Skip to content
View in the app

A better way to browse. Learn more.

Unraid

A full-screen app on your home screen with push notifications, badges and more.

To install this app on iOS and iPadOS
  1. Tap the Share icon in Safari
  2. Scroll the menu and tap Add to Home Screen.
  3. Tap Add in the top-right corner.
To install this app on Android
  1. Tap the 3-dot menu (⋮) in the top-right corner of the browser.
  2. Tap Add to Home screen or Install app.
  3. Confirm by tapping Install.

[Support] Linuxserver.io - SWAG - Secure Web Application Gateway (Nginx/PHP/Certbot/Fail2ban)

Featured Replies

May you show me a config for example? Not sure how to do this...
I'm pretty new with docker stuff. But.. I like this!!!
568668012_Unraid_HA_Configport.thumb.png.1a512412780d90a3e124fa751b6526bb.png
That looks good.

Sent from my SM-G930W8 using Tapatalk

  • Replies 6.2k
  • Views 1.5m
  • Created
  • Last Reply

Top Posters In This Topic

Most Popular Posts

  • Confirming this worked for me too. Not sure I needed to replace both, but I did anyway and Swag and Nextcloud are both back and up and running. For noobs like me, here's what I did: 1. Stop

  • I will only post this once. Feel free to refer folks to this post.   A few points of clarification:   The last update of this image didn't break things. Letsencrypt abruptly disabl

  • BigBoyMarky
    BigBoyMarky

    I replaced both the ssl.conf and nginx.conf files with the sample ones to update them since I did not make any custom modifications to either one of those and this resolved my issue.

Posted Images

1 minute ago, Gog said:

That looks good.

Sent from my SM-G930W8 using Tapatalk
 

Yes! But it's not working...

Yes! But it's not working...
I forget the choices for connection type.. Is there TCP and rdp?

Does the container start with that port? Something else may be using it. I dont see it in your screenshot though so it's probably not that...

Sent from my SM-G930W8 using Tapatalk

Yes! But it's not working...
I just tried installing the container and it is configured as host network. It may not like the bridge config.

Can you try changing network type to host in the container config?

Nging won't reach it after that but we can fix it later

Sent from my SM-G930W8 using Tapatalk

Yes, this is working. (inside)
But, I confirm this is not working with Nginx. (outside)

Tks!

Also, I was able to connect my Node Red with Home assistant.

Now I need to connect from the outside to HA... 

Also, I was able to connect my Node Red with Home assistant.
Now I need to connect from the outside to HA... 
In nginx config, change proxy pass to the url you use internally to reach HA

Sent from my SM-G930W8 using Tapatalk

4 minutes ago, Gog said:

In nginx config, change proxy pass to the url you use internally to reach HA

Sent from my SM-G930W8 using Tapatalk
 

WooHoo!!! it's working! Thank you so mush! I learn a lot today.

I'm a bit new to reverse proxies, however I have this all setup fine for sonarr, lidarr, radarr etc. I want to add a one more end point for the Unraid server itself such that I can login to the unraid web ui remotely. How do I do that? I can't see a config file for it.

 

 

5 hours ago, dgwharrison said:

I'm a bit new to reverse proxies, however I have this all setup fine for sonarr, lidarr, radarr etc. I want to add a one more end point for the Unraid server itself such that I can login to the unraid web ui remotely. How do I do that? I can't see a config file for it.

 

 

We don't really recommend it for security reasons, but if you really want to, you can edit one of the existing ones and use the unraid ip and port in the proxy_pass directive to proxy via the subdomain method

may a weird question if thats possible

i d like to reverse proxy my privoxy socks5 proxy.

 

dataflow sample external browser -> website via proxy.mydomain.com (nginx) (browser proxy setting) -> privoxy (with vpn) -> website

as privoxy has no htaccess config and i dont want to open it to www ;) only ip´s possible but here its always a dynamic range ...

 

as its a socks5 ... i have no clue if its possible or if so, howto ... ;)

 

currently i use a ubuntu xrdp docker with chrome therefore (using the privoxy) ... just a thought to make the privoxy easy and secure usable from outside.

