SlaZe_XE Posted October 17, 2017 Share Posted October 17, 2017 Exactly! Thank you, i'll try to go there when i have time to look a it again =) Quote Link to comment
Lee B Posted November 17, 2017 Share Posted November 17, 2017 (edited) Hi all, I'm hoping someone can help me with getting my (eg : sub.domain.com) to bring up Organizr when going to just the example link but it keeps defaulting to sub.domain.com/htpc what I want to know is what do I need to change in the default file for lets encrypt to achieve this end goal? eg sub.domain.com/organizr or just sub.domain.com to bring up organizr page default file added to post default Edited November 17, 2017 by Lee B Quote Link to comment
GilbN Posted November 18, 2017 Share Posted November 18, 2017 (edited) 13 hours ago, Lee B said: Hi all, I'm hoping someone can help me with getting my (eg : sub.domain.com) to bring up Organizr when going to just the example link but it keeps defaulting to sub.domain.com/htpc what I want to know is what do I need to change in the default file for lets encrypt to achieve this end goal? eg sub.domain.com/organizr or just sub.domain.com to bring up organizr page default file added to post default You have a return 301 in your config. Remove that location = / { return 301 /htpc; } Are you not using the Organizr container? You are using the letsencrypt container right? you can try this: #ORGANIZR UPSTREAM upstream organizr-upstream { server 192.168.0.100:Port; keepalive 32; } # ORGANIZR CONTAINER location / { proxy_pass http://organizr-upstream; include /config/nginx/proxy.conf; } Also: join us here https://organizr.us/discord Edited November 18, 2017 by GilbN Quote Link to comment
Lee B Posted November 18, 2017 Share Posted November 18, 2017 (edited) 9 hours ago, GilbN said: You have a return 301 in your config. Remove that location = / { return 301 /htpc; } Are you not using the Organizr container? You are using the letsencrypt container right? you can try this: #ORGANIZR UPSTREAM upstream organizr-upstream { server 192.168.0.100:Port; keepalive 32; } # ORGANIZR CONTAINER location / { proxy_pass http://organizr-upstream; include /config/nginx/proxy.conf; } Also: join us here https://organizr.us/discord I have the Letsencrypt and the Organizr container installed but have the settings in Letsencrypt I'm also have issues with certificate I have a duckdns set up eg https://sub.duckdns.org which letsencrypt does the cert ok for with no errors however I wanted to forward a 1and1 domain to it eg sub.server.co.uk using cname (sub.duckdns.org) but I get a mismatch with the certificate ... any ideas? also can I just forward the main domain instead? eg server.co.uk to sub.duckdns.org Edited November 18, 2017 by Lee B Quote Link to comment
GilbN Posted November 19, 2017 Share Posted November 19, 2017 14 hours ago, Lee B said: I have the Letsencrypt and the Organizr container installed but have the settings in Letsencrypt I'm also have issues with certificate I have a duckdns set up eg https://sub.duckdns.org which letsencrypt does the cert ok for with no errors however I wanted to forward a 1and1 domain to it eg sub.server.co.uk using cname (sub.duckdns.org) but I get a mismatch with the certificate ... any ideas? also can I just forward the main domain instead? eg server.co.uk to sub.duckdns.org Your domain provider can probably forward the domain to sub.duck.org Check setting on your domain provider page. Quote Link to comment
Lee B Posted November 19, 2017 Share Posted November 19, 2017 7 hours ago, GilbN said: Your domain provider can probably forward the domain to sub.duck.org Check setting on your domain provider page. I think you misunderstand ... I can forward it using CNAME but I get a certificate mismatch Quote Link to comment
GilbN Posted November 20, 2017 Share Posted November 20, 2017 On 11/19/2017 at 7:42 PM, Lee B said: I think you misunderstand ... I can forward it using CNAME but I get a certificate mismatch Then you can do a return 301 server { listen 80; listen 443 ssl http2; server_name domain1.com; return 301 https://$domain2.com$request_uri; } Quote Link to comment
