The Complete UnRAID reverse proxy, Duck DNS (dynamic dns) and letsencrypt guide


140 posts in this topic Last Reply

Recommended Posts

Hi, maybe a bit off-topic, but I hope you guys have a good opinion on this.

I am trying to "backup and document" my setup on Github.

Will the complete nginx reverse proxy config potentially reveal too much detail to share? subdomains/ports/forwards/ .....

Of course, I won't post the .htaccess file, but I wanted all other files there. *.conf and all site-confs/*

What do you think?

Link to post
  • Replies 139
  • Created
  • Last Reply

Top Posters In This Topic

Top Posters In This Topic

Popular Posts

Hi, i recently asked on the unRAID reddit what people wanted guides for, this was the top answer. i want to add further info about the nginx config but for now this should get most people up and runni

docker exec -it letsencrypt htpasswd -c /config/nginx/.htpasswd <username> add: auth_basic_user_file /config/nginx/.htpasswd; to the default file under each service I wanted to protect.

no you need to access it from your external IP or from your DNS not from the 192.168.1.104 address   so you need to forward port 80 on your router to 85 and then try it from your duck dns ad

Posted Images

  • 10 months later...

Could anyone be so kind as to help me with getting Grafana working behind this? I have Radarr and Sonarr working so LetsEncrypt side seems all good, I added a new line to my config for Nginx:

	location /grafana {
		include /config/nginx/proxy.conf;
		proxy_pass http://192.168.1.5:3000/;
  }

However I am not sure where to tell Grafana that it needs to use /grafana as I did for Sonarr and Radarr, looking online it seems to be I need to edit the grafana.ini file though I cannot find this! I am using the official Grafana docker. I may be missing something obvious but I am new to this so appreciate any help I may get! I

 

Thank you.

Edited by J89eu
Link to post
2 hours ago, J89eu said:

Could anyone be so kind as to help me with getting Grafana working behind this? I have Radarr and Sonarr working so LetsEncrypt side seems all good, I added a new line to my config for Nginx:


	location /grafana {
		include /config/nginx/proxy.conf;
		proxy_pass http://192.168.1.5:3000/;
  }

However I am not sure where to tell Grafana that it needs to use /grafana as I did for Sonarr and Radarr, looking online it seems to be I need to edit the grafana.ini file though I cannot find this! I am using the official Grafana docker. I may be missing something obvious but I am new to this so appreciate any help I may get! I

 

Thank you.

https://grafana.com/docs/installation/behind_proxy/#examples-with-sub-path-ex-http-foo-bar-grafana

Link to post
1 hour ago, J89eu said:

That's great though I can't find the grafana.ini file as I said in the original post.. I am not sure where it is on the unraid server.

This isn't really related to this post but even a quick google search shows that you need to map /etc/grafana/grafana.ini or maybe the whole /etc/grafana folder in the docker container to get to the grafana.ini file located at this location, maybe try asking for help in the grafana docker thread or github pages?

Edited by Fma965
Link to post
  • 5 months later...

All,

 

I have gone over this thread many times - still can't get this to work. 😫

 

Tested with sonarr, radarr etc. just get the NGINX 404 page.

 

I think the problem is the section on PROXY_PASS. 

 

I don't understand what this is and what file I should be adding those lines to.....☹️

 

Can somebody tell me what file(s) I need to add these lines to?? I can't find anything on what this stuff is....

 

I am using the duckdns site and have a typical unraid installation.

 

Thought I knew a lot about unraid - apparently that isn't the case....😖

 

If anyone is around I would appreciate a "nudge" in the right direction.

 

Thanks in advance

 

 

 

 

Link to post
7 hours ago, toolmanz said:

All,

 

I have gone over this thread many times - still can't get this to work. 😫

 

Tested with sonarr, radarr etc. just get the NGINX 404 page.

 

I think the problem is the section on PROXY_PASS. 

 

I don't understand what this is and what file I should be adding those lines to.....☹️

 

Can somebody tell me what file(s) I need to add these lines to?? I can't find anything on what this stuff is....

 

I am using the duckdns site and have a typical unraid installation.

 

Thought I knew a lot about unraid - apparently that isn't the case....😖

 

If anyone is around I would appreciate a "nudge" in the right direction.

 

Thanks in advance

 

 

 

 

https://blog.linuxserver.io/2019/04/25/letsencrypt-nginx-starter-guide/

Link to post
5 hours ago, aptalca said:

while that does work thats less unraid specific. 

 

12 hours ago, toolmanz said:

All,

 

I have gone over this thread many times - still can't get this to work. 😫

 

Tested with sonarr, radarr etc. just get the NGINX 404 page.

 

I think the problem is the section on PROXY_PASS. 

 

I don't understand what this is and what file I should be adding those lines to.....☹️

 

Can somebody tell me what file(s) I need to add these lines to?? I can't find anything on what this stuff is....

 

I am using the duckdns site and have a typical unraid installation.

 

Thought I knew a lot about unraid - apparently that isn't the case....😖

 

If anyone is around I would appreciate a "nudge" in the right direction.

 

Thanks in advance

 

 

 

 

It's unclear what part your are actually struggling with.

Link to post

First thanks for the responses....

 

The part I am struggling with is the final instructions in the guide called Services (Proxy_Pass). Why are those pages included at all?

 

I think I understand what it is trying to do. But, what do I do with them? Do I add them to the default file under the folder called letsencrypt then nginx then site-conf?

 

Or is this just confirming what it should look like in the default file? There is no context on that final page. 

 

Not sure if that is any clearer....I think the question is "why is the services (proxy_pass) pages of the guide even included ?"

 

Just can't get it through my thick skull....it is apparent I have a lot more to learn.

 

Oh, forgot to include that the set up is not currently working for me at all. Just get "page not working".

 

I'll read the blog previously suggested just to see if there is a clue. I will post up my default file later on.

 

Thanks again

Link to post
  • 1 month later...
  • 10 months later...

Hi all, 

 

I've followed Spaceinvader ones YouTube videos on how to setup Nextcloud and SWAG, and I can access everything remotely without an issue. 

 

I get two security warnings in the 'overview' section though: 

 

"

There are some warnings regarding your setup.

The reverse proxy header configuration is incorrect, or you are accessing Nextcloud from a trusted proxy. If not, this is a security issue and can allow an attacker to spoof their IP address as visible to the Nextcloud. Further information can be found in the documentation.

The "Strict-Transport-Security" HTTP header is not set to at least "15552000" seconds. For enhanced security, it is recommended to enable HSTS as described in the security tips ↗."

 

Can anyone point me in the direction as to what I should be looking at? 

 

Cheers

 

Link to post
4 hours ago, BenW said:

I get two security warnings in the 'overview' section though: 

 

Where exactly are you getting these errors. Nextcloud? SWAG? 

 

Would be helpful to know. Sounds like Nextcloud is in the mix?

 

Cheers

 

 

Link to post
8 hours ago, toolmanz said:

Where exactly are you getting these errors. Nextcloud? SWAG? 

 

Would be helpful to know. Sounds like Nextcloud is in the mix?

 

Yeah - sorry for the lack of info. I was at the end of a marathon session trying to get it all to work! 

In the end I managed to fix the errors showing in Nextcloud by following Spaceinvaders video on fixing nextcloud issues, as well as another tutorial by linuxserver about adding in a line to trust SWAG as a proxy.. 

 

Link to post

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.

Guest
Reply to this topic...

×   Pasted as rich text.   Restore formatting

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.