[Support] Linuxserver.io - SWAG - Secure Web Application Gateway (Nginx/PHP/Certbot/Fail2ban)


5634 posts in this topic Last Reply

Recommended Posts

1 hour ago, cybrnook said:

"The advantage of using this setup is that you benefit from Cloudflare fast DNS resolution and add an extra layer of security by hiding your server identity while ensuring that all the connections pass through Cloudflare. This prevents any malicious requests from reaching the server."

You can do this without their certs. I also like to use my site when cloudflare isnt working. 

Link to post
  • Replies 5.6k
  • Created
  • Last Reply

Top Posters In This Topic

Top Posters In This Topic

Popular Posts

I will only post this once. Feel free to refer folks to this post.   A few points of clarification:   The last update of this image didn't break things. Letsencrypt abruptly disabl

Application Name: SWAG - Secure Web Application Gateway Application Site:  https://docs.linuxserver.io/general/swag Docker Hub: https://hub.docker.com/r/linuxserver/swag Github: https:/

I don't need support.  I just wanted to say thanks for this container and its continuous maintenance.  I started with Aptalca's container then switched to the linuxserver.io container.  Its been close

Posted Images

Hi there. I have an issue with using the reverse proxy set up for nextcloud. In the nextcloud.subfolder.config it says:


 

## Version 2020/12/09
# Assuming this container is called "swag", edit your nextcloud container's config
# located at /config/www/nextcloud/config/config.php and add the following lines before the ");":
#  'trusted_proxies' => ['swag'],
#  'overwritewebroot' => '/nextcloud',
#  'overwrite.cli.url' => 'https://your-domain.com/nextcloud',
#
# Also don't forget to add your domain name to the trusted domains array. It should look somewhat like this:
#  array (
#    0 => '192.168.0.1:444', # This line may look different on your setup, don't modify it.
#    1 => 'your-domain.com',
#  ),

 

When I try to do this for my docker container of nextcloud, if the line 'overwritewebroot' => '/nextcloud', is inserted it prevents me from accessing nextcloud locallay - it says that "The page isn't redirecting properly". And when trying to access remotely SWAG displays "502 Bad Gateway".

 

My nextcloud config.php is as follows:

 

<?php
$CONFIG = array (
  'memcache.local' => '\\OC\\Memcache\\APCu',
  'datadirectory' => '/data',
  'instanceid' => 'xxxxx',
  'passwordsalt' => 'xxxxx',
  'secret' => 'xxxxx',
  'trusted_domains' => 
  array (
    0 => '192.168.1.123:12345',
	1 => 'MYSITE.duckdns.org',
  ),
  'dbtype' => 'mysql',
  'version' => '21.0.0.18',
  'overwrite.cli.url' => 'https://192.168.1.123:12345',
  'dbname' => 'nextcloud',
  'dbhost' => '192.168.1.123',
  'dbport' => '',
  'dbtableprefix' => 'oc_',
  'mysql.utf8mb4' => true,
  'dbuser' => 'nextcloud',
  'dbpassword' => 'xxxxx',
  'installed' => true,
  'trusted_proxies' => ['swag'],
  'overwritewebroot' => '/nextcloud',
  'overwrite.cli.url' => 'https://MYSITE.duckdns.org/nextcloud',
);

 

If you could give me some advice as to what I am doing wrong I would be really greateful.

Link to post
On 3/16/2021 at 5:30 PM, jonathanm said:

The container has a cron job to renew overnight, I can't remember the time, but I'm guessing it conflicts with your backup schedule.

 

Thanks for the info. Is there a way to manually confirm that your cert is up to date? 

Link to post
4 hours ago, adminmat said:

 

Thanks for the info. Is there a way to manually confirm that your cert is up to date? 

You can click the padlock in the browser when you are on a page hosted on your domain and check when it expires.

Link to post
20 minutes ago, saarg said:

You can click the padlock in the browser when you are on a page hosted on your domain and check when it expires.

Thanks. Mine still says it's expiring in a few days. Any idea how to force the renewal or check when the chron job is set to run? 

Link to post
14 hours ago, adminmat said:

Thanks. Mine still says it's expiring in a few days. Any idea how to force the renewal or check when the chron job is set to run? 

The Cron job runs every night at about 2.

You have to check the logs for why it's not renewing the certs. I think the log is named letsencrypt. Also restart the container and post the log. Be sure to redact domain and personal info.

