jortan Posted July 9, 2021 Share Posted July 9, 2021 (edited) 5 hours ago, saarg said: If it doesn't have .sample at the end you have enabled it at one point. Nope, mine was also youtube-dl.subfolder.conf and I know I never enabled this as I only use *.subdomain.conf I think somehow in a previous version of swag docker a non-sample conf must have been pushed out. Possibly even from back before this docker was renamed? edit: judging by the file date, this happened early July 2020. Edited July 9, 2021 by jortan Quote Link to comment
J05u Posted July 9, 2021 Share Posted July 9, 2021 (edited) Hello, Any idea what need to be changed in new sonarr conf ? So far i am getting 502 bad gateway error nginx/1.20.1 for my sonarr subdomain I managed to make bitwarden working, now trying to make sonarr alive Edited July 9, 2021 by J05u Quote Link to comment
saarg Posted July 9, 2021 Share Posted July 9, 2021 2 hours ago, J05u said: Hello, Any idea what need to be changed in new sonarr conf ? So far i am getting 502 bad gateway error nginx/1.20.1 for my sonarr subdomain I managed to make bitwarden working, now trying to make sonarr alive The upstream_app name doesn't match your container name or swag and sonarr is not in the same custom bridge Quote Link to comment
gulo Posted July 10, 2021 Share Posted July 10, 2021 Hello, Sorry I am total noob, I have been using Nginx Proxy Manger for a long time and all of sudden it won't renew my certificates for some reason. So I installed Swag. I think I got the certificate and the ports set up properly because when I go to my subdomain bi.xxxx.com it does open page saying "Welcome to your SWAG instance" However I can't figure out how to make it forward to my Blue Iris IP running on a Unraid VM as it used to with Nginx. I understand I need to create xxx.subdomain.conf file but I don't know how to make it work. I found a .conf file from my nginx docker but the format seems to be different? This is what the old one looked like: server { set $forward_scheme https; set $server "192.168.1.31"; set $port 7968; listen 8080; listen [::]:8080; server_name bi.redacted.us; access_log /data/logs/proxy_host-1.log proxy; location / { # Proxy! include conf.d/include/proxy.conf; } # Custom include /data/nginx/custom/server_proxy[.]conf; } I just need it to forward to 192.168.1.31:7968 Any ideas what the swag conf file should look like? Thanks! Quote Link to comment
gulo Posted July 10, 2021 Share Posted July 10, 2021 OK, I *think* it works now. Can anyone take a look and see if I am missing anything? Anything I should add to make it safer? Thanks server { listen 443 ssl; listen [::]:443 ssl; server_name bi.*; include /config/nginx/ssl.conf; client_max_body_size 0; location / { include /config/nginx/proxy.conf; include /config/nginx/resolver.conf; set $upstream_app 192.168.1.31; set $upstream_port 7968; set $upstream_proto http; proxy_pass $upstream_proto://$upstream_app:$upstream_port; proxy_set_header Range $http_range; proxy_set_header If-Range $http_if_range; } } Quote Link to comment
joshallen2k Posted July 10, 2021 Share Posted July 10, 2021 On 7/7/2021 at 10:10 PM, joshallen2k said: Hi all - I'm having difficulty troubleshooting what looks like a port forwarding issue. My SWAG reverse proxy was working fine until a week ago. I was getting BTRFS errors in my docker.img, so deleted it and created from new. After reloading my apps, I noticed my reverse proxy was not working anymore. In my SWAG logs, I saw this error: int: The Certificate Authority failed to download the challenge files from the temporary standalone webserver started by Certbot on port 80. Ensure that the listed domains point to this machine and that it can accept inbound connections from the internet. Some challenges have failed. Ask for help or search for solutions at https://community.letsencrypt.org. See the logfile /var/log/letsencrypt/letsencrypt.log or re-run Certbot with -v for more details. ERROR: Cert does not exist! Please see the validation error above. The issue may be due to incorrect dns or port forwarding settings. Please fix your settings and recreate the container My port forwarding seemed to be correct for port 80 (to 180) and port 443 (to 1443) as per my SWAG docker template. I went to a number of port testing sites, and they all showed blocked for 80 and 443. So at this point I contacted my ISP (Bell Canada) and they said they have not changed anything. Where should I go now to figure this out? Thanks all. Any ideas here anyone? Or have I messed up some way in how I posted Quote Link to comment
