** VIDEO GUIDE ** How to Setup and Configure a Reverse Proxy on unRAID with LetsEncrypt & NGINX


135 posts in this topic Last Reply

Recommended Posts

  • Replies 134
  • Created
  • Last Reply

Top Posters In This Topic

Top Posters In This Topic

Popular Posts

So following on from the next cloud video, here is a tutorial that shows how to set up and configure a reverse proxy on unRAID It uses the linuxserver's excellent docker container Letsencrypt wit

I followed the video to a tee and use pfSense for my router.  After getting everything set up, if I try and access any of the dockers from outside my home network they all give me the same white scree

Hi im unsure if anyone else is experiencing this issue but ive followed everything down to the letter and when i go to the sonarr webpage outside my network i keep getting the letsencrypt landing page

Posted Images

@Ricin Report back if it works or if you run into any issues. If it works there might be a script lets say for pfsense a great idea for people who don't want the ports be opened all the time, only for cert renew. Some sort of check when the certificate expires, if it expires next day, open port and recheck ever hour or so if the cert is renewed, after that, close port again. Just an idea and I have no glue how to create something like that. 🤔

Link to post

Will do wont have chance to try it for a couple of days as I will be working. I do use pfsense to that would be handy. But to be honest not to fused as long as I can open a port for a few hours even a day would be fine. Then close it for the majority of the time. 

Link to post
On 3/10/2019 at 4:20 PM, 225redstick said:

getting this on my domain and subdomain (cnames 😞

image.png.f13bb3ac76a103206ba670a3783e2cf3.png

do i need to edit config files next??? 

 

I'm getting the same even though my configs are set.  Looks like they added IPV6 support.  Does SSL need to be configured on Sonarr/Radarr?

 

2NDNkky.png

Link to post
On 12/7/2018 at 10:20 PM, Runtime24 said:

So I am able to reach Sonarr using my subdomain web address and it will ask me to login but after that I just get a loading animation at the top and it says Sonarr Ver in the center of the screen and nothing else. Any advice on what this could be?

  

For Nextcloud I am getting either a 502 Bad gateway or the letsencrypt webui.

were you able to resolve the loading animation issue? I just set up reverse proxy for nextcloud, radarr and sonarr and both radarr and sonarr have the same issue i.e. when I try to access the sub-domain, it asks for my username/password. Once I enter that, it takes me to a page with a loading animation near the top and a message towards the bottom that just says Radarr Ver. and Sonarr Ver.

Link to post
  • 3 weeks later...

I am setting up a reverse proxy on my Unraid server. I followed all the steps in the OP video and currently have Sonarr working. 😀

 

I used the duckdns method as I dont have my own domain.

 

The video is excellent as always but for the Sonarr implementation it does instruct if you are using duckdns.

 

The nextcloud portion just speaks to instruction if you have your own domain name - not if you used duckdns.

 

What are the edit changes to the config.php (this is where I think the problem is) file to get this working with duckdns? 

 

Do you include the full duckdns domain name xxxxxx.duckdns.org or just the xxxxxx without the suffix? 

 

Or something different?

 

Current config.php:

 

$CONFIG = array (
  'memcache.local' => '\\OC\\Memcache\\APCu',
  'datadirectory' => '/data',
  'instanceid' => 'xxxxxxxxxx',
  'passwordsalt' => '/xxxxxxxxxxxxxxx',
  'secret' => 'xx+xxxxxxxx+xxxxxxxxx',
  'trusted_domains' => 
  array (
    0 => 'xxx.xxx.xxx.xxx:444',
    1 => 'xxxxxx.duckdns.org',
  ),
  'dbtype' => 'mysql',
  'version' => '16.0.1.1',
  'overwrite.cli.url' => 'https://xxxxxx.duckdns.org',
  'overwritehost' => 'xxxxxx.duckdns.org'
  'overwriteprotocol' => 'https',
  'dbname' => 'nextcloud',
  'dbhost' => 'xxx.xxx.xxx.xxx:3306',
  'dbport' => '',
  'dbtableprefix' => 'oc_',
  'mysql.utf8mb4' => true,
  'dbuser' => 'nextcloud',
  'dbpassword' => 'xxxxxx',
  'installed' => true,
);

* I have xx'd out the private bits.

 

Any help with this would be most appreciated.... ☺️

 

Thanks in advance

Link to post
  • 4 weeks later...

hi, question regarding having you own domain, do you also need to have a host ?

 

because what i have now is a domain with no host

 

and i fallowed your video on How to Use DNS Verification with your Reverse Proxy & use a Wildcard SSL Certificate

 

but now i get a error https://support.cloudflare.com/hc/en-us/articles/200171916-Error-521

 

now i removed my port forward from my router and i receive this error https://support.cloudflare.com/hc/en-us/articles/200171906-Error-522

 

and here are my DNS settings in cloudflare

 

any help will be much appreciated

 

dns.png

Edited by Danuel
Link to post
  • 4 weeks later...