Link to post

Hello friends,

 

I am looking for some help- I am very new to networking so apologies for dumb questions.

 

I had my private domain up and running flawlessly with a reverse proxy on my unraid server via swag and cloudflareddns. All of my intended subdomain/hosts were accessible over WAN which was incredible.

 

I unfortunately had a disk failure and had to shutdown my array to rebuild. I have the following script to run whenever I restart the array in order to rebuild my docker networks -> otherwise I lose custom br0 for all my containers.

 

rm /var/lib/docker/network/files/local-kv.db
/etc/rc.d/rc.docker restart

 

I subsequently recreated my proxy network via cmd as I had previously done.

 

docker network create ******

 

I started up cloudflareddns and swag without any noticeable log errors but unfortunately now I am getting ERROR 521 when trying to connect over WAN in the browser. Ive turned off all the proxys in cloudflare and purged the chache in cloudflare. When I make A names directly to my WAN IP I get "This site can't be reached".

 

I've done everything short of just shutting down the array/rebooting the server. Not sure where along restarting my array things broke. There's unfortunatley not a lot of information regarding error 521 and the one or two threads addressing this error seem to thing its on cloudflare's end?

 

I am going to hard reset the server once my drive is rebuilt.

 

I sincerely appreciate anyones input/help on the matter.

 

James

 

 

 

halo-diagnostics-20210320-1246.zip

 

Edited by Roma4593
Link to post
5 hours ago, saarg said:

The Cron job runs every night at about 2.

You have to check the logs for why it's not renewing the certs. I think the log is named letsencrypt. Also restart the container and post the log. Be sure to redact domain and personal info.

 

I found in the log that it was not resolving the DNS for server.mydomain.com (example). I didnt have "server" added as a Cname. Only Nextcloud. I assume it needs this for the cert renewal. I So I added this within the Namecheap DNS section. (sorry I don't know the proper terminology here)  Now is there a way to manually renew or I just wat for the chron job at 2AM again? I confirmed that restarting the Swag container does not renew the cert. 

 

 

Edited by adminmat
Link to post
20 minutes ago, adminmat said:

Now is there a way to manually renew or I just wat for the chron job at 2AM again?

You can add or remove a subdomain to trigger the renewal process. If it fails again be sure to set the staging variable to "true", this will increase the rate limiting so you don't hit the limit when testing. Set it back to false when you have it working. 

Link to post
3 hours ago, strike said:

You can add or remove a subdomain to trigger the renewal process. If it fails again be sure to set the staging variable to "true", this will increase the rate limiting so you don't hit the limit when testing. Set it back to false when you have it working. 

ok, looks like it issued the new cert. I just removed the "server" domain and changed to True. Applied. Then re-added "server" changed back to false and applied. Thanks 

Link to post
On 3/19/2021 at 5:44 PM, SimplePete said:

Hi there. I have an issue with using the reverse proxy set up for nextcloud. In the nextcloud.subfolder.config it says:


 


## Version 2020/12/09
# Assuming this container is called "swag", edit your nextcloud container's config
# located at /config/www/nextcloud/config/config.php and add the following lines before the ");":
#  'trusted_proxies' => ['swag'],
#  'overwritewebroot' => '/nextcloud',
#  'overwrite.cli.url' => 'https://your-domain.com/nextcloud',
#
# Also don't forget to add your domain name to the trusted domains array. It should look somewhat like this:
#  array (
#    0 => '192.168.0.1:444', # This line may look different on your setup, don't modify it.
#    1 => 'your-domain.com',
#  ),

 

When I try to do this for my docker container of nextcloud, if the line 'overwritewebroot' => '/nextcloud', is inserted it prevents me from accessing nextcloud locallay - it says that "The page isn't redirecting properly". And when trying to access remotely SWAG displays "502 Bad Gateway".

 

My nextcloud config.php is as follows:

 


<?php
$CONFIG = array (
  'memcache.local' => '\\OC\\Memcache\\APCu',
  'datadirectory' => '/data',
  'instanceid' => 'xxxxx',
  'passwordsalt' => 'xxxxx',
  'secret' => 'xxxxx',
  'trusted_domains' => 
  array (
    0 => '192.168.1.123:12345',
	1 => 'MYSITE.duckdns.org',
  ),
  'dbtype' => 'mysql',
  'version' => '21.0.0.18',
  'overwrite.cli.url' => 'https://192.168.1.123:12345',
  'dbname' => 'nextcloud',
  'dbhost' => '192.168.1.123',
  'dbport' => '',
  'dbtableprefix' => 'oc_',
  'mysql.utf8mb4' => true,
  'dbuser' => 'nextcloud',
  'dbpassword' => 'xxxxx',
  'installed' => true,
  'trusted_proxies' => ['swag'],
  'overwritewebroot' => '/nextcloud',
  'overwrite.cli.url' => 'https://MYSITE.duckdns.org/nextcloud',
);

 

If you could give me some advice as to what I am doing wrong I would be really greateful.

