CHBMB Posted June 13, 2017 Share Posted June 13, 2017 Ok, so can you post your docker config? Redact out your email address and domain name. Quote Link to comment
ebnerjoh Posted June 13, 2017 Share Posted June 13, 2017 I am new with Unraid and Docker (since one week). I guess you mean the docker exec section which is displayed when installing or changing a docker within unraid and not the web-config-section? If yes, where can I find how the docker was started without modifying the docker? I know stupid questions... but I am learning. Quote Link to comment
CHBMB Posted June 13, 2017 Share Posted June 13, 2017 Either would do, but edit the container, make a change to a parameter, add and delete a space and click apply. Quote Link to comment
ebnerjoh Posted June 13, 2017 Share Posted June 13, 2017 1 minute ago, CHBMB said: Either would do, but edit the container, make a change to a parameter, add and delete a space and click apply. haha, sometimes it is too simple... root@localhost:# /usr/local/emhttp/plugins/dynamix.docker.manager/scripts/docker run -d --name="letsencrypt" --net="none" --privileged="true" -e TZ="Europe/Berlin" -e HOST_OS="unRAID" -e "EMAIL"="[email protected]" -e "URL"="my-domain.at" -e "SUBDOMAINS"="nextcloud,wordpress," -e "ONLY_SUBDOMAINS"="true" -e "DHLEVEL"="2048" -e "PUID"="99" -e "PGID"="100" -v "/mnt/user/appdata/letsencrypt":"/config":rw --network homenet --ip 192.168.1.250 linuxserver/letsencrypt 7febf75fc4495e72d6ab452387cd1c6fda9ebffb2f4bf23afdc89f1b1e8df271 Quote Link to comment
CHBMB Posted June 13, 2017 Share Posted June 13, 2017 So, if you want joomla.server.com you need to add that too. Quote Link to comment
ebnerjoh Posted June 13, 2017 Share Posted June 13, 2017 Yes, this is clear. First I wanted to get wordpress working before going ahead with joomla. The question is: How would the site-conf look like for Wordpress if the wordpress is in the "wordpress"-subdirectory of the www directory. Br, johannes Quote Link to comment
CHBMB Posted June 13, 2017 Share Posted June 13, 2017 13 minutes ago, ebnerjoh said: Yes, this is clear. First I wanted to get wordpress working before going ahead with joomla. The question is: How would the site-conf look like for Wordpress if the wordpress is in the "wordpress"-subdirectory of the www directory. Br, johannes Create a new file called wordpress in appdata/letsencrypt/nginx/site-confs/ then just use a copy of defaults and change the servername to wordpress.server.com after that it should be the same as any other nginx install of wordpress. Quote Link to comment
CHBMB Posted June 13, 2017 Share Posted June 13, 2017 Here's a useful "recipe" for Wordpress and nginx. https://www.nginx.com/resources/wiki/start/topics/recipes/wordpress/ Quote Link to comment
ebnerjoh Posted June 13, 2017 Share Posted June 13, 2017 No success at all. I made now the following tests: 1) Copied default to wordpress and changed servername and directory --> letsencrypt didnt start and got errormessage "duplicate default server" 2) removed default and moved wordpress to default --> got at least somehow the wordpress page but completley unformated 3) recovered original default and took the receipt and saved as wordpress. changed servername and directory and CGI part (as this is different to the letsencrypt-Docker). After accessing the site I am always getting the index.html from the /config/www, instead of /config/www/wordpress... This is driving me crazy... Quote Link to comment
CHBMB Posted June 13, 2017 Share Posted June 13, 2017 1 minute ago, ebnerjoh said: After accessing the site I am always getting the index.html from the /config/www, instead of /config/www/wordpress... You need to change the root /config/www; to root /config/www/wordpress; Quote Link to comment
