SpaceInvaderOne Posted August 6, 2018 Share Posted August 6, 2018 So following on from the next cloud video, here is a tutorial that shows how to set up and configure a reverse proxy on unRAID It uses the linuxserver's excellent docker container Letsencrypt with NGINX. You will see how to use both our own domain with the proxy as well as just using duckdns subdomains. The video covers using both subdomains and subfolders. It also goes through setting up next cloud with the reverse proxy. Hope its useful Heres what to do if your isp blocks port 80 and you cant use http authentication to create your certificates. Also how to make a wildcard certificate. 4 Quote Link to comment
zirconi Posted August 6, 2018 Share Posted August 6, 2018 Great video as usual ! One question: why using a custom docker network ? I setup everything some months ago redirecting to my host ports. What are the benefits of this ? Thanks Quote Link to comment
SpaceInvaderOne Posted August 6, 2018 Author Share Posted August 6, 2018 (edited) Hi @zirconi using the custom docker network allows us to use the config files that the Linux Server guys have included in the container. These files work 'out the box' because when using a custom docker network the containers have automatic dns resolution between each other. Check here to read more https://docs.docker.com/network/bridge/ If you have everything setup and working then no advantage that i am aware of to change to the custom network. Edited August 6, 2018 by gridrunner Quote Link to comment
1812 Posted August 6, 2018 Share Posted August 6, 2018 FINALLY I managed to get sonar working with duck dns, but when I setup next cloud, it works only outside of my network. On the network when you try to access the address, it forwards to the duck dns which never resolves... any idea what I messed up? I feel like I've triple checked all the settings. Quote Link to comment
JonathanM Posted August 6, 2018 Share Posted August 6, 2018 20 minutes ago, 1812 said: it works only outside of my network. On the network when you try to access the address, it forwards to the duck dns which never resolves Typically that's a problem with the router, look for hairpinning or loopback. Quote Link to comment
1812 Posted August 6, 2018 Share Posted August 6, 2018 1 minute ago, jonathanm said: Typically that's a problem with the router, look for hairpinning or loopback. that's what I was guessing and digging around in for the past hour. I'm using opnsense and can't find anything about it. Quote Link to comment
JonathanM Posted August 6, 2018 Share Posted August 6, 2018 3 minutes ago, 1812 said: I'm using opnsense and can't find anything about it. opnsense calls it nat reflection Quote Link to comment
1812 Posted August 6, 2018 Share Posted August 6, 2018 (edited) 26 minutes ago, jonathanm said: opnsense calls it nat reflection so even if it's enabled on the ports that are forwarded, I'm looking for a general "allow nat reflection" or similar, correct? Found the setting finally :Firewall: Settings: Advanced--- Automatic outbound NAT for Reflection thanks! Edited August 6, 2018 by 1812 Quote Link to comment
SpaceInvaderOne Posted August 6, 2018 Author Share Posted August 6, 2018 41 minutes ago, 1812 said: so even if it's enabled on the ports that are forwarded, I'm looking for a general "allow nat reflection" or similar, correct? Found the setting finally :Firewall: Settings: Advanced--- Automatic outbound NAT for Reflection thanks! How do you find opensense? I havent tried it. I know its a fork of pfsense. Any reason you use it instead of pfsense? Quote Link to comment
faxio Posted August 6, 2018 Share Posted August 6, 2018 This is amazing! had been putting this off for a while. Just finished setting everything up. The only thing I can't get working with Letsencrypt is Rocket Chat. Can anyone get me with this? Is there a proxy-conf template for Rocket Chat? Thanks! Quote Link to comment
Greygoose Posted August 6, 2018 Share Posted August 6, 2018 Amazing Ed, i set this up few mths back with help from CHMB. Superb video, looking forward to the menu you showed at the end. Did you say it was hindale? Quote Link to comment
CHBMB Posted August 6, 2018 Share Posted August 6, 2018 48 minutes ago, Greygoose said: Amazing Ed, i set this up few mths back with help from CHMB. Superb video, looking forward to the menu you showed at the end. Did you say it was hindale? Heimdall Quote Link to comment
faxio Posted August 6, 2018 Share Posted August 6, 2018 Figured out Rocket.Chat... https://github.com/malko/Rocket.Chat.Docs-1/blob/master/3. Installation/4. Manual Installation/Configuring SSL Reverse Proxy with Nginx.md Quote Link to comment
1812 Posted August 6, 2018 Share Posted August 6, 2018 2 hours ago, gridrunner said: How do you find opensense? I havent tried it. I know its a fork of pfsense. Any reason you use it instead of pfsense? I tired it when I was having major issues with an unstable internet connection and switched from pfsense to rule out some sort of error. It ended up being a flaky cable modem that was causing problems but not showing them diagnostically. But I found the UI to be much cleaner and nicer This is probably the biggest reason I stayed on it. Some things/settings are easier to find in terms of navigation, sort of where you expect them to be vs pfsense. Others seem way different if you've learned where they are in pfsense. OPNsense says they do more updates vs pfsense and I believe them. It seems like something is updated/patched every week. There is less documentation than pfsense, but most issues are cross-resoveable if you can find the settings. Quote Link to comment
Froger Posted August 6, 2018 Share Posted August 6, 2018 I got stuck at creating custom network proxynet. It looks like everything went well with creating it in terminal but somehow letsenctrypt is not seeing that network. Any hints ? Quote Link to comment
1812 Posted August 6, 2018 Share Posted August 6, 2018 (edited) heres a funny thing: so I set it up and theme'd it up. then once I route to it via the public web address/url, all theming changes are lost.... edit-- think I figured out my issue... messed up the config files Edited August 6, 2018 by 1812 Quote Link to comment