alturismo Posted July 10, 2021 Share Posted July 10, 2021 2 hours ago, joshallen2k said: Any ideas here anyone? Or have I messed up some way in how I posted ping SUB.MYDOMAIN.COM and check if dns fits andpoint to your external ip post a screen from your docker rules post a screen from your routers forwarding rules for swag ... Quote Link to comment
joshallen2k Posted July 10, 2021 Share Posted July 10, 2021 1 hour ago, alturismo said: ping SUB.MYDOMAIN.COM and check if dns fits andpoint to your external ip post a screen from your docker rules post a screen from your routers forwarding rules for swag ... Quote Link to comment
alturismo Posted July 10, 2021 Share Posted July 10, 2021 when i see your template, custom br:0 but no ip ... when your docker crashes it will also remove your custom ip setup ... Quote Link to comment
alturismo Posted July 10, 2021 Share Posted July 10, 2021 (edited) so, add your custom ip's again (dont forget the other reversed dockers ...) that should solve your issue and i meant "when your docker image crashes" ... custom bridge settings are gone and may your "old" forwarding to "ATLANTIS" doesnt fit anymore as the ip may changed may ping ATLANTIS and see if the internal ip still fits for your forwarding Edited July 10, 2021 by alturismo Quote Link to comment
turnipisum Posted July 10, 2021 Share Posted July 10, 2021 What gives with the last update adding youtube-dl.subfolder.conf and swag doesn't start saying duplicate .conf. Quote Link to comment
joshallen2k Posted July 10, 2021 Share Posted July 10, 2021 11 hours ago, alturismo said: so, add your custom ip's again (dont forget the other reversed dockers ...) that should solve your issue and i meant "when your docker image crashes" ... custom bridge settings are gone and may your "old" forwarding to "ATLANTIS" doesnt fit anymore as the ip may changed may ping ATLANTIS and see if the internal ip still fits for your forwarding Thanks for the reply. I double checked my WAN IP and its fine. For some reason my router when I specify an IP it resolves to the host name. WHat I'm unsure of is where you say to add my custom IP's again in the SWAG template. I don't think I specified anything there before. What should it be? Quote Link to comment
saarg Posted July 10, 2021 Share Posted July 10, 2021 3 hours ago, turnipisum said: What gives with the last update adding youtube-dl.subfolder.conf and swag doesn't start saying duplicate .conf. Check the recent posts for the solution. The last update did not add the youtube-dl.subfolder.conf. That happened last year. 1 Quote Link to comment
turnipisum Posted July 10, 2021 Share Posted July 10, 2021 17 minutes ago, saarg said: Check the recent posts for the solution. The last update did not add the youtube-dl.subfolder.conf. That happened last year. Yeah i have sorted it. But update must of done it because i had youtube-dl.subfolder.conf and youtube-dl.subfolder.conf.sample in the folder! i've not touched it since installing it! 1 Quote Link to comment