ebnerjoh Posted June 13, 2017 Share Posted June 13, 2017 I have done this... # Upstream to abstract backend connection(s) for php upstream php { server unix:/tmp/php-cgi.socket; server 127.0.0.1:9000; } server { ## Your website name goes here. server_name wordpress.my-domain.at; ## Your only path reference. root /var/www/wordpress; ## This should be in your http block and if it is, it's not needed here. index index.php; ssl_certificate /config/keys/letsencrypt/fullchain.pem; ssl_certificate_key /config/keys/letsencrypt/privkey.pem; ssl_dhparam /config/nginx/dhparams.pem; ssl_ciphers 'ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES256-GCM-SHA384:DHE-RSA-AES128-GCM-SHA256:DHE-DSS-AES128-GCM-SHA256:kEDH+AESGCM:ECDHE-RSA-AES128-SHA256:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA:ECDHE-ECDSA-AES128-SHA:ECDHE-RSA-AES256-SHA384:ECDHE-ECDSA-AES256-SHA384:ECDHE-RSA-AES256-SHA:ECDHE-ECDSA-AES256-SHA:DHE-RSA-AES128-SHA256:DHE-RSA-AES128-SHA:DHE-DSS-AES128-SHA256:DHE-RSA-AES256-SHA256:DHE-DSS-AES256-SHA:DHE-RSA-AES256-SHA:AES128-GCM-SHA256:AES256-GCM-SHA384:AES128-SHA256:AES256-SHA256:AES128-SHA:AES256-SHA:AES:CAMELLIA:DES-CBC3-SHA:!aNULL:!eNULL:!EXPORT:!DES:!RC4:!MD5:!PSK:!aECDH:!EDH-DSS-DES-CBC3-SHA:!EDH-RSA-DES-CBC3-SHA:!KRB5-DES-CBC3-SHA'; ssl_prefer_server_ciphers on; location = /favicon.ico { log_not_found off; access_log off; } location = /robots.txt { allow all; log_not_found off; access_log off; } location / { # This is cool because no php is touched for static content. # include the "?$args" part so non-default permalinks doesn't break when using query string try_files $uri $uri/ /index.php?$args; } location ~ \.php$ { #NOTE: You should have "cgi.fix_pathinfo = 0;" in php.ini #include fastcgi.conf; #fastcgi_intercept_errors on; #fastcgi_pass php; #fastcgi_split_path_info ^(.+\.php)(/.+)$; # With php7-cgi alone: fastcgi_pass 127.0.0.1:9000; # With php7-fpm: #fastcgi_pass unix:/var/run/php7-fpm.sock; fastcgi_index index.php; include /etc/nginx/fastcgi_params; } location ~* \.(js|css|png|jpg|jpeg|gif|ico)$ { expires max; log_not_found off; } } Quote Link to comment
CHBMB Posted June 13, 2017 Share Posted June 13, 2017 (edited) You can't just copy and paste the whole config. You need to edit it to reflect your config. Wordpress isn't in the root so location \ is wrong. You need something like this. location /wordpress { try_files $uri $uri/ /wordpress/index.php?$args; } location ~ \.php$ { fastcgi_split_path_info ^(/wordpress)(/.*)$; } I know that it's possible to do as I've done so in the past. And get rid of that initial php block. Edited June 13, 2017 by CHBMB Quote Link to comment
CHBMB Posted June 13, 2017 Share Posted June 13, 2017 I just added the above to my default file, changed the root parameter, unzipped wordpress. Quote Link to comment
CHBMB Posted June 13, 2017 Share Posted June 13, 2017 If you're serving a few different subdomains, you may even want to change the root /config/www to something like root/config/www/default root /config/www/wordpress root /config/www/joomla to avoid confusion between the directories and alter your directory structure as such Quote Link to comment
