Skip to content
View in the app

A better way to browse. Learn more.

Unraid

A full-screen app on your home screen with push notifications, badges and more.

To install this app on iOS and iPadOS
  1. Tap the Share icon in Safari
  2. Scroll the menu and tap Add to Home Screen.
  3. Tap Add in the top-right corner.
To install this app on Android
  1. Tap the 3-dot menu (⋮) in the top-right corner of the browser.
  2. Tap Add to Home screen or Install app.
  3. Confirm by tapping Install.

[Support] Linuxserver.io - SWAG - Secure Web Application Gateway (Nginx/PHP/Certbot/Fail2ban)

Featured Replies

Has anyone modified the index.html file in the www folder?

 

I was thinking of making landing page which would list out all of my dockers with links which are behind the reverse proxy.

 

Has anyone done anything similar?

Edited by Living Legend

  • Replies 6.2k
  • Views 1.5m
  • Created
  • Last Reply

Top Posters In This Topic

Most Popular Posts

  • Confirming this worked for me too. Not sure I needed to replace both, but I did anyway and Swag and Nextcloud are both back and up and running. For noobs like me, here's what I did: 1. Stop

  • I will only post this once. Feel free to refer folks to this post.   A few points of clarification:   The last update of this image didn't break things. Letsencrypt abruptly disabl

  • BigBoyMarky
    BigBoyMarky

    I replaced both the ssl.conf and nginx.conf files with the sample ones to update them since I did not make any custom modifications to either one of those and this resolved my issue.

Posted Images

Has anyone modified the index.html file in the www folder?
 
I was thinking of making landing page which would list out all of my dockers with links which are behind the reverse proxy.
 
Has anyone done anything similar?

www.html5up.net has awesome html5 templates. I use one of them as the landing page
9 hours ago, aptalca said:


www.html5up.net has awesome html5 templates. I use one of them as the landing page

 

Bootstrap frameworks, especially on preconfigured templates definitely make landing page creation pretty simple these days.

 

If you ever have time I'd be interested in a seeing a screenshot of yours.  What does yours do?  I assume it's basically a list of images/links to yoru dockers?  Or is it detailed enough where your'e accessing some of the docker's APIs and you're actually getting a compilation of some live data from any of the dockers?

 
Bootstrap frameworks, especially on preconfigured templates definitely make landing page creation pretty simple these days.
 
If you ever have time I'd be interested in a seeing a screenshot of yours.  What does yours do?  I assume it's basically a list of images/links to yoru dockers?  Or is it detailed enough where your'e accessing some of the docker's APIs and you're actually getting a compilation of some live data from any of the dockers?

Nothing fancy, just a list of links to various webguis on a pretty looking page

I've just done it with a very simple html5 menu, works great.

 
Bootstrap frameworks, especially on preconfigured templates definitely make landing page creation pretty simple these days.
 
If you ever have time I'd be interested in a seeing a screenshot of yours.  What does yours do?  I assume it's basically a list of images/links to yoru dockers?  Or is it detailed enough where your'e accessing some of the docker's APIs and you're actually getting a compilation of some live data from any of the dockers?

You could always use htpcmanager docker and have that as your main page.
7 hours ago, dmacias said:


You could always use htpcmanager docker and have that as your main page.

 

How would you do this?  Use some sort of redirect?

So, I am trying to figure out when I am on my local network and I go to blah.duckdns.org/sonarr it doesn't take me to sonarr, it just takes me to the default 443 lets encrypt page.  I have to be missing something in the setup.

2 hours ago, Living Legend said:

 

How would you do this?  Use some sort of redirect?

Yes. There's a few different ways but you could do something like this.

    location ~ ^/$ {
        return 301 /htpc;
    }

    location /htpc {
        include /config/nginx/proxy.conf;
        proxy_pass http://192.168.69.1:8085/htpc;
    }

 

So, I am trying to figure out when I am on my local network and I go to blah.duckdns.org/sonarr it doesn't take me to sonarr, it just takes me to the default 443 lets encrypt page.  I have to be missing something in the setup.

What is your setup?
# main server block
server {
	listen 443 ssl default_server;
	listen 80 default_server;
	
	root /config/www;
	index index.html index.htm index.php;

	server_name blah.duckdns.org;
	


	ssl_certificate /config/keys/letsencrypt/fullchain.pem;
	ssl_certificate_key /config/keys/letsencrypt/privkey.pem;
	ssl_dhparam /config/nginx/dhparams.pem;
	ssl_ciphers 'ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES256-GCM-SHA384:DHE-RSA-AES128-GCM-SHA256:DHE-DSS-AEA';
	ssl_prefer_server_ciphers on;

	client_max_body_size 0;
	#Muximux

	location ~ \.php$ {
		fastcgi_split_path_info ^(.+\.php)(/.+)$;
		# With php7-cgi alone:
		fastcgi_pass 127.0.0.1:9000;
		# With php7-fpm:
		#fastcgi_pass unix:/var/run/php7-fpm.sock;
		fastcgi_index index.php;
		include /etc/nginx/fastcgi_params;
	}

	#Sonarr
	location ^~ /sonarr {
		auth_basic "Restricted";
		auth_basic_user_file /config/nginx/.htpasswd;
		include /config/nginx/proxy.conf;
		proxy_pass http://192.168.10.100:8989/sonarr;
	}
	
	
}

Just trying to get Sonarr to work right now, will work through the rest later.  Wanted Muximux, Radarr, Deluge, Plex and Ombi, and then Guacamole if I could.

It was working with Sonarr from outside the network, but when I am local if I try to do blah.duckdns.org/sonarr It takes me to https://blah.duckdns.org/sonarr but I get the Welcome to our Server page.

