 'secret' => 'xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx', 'trusted_domains' => array ( 0 => '192.168.0.1:444', 1 => 'nextcloud.server.com', ), 'overwrite.cli.url' => 'https://nextcloud.server.com', 'overwritehost' => 'nextcloud.server.com', 'overwriteprotocol' => 'https', 'dbtype' => 'mysql', 'version' => '9.0.52.0', 'dbname' => 'nextcloud', 'dbhost' => '192.168.0.1:3305', 'dbtableprefix' => 'oc_', 'dbuser' => 'oc_CHBMB1', 'dbpassword' => 'xxxxxxxxxxxxxxxxxxxx', 'logtimezone' => 'UTC', 'installed' => true, ); Both containers should obviously be stopped when editing.. Quote Link to comment
Living Legend Posted December 14, 2016 Share Posted December 14, 2016 We're close, but now a new error it seems. When attempting to connect, I'm now faced with: With a different browser, I can bypass this, but it's not a secure https connection. I checked to make sure that my certs were in the proper location mentioned in the new nextcloud file, and they are. Quote Link to comment
CHBMB Posted December 14, 2016 Share Posted December 14, 2016 You sure you got certs setup right in letsencrypt for nextcloud.server.com? Quote Link to comment
Living Legend Posted December 14, 2016 Share Posted December 14, 2016 Ah yes, that was it! On the letsncrypt template, I never added "nextcloud" as a new subdomain. Where does this actually make a change within one of the config files? For uniformity purposes, do you have all of your dockers listed as docker.server.com? Or do you have them mixed in with other server.com/docker? I think I'm an all one way type of guy to try and keep things neat and not have to remember anything. Also, sent you a PM, CHBMB. Quote Link to comment
CHBMB Posted December 14, 2016 Share Posted December 14, 2016 Ah yes, that was it! On the letsncrypt template, I never added "nextcloud" as a new subdomain. Where does this actually make a change within one of the config files? For uniformity purposes, do you have all of your dockers listed as docker.server.com? Or do you have them mixed in with other server.com/docker? I think I'm an all one way type of guy to try and keep things neat and not have to remember anything. Also, sent you a PM, CHBMB. I have most as server.com/app apart from nextcloud. Occasionally you find that some things just work better that way. Quote Link to comment
pickthenimp Posted December 17, 2016 Share Posted December 17, 2016 Could someone provide me a cheat sheet for getting this to work with PlexRequests? FWIW, I was able to setup my cert for requests.mydomain.com Now I am a little unclear on the nginx config part. I see everyone doing server.com/requests but I prefer to do subdomain since my main domain is pointed at a hosting site. Quote Link to comment
CHBMB Posted December 17, 2016 Share Posted December 17, 2016 Could someone provide me a cheat sheet for getting this to work with PlexRequests? FWIW, I was able to setup my cert for requests.mydomain.com Now I am a little unclear on the nginx config part. I see everyone doing server.com/requests but I prefer to do subdomain since my main domain is pointed at a hosting site. Off the top of my head, I'd follow the instructions for nextcloud, but call the file requests.... Sent from my LG-H815 using Tapatalk Quote Link to comment
pickthenimp Posted December 17, 2016 Share Posted December 17, 2016 Could someone provide me a cheat sheet for getting this to work with PlexRequests? FWIW, I was able to setup my cert for requests.mydomain.com Now I am a little unclear on the nginx config part. I see everyone doing server.com/requests but I prefer to do subdomain since my main domain is pointed at a hosting site. Off the top of my head, I'd follow the instructions for nextcloud, but call the file requests.... Sent from my LG-H815 using Tapatalk Thanks, I did copy that config but was still greeted with the letsncrpyt landing page. Do I need to edit anything on the plex requests side? I saw in another post by CHBMB that you can edit the docker template but that seemed to be for /request instead of request. Quote Link to comment