ebnerjoh Posted June 13, 2017 Share Posted June 13, 2017 Hi, This is my default "default" file: # listening on port 80 disabled by default, remove the "#" signs to enable # redirect all traffic to https #server { # listen 80; # server_name _; # return 301 https://$host$request_uri; #} # main server block server { listen 443 ssl default_server; root /config/www; index index.html index.htm index.php; server_name _; ssl_certificate /config/keys/letsencrypt/fullchain.pem; ssl_certificate_key /config/keys/letsencrypt/privkey.pem; ssl_dhparam /config/nginx/dhparams.pem; ssl_ciphers 'ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES256-GCM-SHA384:DHE-RSA-AES128-GCM-SHA256:DHE-DSS-AES128-GCM-SHA256:kEDH+AESGCM:ECDHE-RSA-AES128-SHA256:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA:ECDHE-ECDSA-AES128-SHA:ECDHE-RSA-AES256-SHA384:ECDHE-ECDSA-AES256-SHA384:ECDHE-RSA-AES256-SHA:ECDHE-ECDSA-AES256-SHA:DHE-RSA-AES128-SHA256:DHE-RSA-AES128-SHA:DHE-DSS-AES128-SHA256:DHE-RSA-AES256-SHA256:DHE-DSS-AES256-SHA:DHE-RSA-AES256-SHA:AES128-GCM-SHA256:AES256-GCM-SHA384:AES128-SHA256:AES256-SHA256:AES128-SHA:AES256-SHA:AES:CAMELLIA:DES-CBC3-SHA:!aNULL:!eNULL:!EXPORT:!DES:!RC4:!MD5:!PSK:!aECDH:!EDH-DSS-DES-CBC3-SHA:!EDH-RSA-DES-CBC3-SHA:!KRB5-DES-CBC3-SHA'; ssl_prefer_server_ciphers on; client_max_body_size 0; location / { try_files $uri $uri/ /index.html /index.php?$args =404; } location ~ \.php$ { fastcgi_split_path_info ^(.+\.php)(/.+)$; # With php7-cgi alone: fastcgi_pass 127.0.0.1:9000; # With php7-fpm: #fastcgi_pass unix:/var/run/php7-fpm.sock; fastcgi_index index.php; include /etc/nginx/fastcgi_params; } # sample reverse proxy config for password protected couchpotato running at IP 192.168.1.50 port 5050 with base url "cp" # notice this is within the same server block as the base # don't forget to generate the .htpasswd file as described on docker hub # location ^~ /cp { # auth_basic "Restricted"; # auth_basic_user_file /config/nginx/.htpasswd; # include /config/nginx/proxy.conf; # proxy_pass http://192.168.1.50:5050/cp; # } } # sample reverse proxy config without url base, but as a subdomain "cp", ip and port same as above # notice this is a new server block, you need a new server block for each subdomain #server { # listen 443 ssl; # # root /config/www; # index index.html index.htm index.php; # # server_name cp.*; # # ssl_certificate /config/keys/letsencrypt/fullchain.pem; # ssl_certificate_key /config/keys/letsencrypt/privkey.pem; # ssl_dhparam /config/nginx/dhparams.pem; # ssl_ciphers 'ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES256-GCM-SHA384:DHE-RSA-AES128-GCM-SHA256:DHE-DSS-AES128-GCM-SHA256:kEDH+AESGCM:ECDHE-RSA-AES128-SHA256:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA:ECDHE-ECDSA-AES128-SHA:ECDHE-RSA-AES256-SHA384:ECDHE-ECDSA-AES256-SHA384:ECDHE-RSA-AES256-SHA:ECDHE-ECDSA-AES256-SHA:DHE-RSA-AES128-SHA256:DHE-RSA-AES128-SHA:DHE-DSS-AES128-SHA256:DHE-RSA-AES256-SHA256:DHE-DSS-AES256-SHA:DHE-RSA-AES256-SHA:AES128-GCM-SHA256:AES256-GCM-SHA384:AES128-SHA256:AES256-SHA256:AES128-SHA:AES256-SHA:AES:CAMELLIA:DES-CBC3-SHA:!aNULL:!eNULL:!EXPORT:!DES:!RC4:!MD5:!PSK:!aECDH:!EDH-DSS-DES-CBC3-SHA:!EDH-RSA-DES-CBC3-SHA:!KRB5-DES-CBC3-SHA'; # ssl_prefer_server_ciphers on; # # client_max_body_size 0; # # location / { # auth_basic "Restricted"; # auth_basic_user_file /config/nginx/.htpasswd; # include /config/nginx/proxy.conf; # proxy_pass http://192.168.1.50:5050; # } #} Here is now my updated "wordpress" file: server { ## Your website name goes here. server_name wordpress.my-domain.at; ## Your only path reference. root /var/www/wordpress; ## This should be in your http block and if it is, it's not needed here. index index.php; ssl_certificate /config/keys/letsencrypt/fullchain.pem; ssl_certificate_key /config/keys/letsencrypt/privkey.pem; ssl_dhparam /config/nginx/dhparams.pem; ssl_ciphers 'ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES256-GCM-SHA384:DHE-RSA-AES128-GCM-SHA256:DHE-DSS-AES128-GCM-SHA256:kEDH+AESGCM:ECDHE-RSA-AES128-SHA256:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA:ECDHE-ECDSA-AES128-SHA:ECDHE-RSA-AES256-SHA384:ECDHE-ECDSA-AES256-SHA384:ECDHE-RSA-AES256-SHA:ECDHE-ECDSA-AES256-SHA:DHE-RSA-AES128-SHA256:DHE-RSA-AES128-SHA:DHE-DSS-AES128-SHA256:DHE-RSA-AES256-SHA256:DHE-DSS-AES256-SHA:DHE-RSA-AES256-SHA:AES128-GCM-SHA256:AES256-GCM-SHA384:AES128-SHA256:AES256-SHA256:AES128-SHA:AES256-SHA:AES:CAMELLIA:DES-CBC3-SHA:!aNULL:!eNULL:!EXPORT:!DES:!RC4:!MD5:!PSK:!aECDH:!EDH-DSS-DES-CBC3-SHA:!EDH-RSA-DES-CBC3-SHA:!KRB5-DES-CBC3-SHA'; ssl_prefer_server_ciphers on; location = /favicon.ico { log_not_found off; access_log off; } location = /robots.txt { allow all; log_not_found off; access_log off; } location /wordpress { # This is cool because no php is touched for static content. # include the "?$args" part so non-default permalinks doesn't break when using query string try_files $uri $uri/ /index.php?$args; } location ~ \.php$ { #NOTE: You should have "cgi.fix_pathinfo = 0;" in php.ini #include fastcgi.conf; #fastcgi_intercept_errors on; #fastcgi_pass php; #fastcgi_split_path_info ^(.+\.php)(/.+)$; fastcgi_split_path_info ^(/wordpress)(/.*)$; # With php7-cgi alone: fastcgi_pass 127.0.0.1:9000; # With php7-fpm: #fastcgi_pass unix:/var/run/php7-fpm.sock; fastcgi_index index.php; include /etc/nginx/fastcgi_params; } location ~* \.(js|css|png|jpg|jpeg|gif|ico)$ { expires max; log_not_found off; } } Still getting connected to the default index.html. Quote Link to comment
CHBMB Posted June 13, 2017 Share Posted June 13, 2017 (edited) Call this file wordpress.... server { listen 80; server_name wordpress.server.com; return 301 https://server.com$request_uri; } server { listen 443 ssl; server_name wordpress.server.com; add_header Front-End-Https on; root /config/www/wordpress; index index.html index.htm index.php; ssl_certificate /config/keys/letsencrypt/fullchain.pem; ssl_certificate_key /config/keys/letsencrypt/privkey.pem; ssl_dhparam /config/nginx/dhparams.pem; ssl_ciphers 'ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES256-GCM-SHA384:DHE-RSA-AES128-GCM-SHA256:DHE-DSS-AES128-GCM-SHA256:kEDH+AESGCM:ECDHE-RSA-AES128-SHA256:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA:ECDHE-ECDSA-AES128-SHA:ECDHE-RSA-AES256-SHA384:ECDHE-ECDSA-AES256-SHA384:ECDHE-RSA-AES256-SHA:ECDHE-ECDSA-AES256-SHA:DHE-RSA-AES128-SHA256:DHE-RSA-AES128-SHA:DHE-DSS-AES128-SHA256:DHE-RSA-AES256-SHA256:DHE-DSS-AES256-SHA:DHE-RSA-AES256-SHA:AES128-GCM-SHA256:AES256-GCM-SHA384:AES128-SHA256:AES256-SHA256:AES128-SHA:AES256-SHA:AES:CAMELLIA:DES-CBC3-SHA:!aNULL:!eNULL:!EXPORT:!DES:!RC4:!MD5:!PSK:!aECDH:!EDH-DSS-DES-CBC3-SHA:!EDH-RSA-DES-CBC3-SHA:!KRB5-DES-CBC3-SHA'; ssl_prefer_server_ciphers on; location ~ \.php$ { fastcgi_split_path_info ^(.+\.php)(/.+)$; # With php5-cgi alone: fastcgi_pass 127.0.0.1:9000; # With php5-fpm: #fastcgi_pass unix:/var/run/php5-fpm.sock; fastcgi_index index.php; include /etc/nginx/fastcgi_params; } location / { try_files $uri $uri/ /wordpress/index.php?$args; } location ~ \.php$ { fastcgi_split_path_info ^(/wordpress)(/.*)$; } } Easy..... Edited June 13, 2017 by CHBMB Quote Link to comment
ebnerjoh Posted June 13, 2017 Share Posted June 13, 2017 Hi, Ok, one step ahead. I can access the website now but it is not correctly formated. It seems when using without SSL everything is correctly formated, but when using SSL then not... I will send you the real link per PM. Maybe you have an idea? Br, Johannes Quote Link to comment
CHBMB Posted June 13, 2017 Share Posted June 13, 2017 I've just tried the above and it's working fine, try clearing your browser cache etc. Quote Link to comment
ebnerjoh Posted June 13, 2017 Share Posted June 13, 2017 Many, many thanks again! One last question: I tried to do a Media-Upload in Wordpress. It tells me that there is a 2MB Upload Limit. I guess this is set somewhere in nginx? Br, Johannes Quote Link to comment