I followed all the steps, tried first with HTTP (without domain name) and now with domain name, letencrypt is working but on my nextcloud I have an error 522. Does someone have any idea it can come from ?

adress nextcloud.taiaut.fr

 

Edit Forgot to mention I have a error 500 on my IP nextcloud address and my Nextcloud log doesn't show any error.

Edit2 : My Nextcloud log

Stack trace:
#0 /config/www/nextcloud/3rdparty/doctrine/dbal/lib/Doctrine/DBAL/Connection.php(448): OC\DB\Connection->connect()
#1 /config/www/nextcloud/3rdparty/doctrine/dbal/lib/Doctrine/DBAL/Connection.php(410): Doctrine\DBAL\Connection->getDatabasePlatformVersion()
#2 /config/www/nextcloud/3rdparty/doctrine/dbal/lib/Doctrine/DBAL/Connection.php(354): Doctrine\DBAL\Connection->detectDatabasePlatform()
#3 /config/www/nextcloud/3rdparty/doctrine/dbal/lib/Doctrine/DBAL/Connection.php(710): Doctrine\DBAL\Connection->getDatabasePlatform()
#4 /config/www/nextcloud/lib/private/DB/Connection.php(151): Doctrine\DBAL\Connection->setTransactionIsolation(2)
#5 /config/www/nextcloud/3rdparty/doctrine/dbal/lib/Doctrine/DBAL/DriverManager.php(181): OC\DB\Connection->__construct(Array, Object(Doctrine\DBAL\Driver\PDOMyS in /config/www/nextcloud/lib/private/DB/Connection.php on line 64

 

Edited by CyprienDlp
more informations
Link to post
11 minutes ago, CyprienDlp said:

I followed all the steps, tried first with HTTP (without domain name) and now with domain name, letencrypt is working but on my nextcloud I have an error 522. Does someone have any idea it can come from ?

adress nextcloud.taiaut.fr

more people have same problem, including me, not able to find a fix

Edited by Danuel
Link to post

So I am trying to reinstall nextcloud while keeping letsencrypt and mariadb and I still have the same problem. I huess the last solution is tu completly reset the server and try again from scratch. Keeping updated !

 

Update 1 : I have an error 522 on the domain name and an Internal Server Error on the IP url. I don't have any error on my logs 

[cont-init.d] 10-adduser: exited 0.
[cont-init.d] 20-config: executing...
[cont-finish.d] executing container finish scripts...
[cont-finish.d] done.
[s6-finish] waiting for services.
[s6-finish] sending all processes the TERM signal.
[s6-finish] sending all processes the KILL signal and exiting.

[s6-init] making user provided files available at /var/run/s6/etc...exited 0.
[s6-init] ensuring user provided files have correct perms...exited 0.
[fix-attrs.d] applying ownership & permissions fixes...
[fix-attrs.d] done.
[cont-init.d] executing container initialization scripts...
[cont-init.d] 10-adduser: executing...
usermod: no changes

 

Edited by CyprienDlp
update
Link to post

 

On 7/18/2019 at 1:08 PM, Danuel said:

more people have same problem, including me, not able to find a fix

So I have some answer about the Error 522, now I'm pretty sure it's due the ISP configuration. I found out that Duckdns wasn't supported by my ISP. I'm starting to configure it with noip dyndns provider. (Also check your router firewall). 

Link to post
  • 2 weeks later...

I followed this video as shown to get Let's Encrypt to run on my server with my own domain. It works well for my docker containers!

 

One thing that I am not clear about how to do is to point one sub domain (that I already have gotten a certificate for) to a VM which has an instance of GitLab running. It was the only thing that I had exposed to web before setting up this reverse proxy and would like to still be able to access it from a subdomain.

 

Your help to achieve this would be greatly appreciated...

 

Thanks!

Link to post
  • 1 month later...
  • 2 weeks later...
  • 3 months later...

Hey invader, I've followed this to a tee using cloudflare. Everything is up and running but when i try to go to sonarr.mydomain.com i get the cloudflare error 522. I've been over the settings about 5 times now and everything is setup just as you showed. My isp blocks port 80 but i've got 443 forwarded to 1443 and verified it's open yet I'm still getting the 522 error. I've no idea where to go from here, any help would be appreciated. Thanks

Link to post

Newbie(s)

I went through the same thing and I finally got it to work. Been there done that (this is one of the most difficult aspects of unraid 😵)

There is another option though - much easier, intuitive and up and running in 10 - 15 minutes.

I use duckdns and this is a great docker. No writing code (except for nextcloud configuration which is straight forward and there are lots of assists on the forum). I use it for nextcloud, sonarr, radarr and netdata. All work flawlessly. 

Haven't figured out Bitwarden yet - that is a little more complicated and a number of folks are working on it.