I'm having the exact same problem!

SWAG is working for me with the emby and plex docker, but I can't get nextcloud to work. I'm always getting a "502 Bad Gateway" error. I tried it on different computers and on mobile, so it shouldn't be my router or browser causing this..

Does anyone have an idea how to fix this?

Link to post
11 hours ago, Asgart said:

I'm having the exact same problem!

SWAG is working for me with the emby and plex docker, but I can't get nextcloud to work. I'm always getting a "502 Bad Gateway" error. I tried it on different computers and on mobile, so it shouldn't be my router or browser causing this..

Does anyone have an idea how to fix this?

Swag can't connect to nextcloud, so it's probably not on the same custom bridge.

Link to post
35 minutes ago, saarg said:

Swag can't connect to nextcloud, so it's probably not on the same custom bridge.

Hi, that's not it. I created a custom bridge where swag, emby, plex and nextcloud are running on. The other dockers are working fine, just nextcloud just isn't working. It definitely is on the same custom bridge.

Link to post
23 minutes ago, Asgart said:

Hi, that's not it. I created a custom bridge where swag, emby, plex and nextcloud are running on. The other dockers are working fine, just nextcloud just isn't working. It definitely is on the same custom bridge.

Have you modified the proxy conf or changed the container name?

Link to post
3 hours ago, saarg said:

Have you modified the proxy conf or changed the container name?

Yes, basically what I did, was changing the container name of the 'swag' container to 'JulianSeidel'.

 

I'm just gonna post a few screenshots here..

 

These are my 'swag' container settings:

1081701850_swagcontainer.thumb.png.fd76a288d6ecc20dd407107513d3a6b1.png

 

This is my 'nextcloud' container:

1427884111_nextcloudcontainer.thumb.png.4b98e5fdb39d82b7a61db0d4d8248b46.png

 

Then I went into the appdata\swag\nginx\proxy-confs folder to edit the nextcloud.subdomain.conf file (while erasing the .sample to make it a .conf file):

# make sure that your dns has a cname set for nextcloud
# assuming this container is called "swag", edit your nextcloud container's config
# located at /config/www/nextcloud/config/config.php and add the following lines before the ");":
#  'trusted_proxies' => ['swag'],
#  'overwrite.cli.url' => 'https://nextcloud.your-domain.com/',
#  'overwritehost' => 'nextcloud.your-domain.com',
#  'overwriteprotocol' => 'https',
#
# Also don't forget to add your domain name to the trusted domains array. It should look somewhat like this:
#  array (
#    0 => '192.168.0.1:444', # This line may look different on your setup, don't modify it.
#    1 => 'nextcloud.your-domain.com',
#  ),

server {
    listen 443 ssl;
    listen [::]:443 ssl;

    server_name nextcloud.*;

    include /config/nginx/ssl.conf;

    client_max_body_size 0;

    location / {
        include /config/nginx/proxy.conf;
        resolver 127.0.0.11 valid=30s;
        set $upstream_app nextcloud;
        set $upstream_port 444;
        set $upstream_proto http;
        proxy_pass $upstream_proto://$upstream_app:$upstream_port;

        proxy_max_temp_file_size 2048m;
    }
}

 

I also went into the appdata\nextcloud\www\nextcloud\config folder to edit the config.php file (I changed my personal data to xxx for this showcase):

