Jump to content

The Complete UnRAID reverse proxy, Duck DNS (dynamic dns) and letsencrypt guide


Recommended Posts

Posted

Hi, maybe a bit off-topic, but I hope you guys have a good opinion on this.

I am trying to "backup and document" my setup on Github.

Will the complete nginx reverse proxy config potentially reveal too much detail to share? subdomains/ports/forwards/ .....

Of course, I won't post the .htaccess file, but I wanted all other files there. *.conf and all site-confs/*

What do you think?

Posted

Can't think of much benefit to doing that.  I'm relying on CA Backup for this.

 

But if you do backup using Github and you use DNS verification, you'll want to exclude the file with your DNS provider API key.

  • 10 months later...
Posted (edited)

Could anyone be so kind as to help me with getting Grafana working behind this? I have Radarr and Sonarr working so LetsEncrypt side seems all good, I added a new line to my config for Nginx:

	location /grafana {
		include /config/nginx/proxy.conf;
		proxy_pass http://192.168.1.5:3000/;
  }

However I am not sure where to tell Grafana that it needs to use /grafana as I did for Sonarr and Radarr, looking online it seems to be I need to edit the grafana.ini file though I cannot find this! I am using the official Grafana docker. I may be missing something obvious but I am new to this so appreciate any help I may get! I

 

Thank you.

Edited by J89eu
Posted
2 hours ago, J89eu said:

Could anyone be so kind as to help me with getting Grafana working behind this? I have Radarr and Sonarr working so LetsEncrypt side seems all good, I added a new line to my config for Nginx:


	location /grafana {
		include /config/nginx/proxy.conf;
		proxy_pass http://192.168.1.5:3000/;
  }

However I am not sure where to tell Grafana that it needs to use /grafana as I did for Sonarr and Radarr, looking online it seems to be I need to edit the grafana.ini file though I cannot find this! I am using the official Grafana docker. I may be missing something obvious but I am new to this so appreciate any help I may get! I

 

Thank you.

https://grafana.com/docs/installation/behind_proxy/#examples-with-sub-path-ex-http-foo-bar-grafana

Posted (edited)
1 hour ago, J89eu said:

That's great though I can't find the grafana.ini file as I said in the original post.. I am not sure where it is on the unraid server.

This isn't really related to this post but even a quick google search shows that you need to map /etc/grafana/grafana.ini or maybe the whole /etc/grafana folder in the docker container to get to the grafana.ini file located at this location, maybe try asking for help in the grafana docker thread or github pages?

Edited by Fma965
  • 5 months later...
Posted

All,

 

I have gone over this thread many times - still can't get this to work. 😫

 

Tested with sonarr, radarr etc. just get the NGINX 404 page.

 

I think the problem is the section on PROXY_PASS. 

 

I don't understand what this is and what file I should be adding those lines to.....☹️

 

Can somebody tell me what file(s) I need to add these lines to?? I can't find anything on what this stuff is....

 

I am using the duckdns site and have a typical unraid installation.

 

Thought I knew a lot about unraid - apparently that isn't the case....😖

 

If anyone is around I would appreciate a "nudge" in the right direction.

 

Thanks in advance

 

 

 

 

Posted
7 hours ago, toolmanz said:

All,

 

I have gone over this thread many times - still can't get this to work. 😫

 

Tested with sonarr, radarr etc. just get the NGINX 404 page.

 

I think the problem is the section on PROXY_PASS. 

 

I don't understand what this is and what file I should be adding those lines to.....☹️

 

Can somebody tell me what file(s) I need to add these lines to?? I can't find anything on what this stuff is....

 

I am using the duckdns site and have a typical unraid installation.

 

Thought I knew a lot about unraid - apparently that isn't the case....😖

 

If anyone is around I would appreciate a "nudge" in the right direction.

 

Thanks in advance

 

 

 

 

https://blog.linuxserver.io/2019/04/25/letsencrypt-nginx-starter-guide/

Posted
5 hours ago, aptalca said:

while that does work thats less unraid specific. 

 

12 hours ago, toolmanz said:

All,

 

I have gone over this thread many times - still can't get this to work. 😫

 

Tested with sonarr, radarr etc. just get the NGINX 404 page.

 

I think the problem is the section on PROXY_PASS. 

 

I don't understand what this is and what file I should be adding those lines to.....☹️

 

Can somebody tell me what file(s) I need to add these lines to?? I can't find anything on what this stuff is....

 

I am using the duckdns site and have a typical unraid installation.

 

Thought I knew a lot about unraid - apparently that isn't the case....😖

 

If anyone is around I would appreciate a "nudge" in the right direction.

 

Thanks in advance

 

 

 

 

It's unclear what part your are actually struggling with.

Posted

First thanks for the responses....

 

The part I am struggling with is the final instructions in the guide called Services (Proxy_Pass). Why are those pages included at all?

 

I think I understand what it is trying to do. But, what do I do with them? Do I add them to the default file under the folder called letsencrypt then nginx then site-conf?

 

Or is this just confirming what it should look like in the default file? There is no context on that final page. 

 

Not sure if that is any clearer....I think the question is "why is the services (proxy_pass) pages of the guide even included ?"

 

Just can't get it through my thick skull....it is apparent I have a lot more to learn.

 

Oh, forgot to include that the set up is not currently working for me at all. Just get "page not working".

 

I'll read the blog previously suggested just to see if there is a clue. I will post up my default file later on.

 

Thanks again

  • 1 month later...
  • 10 months later...
Posted

Hi all, 

 

I've followed Spaceinvader ones YouTube videos on how to setup Nextcloud and SWAG, and I can access everything remotely without an issue. 

 

I get two security warnings in the 'overview' section though: 

 

"

There are some warnings regarding your setup.

The reverse proxy header configuration is incorrect, or you are accessing Nextcloud from a trusted proxy. If not, this is a security issue and can allow an attacker to spoof their IP address as visible to the Nextcloud. Further information can be found in the documentation.

The "Strict-Transport-Security" HTTP header is not set to at least "15552000" seconds. For enhanced security, it is recommended to enable HSTS as described in the security tips ↗."

 

Can anyone point me in the direction as to what I should be looking at? 

 

Cheers

 

Posted
4 hours ago, BenW said:

I get two security warnings in the 'overview' section though: 

 

Where exactly are you getting these errors. Nextcloud? SWAG? 

 

Would be helpful to know. Sounds like Nextcloud is in the mix?

 

Cheers

 

 

Posted
8 hours ago, toolmanz said:

Where exactly are you getting these errors. Nextcloud? SWAG? 

 

Would be helpful to know. Sounds like Nextcloud is in the mix?

 

Yeah - sorry for the lack of info. I was at the end of a marathon session trying to get it all to work! 

In the end I managed to fix the errors showing in Nextcloud by following Spaceinvaders video on fixing nextcloud issues, as well as another tutorial by linuxserver about adding in a line to trust SWAG as a proxy.. 

 

  • 11 months later...
Posted

Can I try a little necromancy on this thread?

Any update on config for Swag, as letsenctypt container is gone?  I can't seen to get it working.

Do I have to redirect port 80 to another port, or is that optional?  I'm away from home.  I redirected 443 before I left, and got My Servers remote working.  I'd trying to access Sonarr & Radarr.

 

Thanks,

  • 4 weeks later...

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.

Guest
Reply to this topic...

×   Pasted as rich text.   Restore formatting

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
×
  • Create New...