 

ok, seems its may possible with an module from here wich i cant get compiled into this container, https://github.com/dannote/socks-nginx-module

Edited by alturismo

I couldn’t find anything working thus far; trying to find a WORKING CONF for Bitwarden. Been having a heck of a time.

I tried using Sonar and changing to “bitwarden” and changing all the ports but no dice. My domain is bw.Xxxxxx.net, and my Unraid is on 192.169.1.5 and using a “proxynet” as in space invaders videos.

Could anyone be as kind to help me figure out a working CONF?

I couldn’t find anything working thus far; trying to find a WORKING CONF for Bitwarden. Been having a heck of a time.

I tried using Sonar and changing to “bitwarden” and changing all the ports but no dice. My domain is bw.Xxxxxx.net, and my Unraid is on 192.169.1.5 and using a “proxynet” as in space invaders videos.

Could anyone be as kind to help me figure out a working CONF?
I've got it working, but I can't get to my conf right now. Heading to bed, but I'll get it to you tomorrow

Sent from my ONEPLUS A5010 using Tapatalk

I've got it working, but I can't get to my conf right now. Heading to bed, but I'll get it to you tomorrow

Sent from my ONEPLUS A5010 using Tapatalk



Would be greatly appreciated!
2 hours ago, blaine07 said:

 


Would be greatly appreciated!

 

As a bit of warning, I had a few dockers set up before starting down the path of using letsencrypt, so I never did set up the custom bridge. I had to make the call to the IP address instead of using the name, but I hacked it together from my radarr conf file.

 

server {
    listen 443 ssl;

    server_name bitwarden.*;

    include /config/nginx/ssl.conf;

    client_max_body_size 0;

    location / {
        include /config/nginx/proxy.conf;
        resolver 127.0.0.11 valid=30s;
        set $upstream_bitwarden bitwarden;
	proxy_pass http://192.168.1.xxx:8888;
    }
}

Hope this helps

As a bit of warning, I had a few dockers set up before starting down the path of using letsencrypt, so I never did set up the custom bridge. I had to make the call to the IP address instead of using the name, but I hacked it together from my radarr conf file.
 
server {   listen 443 ssl;   server_name bitwarden.*;   include /config/nginx/ssl.conf;   client_max_body_size 0;   location / {       include /config/nginx/proxy.conf;       resolver 127.0.0.11 valid=30s;       set $upstream_bitwarden bitwarden;proxy_pass http://192.168.1.xxx:8888;   }}

Hope this helps



Finally, somehow, figured it out. Must’ve been that 1,253,397th attempt lol


Finally, somehow, figured it out. Must’ve been that 1,253,397th attempt lol
Excellent, glad to hear that

Sent from my ONEPLUS A5010 using Tapatalk

Excellent, glad to hear that

Sent from my ONEPLUS A5010 using Tapatalk


Thanks for the help mate!
1 hour ago, blaine07 said:


Thanks for the help mate!

No problem. I'm just glad I was able to help out

I'm trying to setup Let's Encrypt along side Bitwarden... I have it to the point where I can go to my DDNS.Net domain/address and I get the Let's Encrypt "Welcome page". 

I have my router setup.. I think.. it's an ASUS - external Port 443, internal port 1443 Tower IP.. and External Port 80, Internal 180 Tower IP.. I have tweaked the bitwarden.subdomain.conf file and I can't get it to through to the Bitwarden.  Any ideas?  I did setup the Proxynet network (followed spaceinvaders video).

 

I'm trying to setup Let's Encrypt along side Bitwarden... I have it to the point where I can go to my DDNS.Net domain/address and I get the Let's Encrypt "Welcome page". 
I have my router setup.. I think.. it's an ASUS - external Port 443, internal port 1443 Tower IP.. and External Port 80, Internal 180 Tower IP.. I have tweaked the bitwarden.subdomain.conf file and I can't get it to through to the Bitwarden.  Any ideas?  I did setup the Proxynet network (followed spaceinvaders video).
 