Lee B Posted November 21, 2017 Share Posted November 21, 2017 2 hours ago, GilbN said: Then you can do a return 301 server { listen 80; listen 443 ssl http2; server_name domain1.com; return 301 https://$domain2.com$request_uri; } I placed the above code in the default file but still not fixing the Certificate mismatch, plus can I force it to go from the unsecured http://www.domain.co.uk to https://www.domain.co.uk Cheers Lee Quote Link to comment
Lee B Posted November 21, 2017 Share Posted November 21, 2017 even tried this I found on the thread Quote Link to comment
DZMM Posted November 21, 2017 Share Posted November 21, 2017 On 11/18/2017 at 12:17 PM, GilbN said: you can try this: #ORGANIZR UPSTREAM upstream organizr-upstream { server 192.168.0.100:Port; keepalive 32; } # ORGANIZR CONTAINER location / { proxy_pass http://organizr-upstream; include /config/nginx/proxy.conf; } Also: join us here https://organizr.us/discord Ohhh, so close! I just added this and organizr's homepage loads up and I can log in, but my tabs and the settings link don't work. Help please - almost there: # netdata upstream backend { server 172.31.12.84:19999; keepalive 64; } #ORGANIZR UPSTREAM upstream organizr-upstream { server 172.32.12.89:80; keepalive 32; } # listening on port 80 disabled by default, remove the "#" signs to enable # redirect all traffic to https #server { # listen 80; # server_name _; # return 301 https://$host$request_uri; #} # main server block server { listen 443 ssl default_server; root /config/www; index index.html index.htm index.php; server_name _; ssl_certificate /config/keys/letsencrypt/fullchain.pem; ssl_certificate_key /config/keys/letsencrypt/privkey.pem; ssl_dhparam /config/nginx/dhparams.pem; ssl_ciphers 'ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES256-GCM-SHA384:DHE-RSA-AES128-GCM-SHA256:DHE-DSS-AES128-GCM-SHA256:kEDH+AESGCM:ECDHE-RSA-AES128-SHA256:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA:ECDHE-ECDSA-AES128-SHA:ECDHE-RSA-AES256-SHA384:ECDHE-ECDSA-AES256-SHA384:ECDHE-RSA-AES256-SHA:ECDHE-ECDSA-AES256-SHA:DHE-RSA-AES128-SHA256:DHE-RSA-AES128-SHA:DHE-DSS-AES128-SHA256:DHE-RSA-AES256-SHA256:DHE-DSS-AES256-SHA:DHE-RSA-AES256-SHA:AES128-GCM-SHA256:AES256-GCM-SHA384:AES128-SHA256:AES256-SHA256:AES128-SHA:AES256-SHA:AES:CAMELLIA:DES-CBC3-SHA:!aNULL:!eNULL:!EXPORT:!DES:!RC4:!MD5:!PSK:!aECDH:!EDH-DSS-DES-CBC3-SHA:!EDH-RSA-DES-CBC3-SHA:!KRB5-DES-CBC3-SHA'; ssl_prefer_server_ciphers on; client_max_body_size 0; # location / { # try_files $uri $uri/ /index.html /index.php?$args =404; # } location ~ \.php$ { fastcgi_split_path_info ^(.+\.php)(/.+)$; # With php7-cgi alone: fastcgi_pass 127.0.0.1:9000; # With php7-fpm: #fastcgi_pass unix:/var/run/php7-fpm.sock; fastcgi_index index.php; include /etc/nginx/fastcgi_params; } # calibre-web location /books { proxy_bind $server_addr; proxy_pass http://172.35.12.72:8083; proxy_set_header Host $http_host; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; proxy_set_header X-Scheme $scheme; proxy_set_header X-Script-Name /books; } # deluge location /deluge { proxy_pass http://172.32.12.73:8112/; proxy_set_header X-Deluge-Base "/deluge/"; } # headphones location /headphones { include /config/nginx/proxy.conf; proxy_pass http://172.32.12.74:8181/headphones; } # lazy librarian location /lazy { include /config/nginx/proxy.conf; proxy_pass http://172.32.12.79:5299/lazy; } # jackett location /jackett/ { rewrite /jackett/(.*) /$1 break; proxy_bind $server_addr; proxy_pass http://172.32.12.78:9117; } # Mineos not working location /mineos/ { proxy_set_header X-Real-IP $remote_addr; proxy_set_header X-Forwarded-For $remote_addr; proxy_set_header Host $host; proxy_pass https://172.35.12.82:8443; } # Musicbrainz not working location ^~ /musicbrainz/ { set $musicbrainz_upstream musicbrainz; set $musicbrainz_baseurl /musicbrainz; rewrite /musicbrainz(.