<?php
$CONFIG = array (
  'memcache.local' => '\\OC\\Memcache\\APCu',
  'datadirectory' => '/data',
  'instanceid' => 'oc82pfr3kbbl',
  'passwordsalt' => 'jlLdTzjYNONZ3/pf6skVd7YiwRTW/Z',
  'secret' => 'D32AynuD7qIf5+CBT/KrckjYiiPICbVog96kxzQ8SJjnnhJo',
  'trusted_domains' => 
  array (
    0 => '192.168.178.46:444',
	1 => 'nextcloud.xxx.net',
  ),
  'dbtype' => 'mysql',
  'version' => '21.0.0.18',
  'trusted_proxies' =>
  array (
    0 => 'JulianSeidel',
  ),
  'overwrite.cli.url' => 'https://nextcloud.xxx.net/',
  'overwritehost' => 'nextcloud.xxx.net',
  'overwriteprotocol' => 'https',
  'dbname' => 'nextcloud',
  'dbhost' => '192.168.178.46:3306',
  'dbport' => '',
  'dbtableprefix' => 'oc_',
  'mysql.utf8mb4' => true,
  'dbuser' => 'nextcloud',
  'dbpassword' => 'xxx',
  'installed' => true,
);

 

The subdomain is pingable, so I think that should not be the problem. The plex and emby docker are working fine with their own subdomains, but if I try to reach nextcloud, I'm always getting a "502 Bad Gateway  nginx/1.18.0" error message..

 

I'm really at a loss here :(

Link to post
4 hours ago, Asgart said:

Yes, basically what I did, was changing the container name of the 'swag' container to 'JulianSeidel'.

 

I'm just gonna post a few screenshots here..

 

These are my 'swag' container settings:

1081701850_swagcontainer.thumb.png.fd76a288d6ecc20dd407107513d3a6b1.png

 

This is my 'nextcloud' container:

1427884111_nextcloudcontainer.thumb.png.4b98e5fdb39d82b7a61db0d4d8248b46.png

 

Then I went into the appdata\swag\nginx\proxy-confs folder to edit the nextcloud.subdomain.conf file (while erasing the .sample to make it a .conf file):



# make sure that your dns has a cname set for nextcloud
# assuming this container is called "swag", edit your nextcloud container's config
# located at /config/www/nextcloud/config/config.php and add the following lines before the ");":
#  'trusted_proxies' => ['swag'],
#  'overwrite.cli.url' => 'https://nextcloud.your-domain.com/',
#  'overwritehost' => 'nextcloud.your-domain.com',
#  'overwriteprotocol' => 'https',
#
# Also don't forget to add your domain name to the trusted domains array. It should look somewhat like this:
#  array (
#    0 => '192.168.0.1:444', # This line may look different on your setup, don't modify it.
#    1 => 'nextcloud.your-domain.com',
#  ),

server {
    listen 443 ssl;
    listen [::]:443 ssl;

    server_name nextcloud.*;

    include /config/nginx/ssl.conf;

    client_max_body_size 0;

    location / {
        include /config/nginx/proxy.conf;
        resolver 127.0.0.11 valid=30s;
        set $upstream_app nextcloud;
        set $upstream_port 444;
        set $upstream_proto http;
        proxy_pass $upstream_proto://$upstream_app:$upstream_port;

        proxy_max_temp_file_size 2048m;
    }
}

 

I also went into the appdata\nextcloud\www\nextcloud\config folder to edit the config.php file (I changed my personal data to xxx for this showcase):



<?php
$CONFIG = array (
  'memcache.local' => '\\OC\\Memcache\\APCu',
  'datadirectory' => '/data',
  'instanceid' => 'oc82pfr3kbbl',
  'passwordsalt' => 'jlLdTzjYNONZ3/pf6skVd7YiwRTW/Z',
  'secret' => 'D32AynuD7qIf5+CBT/KrckjYiiPICbVog96kxzQ8SJjnnhJo',
  'trusted_domains' => 
  array (
    0 => '192.168.178.46:444',
	1 => 'nextcloud.xxx.net',
  ),
  'dbtype' => 'mysql',
  'version' => '21.0.0.18',
  'trusted_proxies' =>
  array (
    0 => 'JulianSeidel',
  ),
  'overwrite.cli.url' => 'https://nextcloud.xxx.net/',
  'overwritehost' => 'nextcloud.xxx.net',
  'overwriteprotocol' => 'https',
  'dbname' => 'nextcloud',
  'dbhost' => '192.168.178.46:3306',
  'dbport' => '',
  'dbtableprefix' => 'oc_',
  'mysql.utf8mb4' => true,
  'dbuser' => 'nextcloud',
  'dbpassword' => 'xxx',
  'installed' => true,
);

 

The subdomain is pingable, so I think that should not be the problem. The plex and emby docker are working fine with their own subdomains, but if I try to reach nextcloud, I'm always getting a "502 Bad Gateway  nginx/1.18.0" error message..