alturismo Posted July 10, 2021 Share Posted July 10, 2021 3 hours ago, joshallen2k said: Thanks for the reply. I double checked my WAN IP and its fine. For some reason my router when I specify an IP it resolves to the host name. WHat I'm unsure of is where you say to add my custom IP's again in the SWAG template. I don't think I specified anything there before. What should it be? when using custom br0 most likely to assign static ip's for the docker(s) in your home net like 192.168.1.0/24 in terms you stay on dhcp, your port forwarding goes to ATLANTIS, now, when u ping ATLANTIS locally, does it resolve to your swag ip ? your swag docker will have its own ip in the subnet like 192.168.2.25 as sample, so your port forwarding have to match it. as when your docker image crashes or you rebuild it, all network setups will also "reset", so may your swag docker will use a different local lan ip now, you can check in your docker tab on which ip swag is listening to ... and make sure your routers port forwarding for rules 80 and 443 are leading to 180 1443 to that local ip. Quote Link to comment
April29 Posted July 10, 2021 Share Posted July 10, 2021 Hello I installed Swag under docker to use Calibre-web with reverse proxy. The reverse proxy works very well with https://calibre.xxxx.com. I also want to use fail2ban but when I look in the calibre-web logs at the IP of the computer that connects I see the address of Swag docker (172.17.0.4) and not the IP of the remote computer. Thanks for your help Quote Link to comment
joshallen2k Posted July 11, 2021 Share Posted July 11, 2021 (edited) 3 hours ago, alturismo said: when using custom br0 most likely to assign static ip's for the docker(s) in your home net like 192.168.1.0/24 in terms you stay on dhcp, your port forwarding goes to ATLANTIS, now, when u ping ATLANTIS locally, does it resolve to your swag ip ? your swag docker will have its own ip in the subnet like 192.168.2.25 as sample, so your port forwarding have to match it. as when your docker image crashes or you rebuild it, all network setups will also "reset", so may your swag docker will use a different local lan ip now, you can check in your docker tab on which ip swag is listening to ... and make sure your routers port forwarding for rules 80 and 443 are leading to 180 1443 to that local ip. Thanks for the clarification, but I'm still having difficulty. With the setup in the screens below, the SWAG docker container fails to start with Execution Error 403. Note the fixed IP I specified in the template is the IP of my Unraid server (192.168.2.229). The IP of "ATLANTIS" is 192.168.2.229 Edited July 11, 2021 by joshallen2k added detail Quote Link to comment
alturismo Posted July 11, 2021 Share Posted July 11, 2021 (edited) 4 hours ago, joshallen2k said: Thanks for the clarification, but I'm still having difficulty. With the setup in the screens below, the SWAG docker container fails to start with Execution Error 403. Note the fixed IP I specified in the template is the IP of my Unraid server (192.168.2.229). The IP of "ATLANTIS" is 192.168.2.229 you cant assign it to the same ip as unraid has it already, change to bridge instead custom br0, then you dont have to worry about ip's and your docker port mappings are valid, also your other docker(s) then rather to bridge instead custom:br0, when i see what you try todo, i guess you didnt used custom:br0 before, you prolly either used bridge or may even did the proxynet bridge from the common tutorial video fro @SpaceInvaderOne which is also gone when your image broke and you have to start over ... you can pretty easy check how your configs look like, in bridge mode you cant use dockernames as targets ... Edited July 11, 2021 by alturismo Quote Link to comment
OdinEidolon Posted July 11, 2021 Share Posted July 11, 2021 SWAG stopped working for me, using duckdns. It worked OK for the last several months. I did not do any config change. Here's the docker log. Any idea? [cont-init.d] 10-adduser: exited 0. [cont-init.d] 20-config: executing... [cont-init.d] 20-config: exited 0. [cont-init.d] 30-keygen: executing... using keys found in /config/keys [cont-init.d] 30-keygen: exited 0. [cont-init.d] 50-config: executing... Variables set: PUID=99 PGID=100 TZ=Europe/Berlin URL=mydomain.duckdns.org SUBDOMAINS=wildcard EXTRA_DOMAINS= ONLY_SUBDOMAINS=true VALIDATION=duckdns CERTPROVIDER= DNSPLUGIN= EMAIL=mymail@mail.com STAGING=false grep: /config/nginx/resolver.conf: No such file or directory Setting resolver to 127.0.0.11 grep: /config/nginx/worker_processes.conf: No such file or directory Setting worker_processes to 4 Using Let's Encrypt as the cert provider SUBDOMAINS entered, processing Wildcard cert for only the subdomains of mydomain.duckdns.org will be requested E-mail address entered: mymail@mail.com duckdns validation is selected the resulting certificate will only cover the subdomains due to a limitation of duckdns, so it is advised to set the root location to use www.subdomain.duckdns.org Different validation parameters entered than what was used before. Revoking and deleting existing certificate, and an updated one will be created Saving debug log to /var/log/letsencrypt/letsencrypt.log No match found for cert-path /config/etc/letsencrypt/live/mydomain.duckdns.org/fullchain.pem! Ask for help or search for solutions at https://community.letsencrypt.org. See the logfile /var/log/letsencrypt/letsencrypt.log or re-run Certbot with -v for more details. Generating new certificate Saving debug log to /var/log/letsencrypt/letsencrypt.log Account registered. Requesting a certificate for *.mydomain.duckdns.org Hook '--manual-auth-hook' for mydomain.duckdns.org ran with output: OKsleeping 60 Hook '--manual-auth-hook' for mydomain.duckdns.org ran with error output: % Total % Received % Xferd Average Speed Time Time Time Current Dload Upload Total Spent Left Speed 0 0 0 0 0 0 0 0 --:--:-- --:--:-- --:--:-- 0 0 0 0 0 0 0 0 0 --:--:-- --:--:-- --:--:-- 0 100 2 0 2 0 0 3 0 --:--:-- --:--:-- --:--:-- 3 Certbot failed to authenticate some domains (authenticator: manual). The Certificate Authority reported these problems: Domain: mydomain.duckdns.org Type: dns Detail: DNS problem: SERVFAIL looking up TXT for _acme-challenge.mydomain.duckdns.org - the domain's nameservers may be malfunctioning Has anybody had any problem with duckdns recently? Of course I checked that all the settings, including the token, are correct. Quote Link to comment
joshallen2k Posted July 11, 2021 Share Posted July 11, 2021 11 hours ago, alturismo said: you cant assign it to the same ip as unraid has it already, change to bridge instead custom br0, then you dont have to worry about ip's and your docker port mappings are valid, also your other docker(s) then rather to bridge instead custom:br0, when i see what you try todo, i guess you didnt used custom:br0 before, you prolly either used bridge or may even did the proxynet bridge from the common tutorial video fro @SpaceInvaderOne which is also gone when your image broke and you have to start over ... you can pretty easy check how your configs look like, in bridge mode you cant use dockernames as targets ... Yes, it was the @SpaceInvaderOne tutorial that I originally used for the setup. I changed my network to bridge and had the same error. I just used the troubleshooting guide https://www.linuxserver.io/blog/2019-07-10-troubleshooting-letsencrypt-image-port-mapping-and-forwarding which suggests using the Nginx docker to test connectivity and forwarding. Using nginx seems to work - I can reach the standard web page, and when I use a port checker, port 80 and 443 are open/green. When I delete the nginx docker and launch swag (using the same port forward and network settings), then port 80/443 are showing up as closed. Quote Link to comment
luciaadr Posted July 11, 2021 Share Posted July 11, 2021 On 7/8/2021 at 1:10 PM, Yak said: I was also getting the error Which I thought odd as I've never setup youtube-dll. In the end I renamed youtube-dl.subfolder.conf to youtube-dl.subfolder.conf_BAK, restarted Swag and everything is back up and running normally Maybe in enabled this at some point, I don't recall, but I had the same error this weekend, only realising while away so I couldn't remote in to fix it.... I deleted the .conf (I've still got the .sample) and all good again. Thanks. Need to set up another method to connect! Quote Link to comment