*) /$1 break; proxy_pass http://$musicbrainz_upstream:5000; proxy_set_header Accept-Encoding ""; proxy_set_header Host $host; proxy_set_header X-Real-IP $remote_addr; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; sub_filter_once off; sub_filter '//172.34.12.88:5000' '$musicbrainz_baseurl'; sub_filter '"/static' '$musicbrainz_baseurl'; sub_filter '"http://$host/' '"$scheme://$host$musicbrainz_baseurl/'; sub_filter '<a href="/' '<a href="$musicbrainz_baseurl/'; } # netdata location ~ /netdata/(?<ndpath>.*) { proxy_set_header X-Forwarded-Host $host; proxy_set_header X-Forwarded-Server $host; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; proxy_pass http://backend/$ndpath$is_args$args; proxy_http_version 1.1; proxy_pass_request_headers on; proxy_set_header Connection “keep-alive”; proxy_store off; } # nzbget location /nzbget { proxy_pass http://172.33.12.86:6789; proxy_set_header Host $host; proxy_set_header X-Real-IP $remote_addr; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; } # nzbhydra location /nzbhydra { include /config/nginx/proxy.conf; proxy_pass http://172.32.12.77:5075/nzbhydra; } # Ombi location /plexrequest { include /config/nginx/proxy.conf; proxy_pass http://172.35.12.87:3579/plexrequest; } # ORGANIZR CONTAINER location / { proxy_pass http://organizr-upstream; include /config/nginx/proxy.conf; } # PLEX location /web { # serve the CSS code proxy_pass http://172.35.12.90:32400; } location /plex { # proxy request to plex server proxy_pass http://172.35.12.90:32400/web; } # plexpy location /plexpy { proxy_pass http://172.32.12.91:8181; proxy_set_header Host $host; proxy_set_header X-Real-IP $remote_addr; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; } # Radarr location /radarr { include /config/nginx/proxy.conf; proxy_pass http://172.32.12.92:7878/radarr; } # Sonarr location /sonarr { include /config/nginx/proxy.conf; proxy_pass http://172.32.12.95:8989/sonarr; } # sample reverse proxy config for password protected couchpotato running at IP 192.168.1.50 port 5050 with base url "cp" # notice this is within the same server block as the base # don't forget to generate the .htpasswd file as described on docker hub # location ^~ /cp { # auth_basic "Restricted"; # auth_basic_user_file /config/nginx/.htpasswd; # include /config/nginx/proxy.conf; # proxy_pass http://192.168.1.50:5050/cp; # } } # sample reverse proxy config without url base, but as a subdomain "cp", ip and port same as above # notice this is a new server block, you need a new server block for each subdomain #server { # listen 443 ssl; # # root /config/www; # index index.html index.htm index.php; # # server_name cp.*; # # ssl_certificate /config/keys/letsencrypt/fullchain.pem; # ssl_certificate_key /config/keys/letsencrypt/privkey.pem; # ssl_dhparam /config/nginx/dhparams.pem; # ssl_ciphers 'ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES256-GCM-SHA384:DHE-RSA-AES128-GCM-SHA256:DHE-DSS-AES128-GCM-SHA256:kEDH+AESGCM:ECDHE-RSA-AES128-SHA256:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA:ECDHE-ECDSA-AES128-SHA:ECDHE-RSA-AES256-SHA384:ECDHE-ECDSA-AES256-SHA384:ECDHE-RSA-AES256-SHA:ECDHE-ECDSA-AES256-SHA:DHE-RSA-AES128-SHA256:DHE-RSA-AES128-SHA:DHE-DSS-AES128-SHA256:DHE-RSA-AES256-SHA256:DHE-DSS-AES256-SHA:DHE-RSA-AES256-SHA:AES128-GCM-SHA256:AES256-GCM-SHA384:AES128-SHA256:AES256-SHA256:AES128-SHA:AES256-SHA:AES:CAMELLIA:DES-CBC3-SHA:!aNULL:!eNULL:!EXPORT:!DES:!RC4:!MD5:!PSK:!aECDH:!EDH-DSS-DES-CBC3-SHA:!EDH-RSA-DES-CBC3-SHA:!KRB5-DES-CBC3-SHA'; # ssl_prefer_server_ciphers on; # # client_max_body_size 0; # # location / { # auth_basic "Restricted"; # auth_basic_user_file /config/nginx/.htpasswd; # include /config/nginx/proxy.conf; # proxy_pass http://192.168.1.50:5050; # } #} Quote Link to comment
GilbN Posted November 21, 2017 Share Posted November 21, 2017 (edited) Join the organizr discord. Soo much easier to troubleshoot. Organizr.us/discord Edited January 20, 2018 by GilbN Quote Link to comment
