Jump to content
SpaceInvaderOne

** VIDEO GUIDE ** How to Setup and Configure a Reverse Proxy on unRAID with LetsEncrypt & NGINX

66 posts in this topic Last Reply

Recommended Posts

27 minutes ago, Kyubey said:

How could you set up in a double reverse proxy with a vps like in this image?2075205148_2019-03-0719_02_19.png.dc0ae7e59f55087b2046d9e8bc1cab23.png

What's the purpose of the second reverse proxy? (Between the internet and the router)

 

Wouldn't a regular proxy be better in that spot?

Share this post


Link to post

getting this on my domain and subdomain (cnames 😞

image.png.f13bb3ac76a103206ba670a3783e2cf3.png

do i need to edit config files next??? 

 

Share this post


Link to post
13 hours ago, 225redstick said:

getting this on my domain and subdomain (cnames 😞

image.png.f13bb3ac76a103206ba670a3783e2cf3.png

do i need to edit config files next??? 

 

Yep that will be because there is no config file that uses that subdomain. Just edit a config file to direct to whichever container you want to access from outside.

Share this post


Link to post

Has anyone been able to get this all working with Cloudflare DNS in front of everything? I've got it working perfectly if I disable routing through Cloudflare but I'd really like to be able to use Cloudflare's access system to authenticate users as well as the built in DDOS protection.

 

Right now I'm using the NginxProxyManager docker from CA and connecting over HTTPS works like a charm. However if I enable a subdomain to route through Cloudflare then I get this error.

 

259869240_SSLerror.PNG.18bbdc8435d94c6d926c6dfe295f75df.PNG

 

I've disabled universal SSL in cloudflare and have the SSL setting to "off". Has anyone been able to get this working? Thanks

Share this post


Link to post

Really great work as always. I got it working  just 2 question 
 1 I can go nextcloud.XXXX.XX  and it work if I try too open it the docker or use the local ip it also go there   when I look on the traffic in pfsense  with ntopng it look like all data go out and ind = use my internet speed can I do so for the local it don't go that way around.

2   are there a way so you can use www. before just people often think that 

Share this post


Link to post

Is there a way to use subdomains to access virtual machines?

Share this post


Link to post
1 hour ago, hgelpke said:

Is there a way to use subdomains to access virtual machines?

What do you mean by that? You can use subdomains to access pretty much anything you can access with a web browser.

Share this post


Link to post
Posted (edited)

Hey all,

 

I am trying to set up LetsEncrypt but LetsEncrypt keeps giving me the message "Challenge failed for domain xxxx.duckdns.org".

 

I have my ports forwarded correctly and have even tried re-forwarding port 80 to say my unraid web server just to test that it's accessible from the full dns/port number and that's fine (then deleted that forward).

 

Question - Am I supposed to be able to access the http webpage of the letsencrypt docker regardless of any certs being issued? I'm just trying to make sure I can even access that port internally first.

 

Otherwise, can an ISP block port 80 depending on the kind of request? I was obviously able to access the webpage of my server via port 80 but wasn't sure if there was anything LetsEncrypt does that could be getting blocked?

 

If anyone has any idea's I could try to troubleshoot, it would be much appreciated!

 

Edit: This is working now. I decided to call my ISP anyway to at least see if they could see anything trying to connect. Turns out port 80 / 443 was blocked.

 

I assumed it wasn't as I was able to remotely connect over port 80 to other services. They said it could have been Hairpin NAT on my router basically working it out for me.

 

As a general lesson I guess - always call your ISP FIRST to make sure that those ports are going to be open on their side before you go any further.

 

 

Edited by Brandan

Share this post


Link to post
On 3/11/2019 at 5:50 AM, SpaceInvaderOne said:

Yep that will be because there is no config file that uses that subdomain. Just edit a config file to direct to whichever container you want to access from outside.

I would love a future video explaining editing out configs to point to subdomains, I still find that confusing as my goal is to limit my ports that are exposed. Do i edit/replace the default config file, this is the part I'm struggling with, how to set this up. Thanks again

Share this post


Link to post

Or do you have a good example letsencrypt default config file to share that i could use as a template for my subdomains pointing to radarr, sonarr, plex etc.?

Share this post


Link to post
1 hour ago, 225redstick said:

Or do you have a good example letsencrypt default config file to share that i could use as a template for my subdomains pointing to radarr, sonarr, plex etc.?

If you install the letsencrypt docker from linuxserver then it should come with template config files for radarr sonarr and plex.

 

It should be in the proxy conf folder in the appdata folder for letsencrypt

 

I can upload a template for you later if you need it.

Share this post


Link to post

Heres what to do if your isp blocks port 80 and you cant use http authentication to create your certificates. Also how to make a wildcard certificate.

 

 

Share this post


Link to post
9 hours ago, SeveredBox53 said:

If you install the letsencrypt docker from linuxserver then it should come with template config files for radarr sonarr and plex.

 

It should be in the proxy conf folder in the appdata folder for letsencrypt

 

I can upload a template for you later if you need it.

I see these, but not sure what do do with them. Do i copy/move them to each app folder or copy the text of each and put them all in the letsencrypt default config file? 

Share this post


Link to post
1 hour ago, 225redstick said:

I see these, but not sure what do do with them. Do i copy/move them to each app folder or copy the text of each and put them all in the letsencrypt default config file? 

No you don't need to copy them out of that folder. You just need to edit the file and put your website name where it is in the template.

 

Ex. plex.thisismyrandomexamplewebpage.edu

 

Make sure you enable viewing file extensions cause the templates are all inactive by default.

 

To activate the file rename it from subdomain.radarr.config.sample to subdomain.radarr.config

  • Like 1

Share this post


Link to post

Awesome Vid, got this all up and running quickly and on the first try. Everything working great accessing from outside with phones and tablets. HOWEVER :) , now when I launch the WebUI for Letsencrypt I get an error page that says "Welcome to our server - website currently being setup under this address"  I have restarted the containers, tried different browsers but still cannot get into the WebUI.  Any ideas or help would be greatly appreciated.  

Share this post


Link to post

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now