Mihle Posted July 11, 2021 Share Posted July 11, 2021 (edited) On 7/8/2021 at 11:21 PM, saarg said: If it doesn't have .sample at the end you have enabled it at one point. I am getting the same error with youtube.dl but I know 100% sure I have never removed the sample on it, I dont even know what it is. I only use Swag with Nextcloud. Tho I see that that config was last updated summer 2020... Edited July 11, 2021 by Mihle Quote Link to comment
danioj Posted July 12, 2021 Share Posted July 12, 2021 I woke this morning to SWAG not working. In the log I get this: nginx: [emerg] "proxy_redirect" directive is duplicate in /config/nginx/proxy-confs/youtube-dl.subfolder.conf:22 youtube-dl.subfolder.conf in the proxy-confs is there without a .sample at the end. I did not change this. Quote Link to comment
BraveRu Posted July 12, 2021 Share Posted July 12, 2021 On 7/6/2018 at 6:47 PM, Tuumke said: Found the culprit. All the proxy-conf subfolder conf files have a /servicename and organizr just has the / what is that mean ? how can I fix this ? thank you firstly , I found once i unable "proxy_redirect" in the .conf file , "nginx: [emerg] duplicate location "/" in /config/nginx/site-confs/default:28" will happen . Quote Link to comment
OdinEidolon Posted July 12, 2021 Share Posted July 12, 2021 On 7/11/2021 at 1:18 PM, OdinEidolon said: SWAG stopped working for me, using duckdns. It worked OK for the last several months. I did not do any config change. Here's the docker log. Any idea? [cont-init.d] 10-adduser: exited 0. [cont-init.d] 20-config: executing... [cont-init.d] 20-config: exited 0. [cont-init.d] 30-keygen: executing... using keys found in /config/keys [cont-init.d] 30-keygen: exited 0. [cont-init.d] 50-config: executing... Variables set: PUID=99 PGID=100 TZ=Europe/Berlin URL=mydomain.duckdns.org SUBDOMAINS=wildcard EXTRA_DOMAINS= ONLY_SUBDOMAINS=true VALIDATION=duckdns CERTPROVIDER= DNSPLUGIN= EMAIL=mymail@mail.com STAGING=false grep: /config/nginx/resolver.conf: No such file or directory Setting resolver to 127.0.0.11 grep: /config/nginx/worker_processes.conf: No such file or directory Setting worker_processes to 4 Using Let's Encrypt as the cert provider SUBDOMAINS entered, processing Wildcard cert for only the subdomains of mydomain.duckdns.org will be requested E-mail address entered: mymail@mail.com duckdns validation is selected the resulting certificate will only cover the subdomains due to a limitation of duckdns, so it is advised to set the root location to use www.subdomain.duckdns.org Different validation parameters entered than what was used before. Revoking and deleting existing certificate, and an updated one will be created Saving debug log to /var/log/letsencrypt/letsencrypt.log No match found for cert-path /config/etc/letsencrypt/live/mydomain.duckdns.org/fullchain.pem! Ask for help or search for solutions at https://community.letsencrypt.org. See the logfile /var/log/letsencrypt/letsencrypt.log or re-run Certbot with -v for more details. Generating new certificate Saving debug log to /var/log/letsencrypt/letsencrypt.log Account registered. Requesting a certificate for *.mydomain.duckdns.org Hook '--manual-auth-hook' for mydomain.duckdns.org ran with output: OKsleeping 60 Hook '--manual-auth-hook' for mydomain.duckdns.org ran with error output: % Total % Received % Xferd Average Speed Time Time Time Current Dload Upload Total Spent Left Speed 0 0 0 0 0 0 0 0 --:--:-- --:--:-- --:--:-- 0 0 0 0 0 0 0 0 0 --:--:-- --:--:-- --:--:-- 0 100 2 0 2 0 0 3 0 --:--:-- --:--:-- --:--:-- 3 Certbot failed to authenticate some domains (authenticator: manual). The Certificate Authority reported these problems: Domain: mydomain.duckdns.org Type: dns Detail: DNS problem: SERVFAIL looking up TXT for _acme-challenge.mydomain.duckdns.org - the domain's nameservers may be malfunctioning Has anybody had any problem with duckdns recently? Of course I checked that all the settings, including the token, are correct. Does anybody have any hint about what's going on here? I do not understand ifthis is an issue on duckDNS's side or some configuration mishap. Quote Link to comment
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.