For somebody starting out this is an good way to just get up and running. You can always come back to this if you wish.

Check this out ....https://nginxproxymanager.jc21.com/

The instructions are virtually non-existent but the set up is intuitive.

image.thumb.png.c26a7e3aec2adfa0281540ae0220fddf.png

 

Cheers

 

PS: I just posted up the coding to get nextcloud working on the NGINX Proxy Manager help thread.

 

 

Edited by toolmanz
Link to post
4 hours ago, Talasarian said:

Hey invader, I've followed this to a tee using cloudflare. Everything is up and running but when i try to go to sonarr.mydomain.com i get the cloudflare error 522. I've been over the settings about 5 times now and everything is setup just as you showed. My isp blocks port 80 but i've got 443 forwarded to 1443 and verified it's open yet I'm still getting the 522 error. I've no idea where to go from here, any help would be appreciated. Thanks

With cloud flare I found I had to disable the caching. That is the little cloud beside the dns entry. I’d try that. 

Link to post
22 hours ago, Marshalleq said:

With cloud flare I found I had to disable the caching. That is the little cloud beside the dns entry. I’d try that. 

Thank you so much Marshalleq, I feel like such an idiot... Been working on this for the better part of a week and it never occurred to me to try that.

 

UPDATE:

I've got sonarr, radarr, lidarr, and ombi working but tautulli is throwing err_empty_response. I've got usernames and passwords setup for all. I also had to specify each subdomain instead of using the wildcard to get ssl certs for anyone else in this position.

 

UPDATE 2:

A bit of googling and I found the solution to tautulli, https://github.com/Tautulli/Tautulli-Wiki/wiki/Frequently-Asked-Questions#general-q10

 

Everything is now working in the reverse proxy thankfully, once again thanks Mashelleq.

Edited by Talasarian
Link to post

I followed this guide last night and, as always, was easy to follow and get setup. I am running into an issue though, perhaps someone has run into this as well and can make some good recommendations:

 

When I try to login to sonarr/radarr/ombi from the subdomain I have setup, its trying to get to my router settings page vs. going to the proper docker. Here's how I have my network setup:

 

J:COM Gigabit Fiber Internet -> The J:COM provided router ->pFsense Router -> Unraid, PC, Wireless AP, etc.

 

I have the J:COM router setup such that my pFsense router is in the DMZ and has as static IP.

 

I have the pFsense Router NAT rules setup as Space Invader describes in his videos (had to do the same sort of thing for my Plex to work while I am on the Japanese trains).

 

On my J:COM router I have the TCP ports for Plex mapped, as well as 80-80 and 443-443. In pFsense its setup with forwarding 80-180, 443-1443.

 

Any thoughts?

 

Link to post

Hi guys,

I´m struggeling setting up my unraid server for days (my first time server setup, so I don´t know what I´m actually doing ;)). I followed the video several time with no success and I hope to use a slightly different setup:

I try to achieve is a reverse proxy setup for my docker apps with my own url + subdomains (from selfhost).

I use the fritz.box dyndns function to supply my IP to selfhost (works). To my understandig that should avoid the necessity to use duckdns (correct me if I´m wrong, I don´t actually know what "cname" forwarding means).

 

What works atm:

-> Port forwarding (verified with OSX Port Scan)

-> let´s encrypt certifications for my domain & subdomains (log file says server ready, all errors gone) (setting "only subdomains" to false)

-> proxynet config inside unraid

-> mariadb/ nextcloud setup

-> nextcloud -> I have external acces via cloud.mydomain.de & 10G & 1G IP connections (I got a direct 10G connection between my hackintosh & the server + a 1G connection through my fritz.box)

 

As a second docker app I try to use sonarr. I´m able to enter the UI inside my network, but external acces is impossible. My feeling is that my letsencrypt is not able to use the server files from "proxy-confs" and I don´t know why. I changed nextcloud & sonarr conf files as explained in the video but it never change anything so I use this three files in appdata/letsencrypt/nginx atm:

 

-> default

-> nextcloud

-> sonarr

 

default & nextcloud are necessary to have things working as expected (and explained). Files attached have a fake domain & Ip but ports fit the actual settings. 

 

Would be awesome if someone is able to point me to the right direction or tell me where my understanding is wrong...

 

 

 

 

EDIT:
I found a solution
For every Subdomain/ App I use, i created a seperate server file with the settings cpoied from the preconfigured files for the correspondig apps. 

nextcloud sonarr default

Edited by antagon
Link to post
  • 3 weeks later...

I've setup letsencrypt on one of my servers, Server1, and its working great.

 

But I have a second Unraid server, Server2, behind the same router.

 

If I am running a docker I want to use reverse proxy on Server2 how would I go about using LetsEncrypt if 80 and 443 are pointed to Server1?

 

Link to post

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.

Guest
Reply to this topic...

×   Pasted as rich text.   Restore formatting

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.