ebnerjoh Posted June 13, 2017 Share Posted June 13, 2017 1 hour ago, ebnerjoh said: Many, many thanks again! One last question: I tried to do a Media-Upload in Wordpress. It tells me that there is a 2MB Upload Limit. I guess this is set somewhere in nginx? Br, Johannes In addition to my "upload_max_filesize" question I have now another question: I want to run on my nginx-instance also phpmyadmin to configure my MySQL-DB. This website shouldnt be exposed to the public network. If I store phpmyadmin to /config/www/phpmyadmin can I access it then via "https://internal-ip/phpmyadmin"? As it is internal I do not care about the certificate. I guess this is working with "location" but to be honest, I still do not understand the concept of nginx. I tried to add the following to my default site-conf: location /phpmyadmin { root /config/www/phpmyadmin; try_files $uri $uri/ /index.html /index.php?$args =404; } but then I get the default page. Br, Johannes Quote Link to comment
CHBMB Posted June 13, 2017 Share Posted June 13, 2017 12 hours ago, ebnerjoh said: Many, many thanks again! One last question: I tried to do a Media-Upload in Wordpress. It tells me that there is a 2MB Upload Limit. I guess this is set somewhere in nginx? Br, Johannes Not sure, you sure it's not a setting in WP? Quote Link to comment
ebnerjoh Posted June 14, 2017 Share Posted June 14, 2017 Hi, Yes, this are PHP Settings. I found them already in the docker and changed them manually wth the disadvantage that I have to do this again after an update of the docker. Br, Johannes Quote Link to comment
poldim Posted June 14, 2017 Share Posted June 14, 2017 (edited) Still having trouble with this. THESE are my current domain settings. I've tried having both 'www' and '@' before .mydomain.com and still noting. This is my default config: server { listen 443 ssl; root /config/www/unifi; index index.html index.htm index.php; server_name unifi.*; ssl_certificate LOCATION_REDACTED; ssl_certificate_key LOCATION_REDACTED; ssl_dhparam LOCATION_REDACTED; ssl_ciphers 'CIPHER_REDACTED'; ssl_prefer_server_ciphers on; client_max_body_size 0; location = / { include /config/nginx/proxy.conf; proxy_pass https://192.168.2.100:8443/manage/account/login; } } EDIT: So I added the CNAME records for www + unifi and sending them to @. I then pulled up http://unifi.mydomain.com/ on my mac and get nothing. I tried my phone on wifi and it timed out. I tried my phone on 4G and am getting THIS: Outdated Browser You are using an outdated browser. Please upgrade your browser to improve your experience. {{toast.message}} Partial success as it's prompting to open the unifi app....now how do I get it to work? Edited June 14, 2017 by poldim Quote Link to comment
stottle Posted June 18, 2017 Share Posted June 18, 2017 Thanks for all of the work here. I've got nextcloud/letsencrypt working with duckdns, which I wouldn't have tried without the support here and tutorials. One annoyance - is there an easy way to get unset urls (https://mydomain.duckdns.org/random_garbage) to map to 404 instead of the default "Welcome to our server?" Google searches for 404 and "welcome to our server" don't help... Quote Link to comment
aptalca Posted June 18, 2017 Share Posted June 18, 2017 Thanks for all of the work here. I've got nextcloud/letsencrypt working with duckdns, which I wouldn't have tried without the support here and tutorials. One annoyance - is there an easy way to get unset urls (https://mydomain.duckdns.org/random_garbage) to map to 404 instead of the default "Welcome to our server?" Google searches for 404 and "welcome to our server" don't help...Google nginx 404 redirect Quote Link to comment
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.