CorneliousJD Posted January 21, 2018 Share Posted January 21, 2018 If I password protect each service (and require login for them to show up) do I really need to mess with trying to get this to work via the LetsEncrypt container? That seems like so much work and since all of the services (e.g. Sonarr, Radarr, etc) aren't HTTPS protected I'm not even sure how I'd get them to load in a frame on an HTTPS main page? Quote Link to comment
CHBMB Posted January 21, 2018 Share Posted January 21, 2018 18 minutes ago, CorneliousJD said: If I password protect each service (and require login for them to show up) do I really need to mess with trying to get this to work via the LetsEncrypt container? That seems like so much work and since all of the services (e.g. Sonarr, Radarr, etc) aren't HTTPS protected I'm not even sure how I'd get them to load in a frame on an HTTPS main page? I've never really understood the point of these sorts of things and that's what I do, just auth_basic "Restricted"; auth_basic_user_file /config/nginx/.htpasswd; everything I want to protect Quote Link to comment
GilbN Posted January 21, 2018 Share Posted January 21, 2018 33 minutes ago, CorneliousJD said: If I password protect each service (and require login for them to show up) do I really need to mess with trying to get this to work via the LetsEncrypt container? That seems like so much work and since all of the services (e.g. Sonarr, Radarr, etc) aren't HTTPS protected I'm not even sure how I'd get them to load in a frame on an HTTPS main page? Not really that much work. And it's better to have fewer ports open. And you reverse proxy the apps, that way you can load them in an iframe. Quote Link to comment
CorneliousJD Posted January 22, 2018 Share Posted January 22, 2018 4 hours ago, GilbN said: Not really that much work. And it's better to have fewer ports open. And you reverse proxy the apps, that way you can load them in an iframe. I guess I don't really understand how fully to do that. Is there a step by step guide available for this? Also, with reverse proxy setup is it possible to still use an app like nzb360 on Android to connect to Sickbeard/Sickrage from outside my home? Right now that relies on my domain.com:port to get it to work properly. Quote Link to comment
GilbN Posted January 22, 2018 Share Posted January 22, 2018 1 hour ago, CorneliousJD said: I guess I don't really understand how fully to do that. Is there a step by step guide available for this? Also, with reverse proxy setup is it possible to still use an app like nzb360 on Android to connect to Sickbeard/Sickrage from outside my home? Right now that relies on my domain.com:port to get it to work properly. I've made some guides here https://technicalramblings.com/blog/how-to-setup-organizr-with-letsencrypt-on-unraid/ https://technicalramblings.com/blog/allowing-mobile-apps-work-with-services-using-organizr-server-auth/ https://technicalramblings.com/blog/fail2ban-with-organizr-and-let-sencrypt/ 1 Quote Link to comment
CorneliousJD Posted January 23, 2018 Share Posted January 23, 2018 21 hours ago, GilbN said: I've made some guides here https://technicalramblings.com/blog/how-to-setup-organizr-with-letsencrypt-on-unraid/ https://technicalramblings.com/blog/allowing-mobile-apps-work-with-services-using-organizr-server-auth/ https://technicalramblings.com/blog/fail2ban-with-organizr-and-let-sencrypt/ So I did get the reverse proxy working on radarr/sonarr, etc, but I'm confused by all the different arguments for different containers in your configs, how do you know what you need to set? This concerns me that i'll add a new container or service and not know how to get it to open up properly with the proxy. Also the whole subdomain vs domain.com/destination/ seems like a bigger hassle too. My biggest hurdle with all this was I got HTTPS'd Organizr to load, but the homepage or settings wouldn't load so I couldn't even edit my tabs to the new /radarr/ and /sonarr/ to test within Organizr with. I kind of gave up for the moment but am saving my letsencrypt container config to revisit if any of this makes sense? Quote Link to comment