CHBMB Posted December 17, 2016 Share Posted December 17, 2016 Errrr, I am CHBMB... Problem is once you decide you want to do something other than what's posted is there are a lot of variables. Impossible to just know what to do unless your an expert. I just play around until I figure it out myself, only been using Nginx a couple of months and only learned Apache about a year ago and I'm no IT professional.... This works with this config. As we know that we don't need the URL_BASE variable... 1. Remove the URL_BASE variable from the docker template of Plex Requests. As we know Plex Requests proxys just fine with the previous config posted, create a new file called requests, copying the default config. Make sure that only one is set as default. So will need to edit this line in the new config listen 443 ssl default_server; so change this to listen 443 ssl; then just place this at the end. location / { proxy_pass http://192.168.0.1:3000; include /config/nginx/proxy.conf; } Which gives us: server { listen 80; server_name requests.server.com; return 301 https://$server_name$request_uri; } server { listen 443 ssl; server_name requests.server.com; ###Set root directory root /config/www; index index.html index.htm index.php; ###Turn off client checking of client request body size client_max_body_size 0; ###SSL Certificates ssl_certificate /config/keys/letsencrypt/fullchain.pem; ssl_certificate_key /config/keys/letsencrypt/privkey.pem; ###Diffie–Hellman key exchange ### ssl_dhparam /config/nginx/dhparams.pem; ###Extra Settings### ssl_prefer_server_ciphers on; ssl_session_cache shared:SSL:10m; ### Add HTTP Strict Transport Security ### add_header Strict-Transport-Security "max-age=63072000; includeSubdomains"; add_header Front-End-Https on; ###SSL Ciphers ssl_ciphers 'ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES256-GCM-SHA384:DHE-RSA-AES128-GCM-SHA256:DHE-DSS-AES128-GCM-SHA256:kEDH+AESGCM:ECDHE-RSA-AES128-SHA256:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA:ECDHE-ECDSA-AES128-SHA:ECDHE-RSA-AES256-SHA384:ECDHE-ECDSA-AES256-SHA384:ECDHE-RSA-AES256-SHA:ECDHE-ECDSA-AES256-SHA:DHE-RSA-AES128-SHA256:DHE-RSA-AES128-SHA:DHE-DSS-AES128-SHA256:DHE-RSA-AES256-SHA256:DHE-DSS-AES256-SHA:DHE-RSA-AES256-SHA:AES128-GCM-SHA256:AES256-GCM-SHA384:AES128-SHA256:AES256-SHA256:AES128-SHA:AES256-SHA:AES:CAMELLIA:DES-CBC3-SHA:!aNULL:!eNULL:!EXPORT:!DES:!RC4:!MD5:!PSK:!aECDH:!EDH-DSS-DES-CBC3-SHA:!EDH-RSA-DES-CBC3-SHA:!KRB5-DES-CBC3-SHA'; location ~ \.php$ { fastcgi_split_path_info ^(.+\.php)(/.+)$; # With php5-cgi alone: fastcgi_pass 127.0.0.1:9000; # With php5-fpm: #fastcgi_pass unix:/var/run/php5-fpm.sock; fastcgi_index index.php; include /etc/nginx/fastcgi_params; } location / { proxy_pass http://192.168.0.1:3000; include /config/nginx/proxy.conf; } } That works.... Quote Link to comment
bonienl Posted December 17, 2016 Share Posted December 17, 2016 Errrr, I am CHBMB... Could He Be More Bald? Quote Link to comment
CHBMB Posted December 17, 2016 Share Posted December 17, 2016 Errrr, I am CHBMB... Could He Be More Bald? No, I am CHBMB! Of that I'm quite certain, I've looked in the mirror and my head is indeed shiny..... Quote Link to comment
bonienl Posted December 17, 2016 Share Posted December 17, 2016 Errrr, I am CHBMB... Could He Be More Bald? No, I am CHBMB! Of that I'm quite certain, I've looked in the mirror and my head is indeed shiny..... No confusion possible then, you're the one and only Quote Link to comment
pickthenimp Posted December 17, 2016 Share Posted December 17, 2016 Errrr, I am CHBMB... Yes, I know its you! And I really appreciate the assistance. I got it working with this config. Many thanks. Quote Link to comment
Squid Posted December 17, 2016 Share Posted December 17, 2016 Errrr, I am CHBMB... Could He Be More Bald? No, I am CHBMB! Of that I'm quite certain, I've looked in the mirror and my head is indeed shiny..... Quote Link to comment
grasfer Posted December 18, 2016 Share Posted December 18, 2016 Hi, thanks for this docker and all the others! Sorry if this has been asked before but i do not find any search in thread function. Is there a way to restart nginx from within the docker so i dont have to restart the entire thing every time i do a little change in the config file? service nginx restart does not work // Grasfer Quote Link to comment
CHBMB Posted December 18, 2016 Share Posted December 18, 2016 Personally I would just restart the docker, but if you want to get a command prompt open in the docker container then it'll be docker exec -it letsencrypt bash Quote Link to comment
aptalca Posted December 18, 2016 Share Posted December 18, 2016 Hi, thanks for this docker and all the others! Sorry if this has been asked before but i do not find any search in thread function. Is there a way to restart nginx from within the docker so i dont have to restart the entire thing every time i do a little change in the config file? service nginx restart does not work // Grasfer s6-svc -h /var/run/s6/services/nginx Quote Link to comment
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.