 

I'm really at a loss here :(

You are changing things you should not change. Change the port back to 443 and protocol to https in the proxy conf.

Edited by saarg
Link to post

Hi,

 

I had issue with my unraid server (lost docker image). I restored all my containers but I don't know why swag become problematic (more than other). 

Looking at the logs I see this:

 

Quote

Requesting a certificate for *.xxxxxxxxxxx.it
An unexpected error occurred:
There were too many requests of a given type :: Error creating new order :: too many certificates already issued for exact set of domains: *.xxxxxxxxxxxx.it: see https://letsencrypt.org/docs/rate-limits/
Please see the logfiles in /var/log/letsencrypt for more details.
ERROR: Cert does not exist! Please see the validation error above. Make sure you entered correct credentials into the /config/dns-conf/cloudflare.ini file.

 

It seems that I've been temporary banned and I have to wait a week to rehave a working certificate (doh!). 

 

But I was wondering if this has consequencies for nginx because I cannot longer login from outside world to my services.

 

Can someone confirm or disconfirm?

 

There's some workaround for this? I "need" access to some services (nextcloud for example) and waiting a week can be problematic.

 

Thank you all in advance!

 

 

Link to post
27 minutes ago, Jokerigno said:

Hi,

 

I had issue with my unraid server (lost docker image). I restored all my containers but I don't know why swag become problematic (more than other). 

Looking at the logs I see this:

 

 

It seems that I've been temporary banned and I have to wait a week to rehave a working certificate (doh!). 

 

But I was wondering if this has consequencies for nginx because I cannot longer login from outside world to my services.

 

Can someone confirm or disconfirm?

 

There's some workaround for this? I "need" access to some services (nextcloud for example) and waiting a week can be problematic.

 

Thank you all in advance!

 

 

There is no workaround. You have exceeded the limit because you have tried too many times. You should have enabled staging to test getting the certs.

You could use a duckdns domain until your domain is not banned anymore.

Link to post
37 minutes ago, saarg said:

There is no workaround. You have exceeded the limit because you have tried too many times. You should have enabled staging to test getting the certs.

You could use a duckdns domain until your domain is not banned anymore.

Hi, well I didn't know that restoring a container with same appdata could lead to this.

 

Just for anyone who can be interested in this using staging true and setting cloudflare Full SSL instead of Full SSL (Strict) allow nginx to start and services become available again.

 

I will remember to revert staging and SSL in a week.

 

 

Edited by Jokerigno
Link to post

Hi All

 

Not sure this is possible using SWAG but here it goes... ;-)

I have installed the MineOS docker for Minecraft servers and on one of these servers I have a webserver running "Dynmap" rendering a full map of the Minecraft server (Since this is just a view I would like this accessible on the web)

 

But when I point to the "MineOS" which also have a webser UI !!

I cant connect to the Dynmap on port 25568

Any way to use swag without pointing to a specific docker?

 

So far I have used this conf for my sub domian map.domain.com and I can see in the log that the cert. is OK

 

server {
    listen 443 ssl;
    listen [::]:443 ssl;

    server_name map.*;

    include /config/nginx/ssl.conf;

    client_max_body_size 0;

    location / {
        include /config/nginx/proxy.conf;
        resolver 127.0.0.11 valid=30s;
        set $upstream_app MineOS-node;
        set $upstream_port 25568;
        set $upstream_proto http;
        proxy_pass $upstream_proto://$upstream_app:$upstream_port;

        proxy_set_header Range $http_range;
        proxy_set_header If-Range $http_if_range;
		
   }
}

 

 

Link to post
21 hours ago, Jokerigno said:

Hi, well I didn't know that restoring a container with same appdata could lead to this.

 

Just for anyone who can be interested in this using staging true and setting cloudflare Full SSL instead of Full SSL (Strict) allow nginx to start and services become available again.

 

I will remember to revert staging and SSL in a week.

 

 

Simply restoring the appdata should not lead to this. But with the limited info you supplied, it's hard to say what happened.

Link to post
7 hours ago, casperse said:

Hi All

 

Not sure this is possible using SWAG but here it goes... ;-)

I have installed the MineOS docker for Minecraft servers and on one of these servers I have a webserver running "Dynmap" rendering a full map of the Minecraft server (Since this is just a view I would like this accessible on the web)

 

But when I point to the "MineOS" which also have a webser UI !!

I cant connect to the Dynmap on port 25568

Any way to use swag without pointing to a specific docker?