SpaceInvaderOne Posted August 6, 2018 Author Share Posted August 6, 2018 19 minutes ago, Froger said: I got stuck at creating custom network proxynet. It looks like everything went well with creating it in terminal but somehow letsenctrypt is not seeing that network. Any hints ? Are you running the latest unRAID. You will only see it in the dropdown from 6.5.1 onwards. For older unRAID builds you will have to goto advance settings then manually enter into the extra parameters like this. --network=[networkname] I would upgrade to the latest stable unRAID unless there is any reason that you must stay on the older one. Quote Link to comment
1812 Posted August 6, 2018 Share Posted August 6, 2018 (edited) I have everything working flawlessly now routed through a site url with 1 exception: It's giving the browser an unsafe website waring, saying the "security certificate is from XXXXX.duckdns.org. Shouldn't lets encrypt or the docker page itself be sending the certificate and not that warning? Forgive me as I'm having one of those types of days. I forgot to change the lets encrypt over to that subdomain... Edited August 6, 2018 by 1812 Quote Link to comment
Froger Posted August 9, 2018 Share Posted August 9, 2018 (edited) On 8/7/2018 at 12:08 AM, gridrunner said: Are you running the latest unRAID. You will only see it in the dropdown from 6.5.1 onwards. For older unRAID builds you will have to goto advance settings then manually enter into the extra parameters like this. --network=[networkname] I would upgrade to the latest stable unRAID unless there is any reason that you must stay on the older one. Thanks for help! I am stuck one more time unfortunately. I got next cloud to work properly on my local network and i'm pretty sure that domain, subdomain and dns settings are set correctly. After tinkering in conf files nexcloud docker is no longer showing webUI. I mean that I can click on webIU icon but all I get is simple " Welcome to our server. The website is currently being setup up." I am getting the same message trying to connect via subdomain ( https://nexctoud.domain.com) and via local ip address. Any clues ? solved Edited August 9, 2018 by Froger Quote Link to comment
joelones Posted August 9, 2018 Share Posted August 9, 2018 (edited) @gridrunnerThanks for this guide. Well done! A couple of comments though. Firstly, I'm not totally keen on the idea of port forwarding directly to my unRAID box's IP address. Shouldn't we worry about this? As such I tried to put nextcloud on it's own IP address via the br0 bridge and continued along with the guide and it did not work. I ran into errors about nginx not being able to resolve the nextcloud docker or something similar. I later realized it probably had something to due with the inherent restriction that docker has when you attempt to have a Docker container trying to talk to its own host, since this is considered a security breach. I'm not sure there's a real way around this restriction here? In any case, I know you can install letsencrypt on pfSense, and I'd love to see a pfSense, letsencrypt and haproxy guide as this particular setup is above my pay grade, so to speak... Edited August 9, 2018 by joelones Quote Link to comment
unRaide Posted August 16, 2018 Share Posted August 16, 2018 Hi @gridrunner, thanks for another amazing video!!! ? I've got everything setup and working per your video but I've run into two problems which I can't seem to figure out: How would I go about setting up a reverse proxy for Plex? I tried setting it up like the others however I couldn’t get it working. Do I need to do something special because it is using Host mode vs bridge mode? Should I still set it to use the custom proxynet? Is it possible to access all my dockers using the reverse proxy url when I'm inside my network? My router doesn’t support Nat Reflection and I'm not sure how to setup Nextcloud to work both inside and outside my network? Any guidance would be greatly appreciated. Thanks Quote Link to comment
deadnote Posted August 18, 2018 Share Posted August 18, 2018 (edited) On 8/9/2018 at 1:45 PM, Froger said: Thanks for help! I am stuck one more time unfortunately. I got next cloud to work properly on my local network and i'm pretty sure that domain, subdomain and dns settings are set correctly. After tinkering in conf files nexcloud docker is no longer showing webUI. I mean that I can click on webIU icon but all I get is simple " Welcome to our server. The website is currently being setup up." I am getting the same message trying to connect via subdomain ( https://nexctoud.domain.com) and via local ip address. Any clues ? solved Hi can you telle me how you solve the "welcome" message error ? [SOLVED] Thanks ! Edited August 18, 2018 by deadnote Quote Link to comment
deadnote Posted August 18, 2018 Share Posted August 18, 2018 (edited) Hi Me again ! Can someone help to configure collabora for nextcloud with let's encrypt ? Nexcloud throw me this error : Exception: Could not find urlsrc in WOPI When i go to https://office.mydomain.fr I see Welcome to nginx! If you see this page, the nginx web server is successfully installed and working. Further configuration is required. For online documentation and support please refer to nginx.org. Commercial support is available at nginx.com. Thank you for using nginx. I don't know how to set up the configuration file It works if I create an office configuration file in the site-conf folder. Is it a good way to configure let's encrypt ? Edited August 18, 2018 by deadnote Quote Link to comment
pervin_1 Posted August 22, 2018 Share Posted August 22, 2018 On 8/18/2018 at 4:56 AM, deadnote said: Hi Me again ! Can someone help to configure collabora for nextcloud with let's encrypt ? Nexcloud throw me this error : Exception: Could not find urlsrc in WOPI When i go to https://office.mydomain.fr I see Welcome to nginx! If you see this page, the nginx web server is successfully installed and working. Further configuration is required. For online documentation and support please refer to nginx.org. Commercial support is available at nginx.com. Thank you for using nginx. I don't know how to set up the configuration file It works if I create an office configuration file in the site-conf folder. Is it a good way to configure let's encrypt ? Have you found the solution yet? I checked this link to get an idea how to fix it, but I got confused even more at this link Quote Link to comment
hernandito Posted August 25, 2018 Share Posted August 25, 2018 Quick question. The command that creates the new network, will this survive a reboot? Or does it need to added to go file? Quote Link to comment
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.