Fredrick Posted January 25, 2018 Share Posted January 25, 2018 On 23/01/2018 at 4:01 AM, CorneliousJD said: So I did get the reverse proxy working on radarr/sonarr, etc, but I'm confused by all the different arguments for different containers in your configs, how do you know what you need to set? This concerns me that i'll add a new container or service and not know how to get it to open up properly with the proxy. My tip is just to take one software at a time and test it as you go along. Adding multiple services will result in various errors that can be a headache. The different configs for different services are a result of googling (at least for me). Any reason why this docker is still on 1.6.1 when 1.7 came out 15.12.17? Quote Link to comment
GilbN Posted January 25, 2018 Share Posted January 25, 2018 (edited) Yeah, about which headers to use for the reverse proxies, sometimes different apps need different headers. You can usually find info on the devs wiki page. Or create an issue to ask for help. But most of the time if you include proxy.conf it will work. Take a look here: https://github.com/gilbN/Nostromo/tree/master/Server/nginx/subdirs FYI: For anyone else having the homepage/settings not loading: If you have the php block that comes with the default file in your server block you may experince that Organizr will not load properly. (Homepage is blank and you can’t access settings) This is because the php location is “hijacking” the Organizr container php. You can fix this by commenting the lines like the example below or just remove it. #location ~ \.php$ { #fastcgi_split_path_info ^(.+\.php)(/.+)$; # With php7-cgi alone: #fastcgi_pass 127.0.0.1:9000; # With php7-fpm: #fastcgi_pass unix:/var/run/php7-fpm.sock; #fastcgi_index index.php; #include /etc/nginx/fastcgi_params; #} If you need to use the php location block in a sub directory you can just create a php.conf file and paste the contents into that file. Save it in the nginx folder and use the include syntax. location /logarr { root /config/www; index index.php index.html; include /config/nginx/php.conf; } Edited March 17, 2018 by GilbN Quote Link to comment
CorneliousJD Posted March 17, 2018 Share Posted March 17, 2018 Just checking in to see if there is an ETA for the 1.7.5 release on Organizr yet? 1.75 did come out 8 days ago, not trying to rush it, just checking in since i know it fixes a bug i'm having. Quote Link to comment
GilbN Posted March 17, 2018 Share Posted March 17, 2018 4 hours ago, CorneliousJD said: Just checking in to see if there is an ETA for the 1.7.5 release on Organizr yet? 1.75 did come out 8 days ago, not trying to rush it, just checking in since i know it fixes a bug i'm having. You can upgrade in the container. I've been doing that since 1.4. No issues Quote Link to comment
GilbN Posted March 17, 2018 Share Posted March 17, 2018 I just repulled the container and the version is 1.75. Quote Link to comment
CorneliousJD Posted March 19, 2018 Share Posted March 19, 2018 Thanks! didn't know you could do that without breaking things in the container. Just upgraded - the bug I was having is indeed fixed, thank you! Quote Link to comment
GilbN Posted March 19, 2018 Share Posted March 19, 2018 16 hours ago, CorneliousJD said: Thanks! didn't know you could do that without breaking things in the container. Just upgraded - the bug I was having is indeed fixed, thank you! Yeah, it's not recommended. But I haven't had any problems doing it with this container. Quote Link to comment
mkono87 Posted April 22, 2018 Share Posted April 22, 2018 I have an organizr docker in unraid and then also a let's encrypt docker that handles my nginx reverse proxy. my tabs are setup using my domain (ex:mydomain.net/plex) and my homepage is using my local ips. I am able to use the homepage and tabs remotely but when I'm at home I still have to use bookmarks for the tabs. I heard possibly needing to setup hairpin nat which is checkmarked on my edgerouter but I'm not sure if anything else needs to be done Amy help would be appreciated. Quote Link to comment
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.