 

So far I have used this conf for my sub domian map.domain.com and I can see in the log that the cert. is OK

 


server {
    listen 443 ssl;
    listen [::]:443 ssl;

    server_name map.*;

    include /config/nginx/ssl.conf;

    client_max_body_size 0;

    location / {
        include /config/nginx/proxy.conf;
        resolver 127.0.0.11 valid=30s;
        set $upstream_app MineOS-node;
        set $upstream_port 25568;
        set $upstream_proto http;
        proxy_pass $upstream_proto://$upstream_app:$upstream_port;

        proxy_set_header Range $http_range;
        proxy_set_header If-Range $http_if_range;
		
   }
}

 

 

You have to point it to something, or else nginx doesn't know where to send the traffic.

Link to post
20 hours ago, saarg said:

You have to point it to something, or else nginx doesn't know where to send the traffic.

Looking into the logs it dosent even seem like it is reading the file?

 

I have updated it to this:

server {
    listen 443 ssl;
    listen [::]:443 ssl;

    server_name map.*;

    include /config/nginx/ssl.conf;

    client_max_body_size 0;

    # enable for ldap auth, fill in ldap details in ldap.conf
    #include /config/nginx/ldap.conf;

    location / {
        # enable the next two lines for http auth
        #auth_basic "Restricted";
        #auth_basic_user_file /config/nginx/.htpasswd;

        # enable the next two lines for ldap auth
        #auth_request /auth;
        #error_page 401 =200 /login;

        include /config/nginx/proxy.conf;
        resolver 127.0.0.11 valid=30s;
        set $upstream_app MineOS-node;
        set $upstream_port 25568;
        set $upstream_proto http;
        proxy_pass $upstream_proto://$upstream_app:$upstream_port;

    }

    location ~ (/MineOS-node)?/api {
        include /config/nginx/proxy.conf;
        resolver 127.0.0.11 valid=30s;
        set $upstream_app MineOS-node;
        set $upstream_port 25568;
        set $upstream_proto http;
        proxy_pass $upstream_proto://$upstream_app:$upstream_port;

    }
}

 

Should the     location ~ (/MineOS-node)?/api {

 

Be replaced with the local IP:PORT? sorry I have 8 different dockers working with SWAG but this one eludes me ;-)

Link to post
On 3/21/2021 at 10:33 AM, saarg said:

Swag can't connect to nextcloud, so it's probably not on the same custom bridge.

Thank you! I changed the bridge in the docker for the nextcloud container and upon restart it worked. I can now access it remotely, however I cannot seem to get it to work locally however. When I go the corect IP in firefox it tells me "The page isn't redirecting properly". I have changed in the config to add to the array the IP: '192.168.1.*' but still no luck.

Do you have any suggestions as to what is causing this?

Link to post
2 hours ago, casperse said:

Looking into the logs it dosent even seem like it is reading the file?

 

I have updated it to this:


server {
    listen 443 ssl;
    listen [::]:443 ssl;

    server_name map.*;

    include /config/nginx/ssl.conf;

    client_max_body_size 0;

    # enable for ldap auth, fill in ldap details in ldap.conf
    #include /config/nginx/ldap.conf;

    location / {
        # enable the next two lines for http auth
        #auth_basic "Restricted";
        #auth_basic_user_file /config/nginx/.htpasswd;

        # enable the next two lines for ldap auth
        #auth_request /auth;
        #error_page 401 =200 /login;

        include /config/nginx/proxy.conf;
        resolver 127.0.0.11 valid=30s;
        set $upstream_app MineOS-node;
        set $upstream_port 25568;
        set $upstream_proto http;
        proxy_pass $upstream_proto://$upstream_app:$upstream_port;

    }

    location ~ (/MineOS-node)?/api {
        include /config/nginx/proxy.conf;
        resolver 127.0.0.11 valid=30s;
        set $upstream_app MineOS-node;
        set $upstream_port 25568;
        set $upstream_proto http;
        proxy_pass $upstream_proto://$upstream_app:$upstream_port;

    }
}

 

Should the     location ~ (/MineOS-node)?/api {

 

Be replaced with the local IP:PORT? sorry I have 8 different dockers working with SWAG but this one eludes me ;-)

upstream_app needs to be all lowercase, so you need to change the container name.

 

I have no idea about the location part as I'm no nginx wizard.

Link to post

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.

Guest
Reply to this topic...

×   Pasted as rich text.   Restore formatting

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.