[Support] Linuxserver.io - SWAG - Secure Web Application Gateway (Nginx/PHP/Certbot/Fail2ban)


Recommended Posts

Wait why are you not psssing the ports right? The docker should from docker 443 to network 444 and 80>81

 

On the port forwarding it should be from port 444>443 and 81>80

 

 

 

UnRAID uses 443 and 80

 

I’m pretty sure my docker shows my unRAID ip on the lan side

 

 

Sent from my iPhone using Tapatalk Pro

 

23ff12104f70b60b85ccadedb8218ea0.png&key=324645daf2130e36c5e6a03445008c6aed5133c171d5a844e559503e5d5293fb

 

 

Do your other dockers show that same ip like your LE docker?

 

 

 The fast and easy way to fix this is to change the network to br0 and give the docker an ip on your lan

Change to the right ports. Port forward to the new lan ip.

 

Go to the proxy config and change upstream:port to serverip:port

 

 

Link to comment
23 minutes ago, H2O_King89 said:

Wait why are you not psssing the ports right? The docker should from docker 443 to network 444 and 80>81

 

On the port forwarding it should be from port 444>443 and 81>80

 

 

 

UnRAID uses 443 and 80

 

I’m pretty sure my docker shows my unRAID ip on the lan side

 

 

Sent from my iPhone using Tapatalk Pro

 

23ff12104f70b60b85ccadedb8218ea0.png&key=324645daf2130e36c5e6a03445008c6aed5133c171d5a844e559503e5d5293fb

 

 

Do your other dockers show that same ip like your LE docker?

 

 

 

 

I have tried multiple port configs with the same results. 

 

I just changed it all to mimic your config and I got the same error. 

 

Link to comment
I just tried br(0) with the same result, I tried bridge and it said I hit a rate limit....

You have to wait a week for that rate limit to clear.

What I have is a domain bought from doamins.google.com $10/year

Then have ddns setup with unifi to update it.

Then I have on LE DNS verification setup that uses api from google


Sent from my iPhone using Tapatalk Pro
Link to comment
3 minutes ago, mattgob86 said:

I just tried br(0) with the same result, I tried bridge and it said I hit a rate limit....😠

what version of unraid are using? also where did "shell option" in your template come from?

 

On my server i changed unraid's port to the following http is port 8383 and https to 444, my port forward is only for 443 but for me i had to used dns validation as my isp blocks port 80

 

LE.PNG

Link to comment
37 minutes ago, ijuarez said:

what version of unraid are using? also where did "shell option" in your template come from?

 

On my server i changed unraid's port to the following http is port 8383 and https to 444, my port forward is only for 443 but for me i had to used dns validation as my isp blocks port 80

 

LE.PNG

The shell option came from Unraid 6.6.0 r1 :)

 

How to you change the unraid ports?

39 minutes ago, H2O_King89 said:


You have to wait a week for that rate limit to clear.

What I have is a domain bought from doamins.google.com $10/year

Then have ddns setup with unifi to update it.

Then I have on LE DNS verification setup that uses api from google


Sent from my iPhone using Tapatalk Pro

Hmmm, interesting...very interesting.  I'll check that out.   Do you then just have domain/radarr domain/whatever  domain/server?

 

Edited by mattgob86
Link to comment

I have a main domain that is under hosting by dreamhost and bought/handled by namecheap. My www.domain.com is already https by lets encrypt under dreamhost hosting. What should I do in order to get mysubdomains.domain working under our lets encrypt, no matter the ports? Currently I have ddns to sub1.domain.com pointing to namecheap name servers and namecheap is pointing the subdomain to my unraid machine via A + Dynamic DNS Record. Hence something like sub1.domain.com:9091 is pointing to my transmission docker without issues. However I want it to be directed/protected by https, and same if I want sub2.domain.com (CNAME to sub1.domain.com). Do I need to have hosting for those subdomains or something? Do I have to turn off SSL for my domain in dreamhost for it to work?

Edited by CyberMew
Link to comment
7 hours ago, CyberMew said:

I have a main domain that is under hosting by dreamhost and bought/handled by namecheap. My www.domain.com is already https by lets encrypt under dreamhost hosting. What should I do in order to get mysubdomains.domain working under our lets encrypt, no matter the ports? Currently I have ddns to sub1.domain.com pointing to namecheap name servers and namecheap is pointing the subdomain to my unraid machine via A + Dynamic DNS Record. Hence something like sub1.domain.com:9091 is pointing to my transmission docker without issues. However I want it to be directed/protected by https, and same if I want sub2.domain.com (CNAME to sub1.domain.com). Do I need to have hosting for those subdomains or something? Do I have to turn off SSL for my domain in dreamhost for it to work?

Just run letsencrypt on unraid, put in your domain and subdomains, make sure to set "only_subdomains" to true so it doesn't try to validate your main domain with unraid and it will be set up. Then you can do the reverse proxies for transmission and such

Link to comment
23 minutes ago, aptalca said:

Just run letsencrypt on unraid, put in your domain and subdomains, make sure to set "only_subdomains" to true so it doesn't try to validate your main domain with unraid and it will be set up. Then you can do the reverse proxies for transmission and such

I got it working lets encrypt part now, but however the server part doesnt seems to be working..

 

Currently ombi.domain.com is pointing to my server's wan ip address. I have portforwarding done for 12345.

 

If I access http://ombi.domain.com:12345, it loads correctly. However if I do https://ombi.domain.com:12345, it redirects me back to http.

 

I actually wanted it to:

1. when accessing http, redirect to https

2. when access subdomain, it loads ombi, no manual input of port required.

 

This is my current default file:

server {
	listen 443 ssl;

	root /config/www;
	index index.html index.htm index.php;

	server_name ombi.*;

# removed the default ssl stuff here for brevity

	client_max_body_size 0;

	location / {
		include /config/nginx/proxy.conf;
		proxy_pass http://192.168.1.55:12345;	
	}
}

Not sure if I am doing this correctly?

Edited by CyberMew
Link to comment

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.

Guest
Reply to this topic...

×   Pasted as rich text.   Restore formatting

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.