server {
listen 443 ssl http2;

server_name XX.ddns.net;

include /config/nginx/ssl.conf;

client_max_body_size 0;
# add_header X-Content-Type-Options nosniff;
# add_header X-XSS-Protection "1; mode=block";
# add_header Referrer-Policy same-origin;

location / {
# auth_basic "Restricted";
# auth_basic_user_file /config/nginx/.htpasswd;
include /config/nginx/proxy.conf;
resolver 127.0.0.11 valid=30s;
set $upstream_Bitwarden Bitwarden;
proxy_pass http://INSERT-UNRAID-IP&&Change to port BITWARDEN IS ON:8343;
# proxy_set_header X-Real-IP $remote_addr
}
}

I ended up getting it to work... I had to have the Bitwarden docker on BRIDGE, and I tweaked the config file.. Works externally to use my ddns domain and internally via IP.

 

I ended up getting it to work... I had to have the Bitwarden docker on BRIDGE, and I tweaked the config file.. Works externally to use my ddns domain and internally via IP.
 

Weird; not sure why it would have to be on a bridge; mine didnt/wasn’t /isn’t [emoji848][emoji2373] Glad you got it working though!

Hello everybody,

Before I come with my next problem, I wanted to thank you first for your commitment. I read a lot here, so I could solve a lot of problems or avoid them right away and find this community great.

Unfortunately, pure reading does not help me with the following problem. After reporting a problem with port forwarding in another thread a few days ago (downgrading the firmware and the controller solved the problem by the way), I now have a problem with Letsencrypt and Nextcloud.

The two Docker container I have set up after the very good video instructions from Spaceinvader and ran until a few days ago without problems. Now that I've fixed the port forwarding issues yesterday, the cloud can be recovered from outside and doing what it should. However, it is no longer possible to access the cloud via the local network.

Here I suspect the reverse proxy of Letsencrypt because the requests from the WAN as well as from the LAN arrive at the container, but this does not forward the requests from the LAN to Nextcloud.

I have already re-installed the Letsencrypt Docker and the new certification of the subdomains ran without problems. Also, the configs have been checked and recreated several times, but can find no error.

So now I need your help, hoping that you have an idea or even a solution to that.

My router has a static IPv4 at my ISP. Hairpinning - NAT loopback is enabled. Via NSlookup I land on both the WAN and LAN at the right address.

Below my settings and configs.

greetings
Gorosch

 

Quote

nextcloud.subdomain.conf:

 

server {
    listen 443 ssl;
    listen [::]:443 ssl;

    server_name cloud.*;

    include /config/nginx/ssl.conf;

    client_max_body_size 0;

    location / {
        include /config/nginx/proxy.conf;
        resolver 127.0.0.11 valid=30s;
        set $upstream_nextcloud nextcloud;
        proxy_max_temp_file_size 2048m;
        proxy_pass https://$upstream_nextcloud:443;
    }
}

 

 

Quote

Nextcloud config.php

 

  array (
    0 => '192.168.1.2:444',
    1 => 'cloud.insertanydomain.de',
  ),
  'trusted_proxies' => 'letsencrypt',   <<== New entry. Without this also no change in this problem
  'overwrite.cli.url' => 'https://cloud.insertanydomain.de',
   'overwritehost' => 'cloud.insertanydomain.de',
  'overwriteprotocol' => 'https',

 

No further files were modified

 

03.JPG

04.JPG

05.JPG

Edited by Gorosch

Hi Guys,

 

Looking for a bit of direction with adding a website I access on another computer in my local network.

I have the letsencrypt docker setup and working to access a few other dockers, like ombi & sonarr and everything works great. Now, I have another computer (is actually a windows VM on another unraid server) that hosts a webpage that me and a couple of ppl have acess to. Currently, I just port forward and use a complex password. I would rather close the port, and use letsencrypt to handle the access. Is it possible?

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.

Guest
Reply to this topic...

Account

Navigation

Search

Search

Configure browser push notifications

Chrome (Android)
  1. Tap the lock icon next to the address bar.
  2. Tap Permissions → Notifications.
  3. Adjust your preference.
Chrome (Desktop)
  1. Click the padlock icon in the address bar.
  2. Select Site settings.
  3. Find Notifications and adjust your preference.