8 minutes ago, theDrell said:

Just trying to get Sonarr to work right now, will work through the rest later.  Wanted Muximux, Radarr, Deluge, Plex and Ombi, and then Guacamole if I could.

It was working with Sonarr from outside the network, but when I am local if I try to do blah.duckdns.org/sonarr It takes me to https://blah.duckdns.org/sonarr but I get the Welcome to our Server page.

 

Have you gone into sonarr's settings and changed URL base to /sonarr

Edited by CHBMB

Yeah I have done that. Like I said works outside the network.   I'm guessing I need some redirect for internal

# main server blockserver {listen 443 ssl default_server;listen 80 default_server;root /config/www;index index.html index.htm index.php;server_name blah.duckdns.org;ssl_certificate /config/keys/letsencrypt/fullchain.pem;ssl_certificate_key /config/keys/letsencrypt/privkey.pem;ssl_dhparam /config/nginx/dhparams.pem;ssl_ciphers 'ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES256-GCM-SHA384:DHE-RSA-AES128-GCM-SHA256:DHE-DSS-AEA';ssl_prefer_server_ciphers on;client_max_body_size 0;#Muximuxlocation ~ \.php$ {	fastcgi_split_path_info ^(.+\.php)(/.+)$;	# With php7-cgi alone:	fastcgi_pass 127.0.0.1:9000;	# With php7-fpm:	#fastcgi_pass unix:/var/run/php7-fpm.sock;	fastcgi_index index.php;	include /etc/nginx/fastcgi_params;}#Sonarrlocation ^~ /sonarr {	auth_basic "Restricted";	auth_basic_user_file /config/nginx/.htpasswd;	include /config/nginx/proxy.conf;	proxy_pass http://192.168.10.100:8989/sonarr;}}

Just trying to get Sonarr to work right now, will work through the rest later.  Wanted Muximux, Radarr, Deluge, Plex and Ombi, and then Guacamole if I could.
It was working with Sonarr from outside the network, but when I am local if I try to do blah.duckdns.org/sonarr It takes me to https://blah.duckdns.org/sonarr but I get the Welcome to our Server page.


It's the space between ^~ /sonarr should be ^~/sonarr or just /sonarr should work
1 hour ago, theDrell said:

Yeah I have done that. Like I said works outside the network.   I'm guessing I need some redirect for internal

 

Internal should just work on http://192.168.10.100:8989/sonarr

1 minute ago, CHBMB said:

 

Internal should just work on http://192.168.10.100:8989/sonarr

I was trying to get the internal to work on https://blah.duckdns.org/sonarr as well.  Trying to make it wife friendly.

50 minutes ago, dmacias said:


It's the space between ^~ /sonarr should be ^~/sonarr or just /sonarr should work

OMG.  That fixed the internal issue.  Why it didn't seem to be an issue on the external, I will never know.

1 minute ago, theDrell said:

OMG.  That fixed the internal issue.  Why it didn't seem to be an issue on the external, I will never know.

Well, I also have this in the entry now too, so maybe it actually fixed it.

	proxy_set_header Host $host;
        proxy_set_header X-Real-IP $remote_addr;
        proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;

 

3 minutes ago, theDrell said:

Well, I also have this in the entry now too, so maybe it actually fixed it.


	proxy_set_header Host $host;
        proxy_set_header X-Real-IP $remote_addr;
        proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;

 

That's not required.

8 minutes ago, theDrell said:

I was trying to get the internal to work on https://blah.duckdns.org/sonarr as well.  Trying to make it wife friendly.

 

May be WAF but it means afaik that you're going out to the internet to come back to your LAN,  which seems a little excessive

 

OMG.  That fixed the internal issue.  Why it didn't seem to be an issue on the external, I will never know.

For the local lan issue you can add an entry to dnsmasq.conf for your router if available like this.

address=/blah.duckdns.org/192.168.10.100

May need to reboot the router. I've done this on tomato, ddwrt and merlin.

 

 

50 minutes ago, CHBMB said:

 

May be WAF but it means afaik that you're going out to the internet to come back to your LAN,  which seems a little excessive

 

WAF comes first, hoping that it doesn't add a lot to it.

 

Another question.  How do you setup Muximux to work ?

 

Only way I can get it to work is by passing in the muximux www folder as a path, and changing the root to that path.

 

I can't get it to work using the proxypass ip:port.  The login page comes up but when I try and login it goes to sub.domain.org/index.php which doesn't exist.

1 minute ago, theDrell said:

WAF comes first, hoping that it doesn't add a lot to it.

 

Another question.  How do you setup Muximux to work ?

 

Only way I can get it to work is by passing in the muximux www folder as a path, and changing the root to that path.

 

I can't get it to work using the proxypass ip:port.  The login page comes up but when I try and login it goes to sub.domain.org/index.php which doesn't exist.

I don't use Muximux

I got a question regarding fail2ban and my docker containers running behind nginx.

Am I right that I'm not able to setup any custom fail2ban filters here as my letsencrypt-nginx container obviously can't see any logfiles from other containers such as Emby or Nextcloud!?

As I understand the use of fail2ban here is that it's restricted to basic_auth only when used with Docker.

Is this correct or is there a way to get this working together with Emby for example?

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.

Guest
Reply to this topic...

Account

Navigation

Search

Search

Configure browser push notifications

Chrome (Android)
  1. Tap the lock icon next to the address bar.
  2. Tap Permissions → Notifications.
  3. Adjust your preference.
Chrome (Desktop)
  1. Click the padlock icon in the address bar.
  2. Select Site settings.
  3. Find Notifications and adjust your preference.