Skip to content
View in the app

A better way to browse. Learn more.

Unraid

A full-screen app on your home screen with push notifications, badges and more.

To install this app on iOS and iPadOS
  1. Tap the Share icon in Safari
  2. Scroll the menu and tap Add to Home Screen.
  3. Tap Add in the top-right corner.
To install this app on Android
  1. Tap the 3-dot menu (⋮) in the top-right corner of the browser.
  2. Tap Add to Home screen or Install app.
  3. Confirm by tapping Install.

[Support] Djoss - Nginx Proxy Manager

Featured Replies

15 minutes ago, mattie112 said:

Can you chech the certificate view in NPM? Perhaps it did made one and you can just use it. Or chech the drop down where it says 'request new' 

So the dropdown shows:  Note that what I highlighted out was my attemp to manually add my Certs from Cloudflare to NPM. It does not related to my nextcloud proxy.

 

In my SSL Certs, I only have this manually added Cert from Cloudflare.  Note I only added this cert because of the issues I was having trying to get nextcloud to work here.  It didn't work prior to this (or after the fact).

image.png.02d9f1aa37e12d7045fe5378e6b68c8d.png

  • Replies 2k
  • Views 516.3k
  • Created
  • Last Reply

Top Posters In This Topic

Most Popular Posts

  • You can use my fork for now: https://hub.docker.com/r/mattie112/docker-nginx-proxy-manager (which I will delete if/when this gets implemented by Djoss)   My fork is 100% the same c

  • sdchoni
    sdchoni

    To temporarily resolve this issue, you can use the previous release of Nginx Proxy Manager. Edit the app and change the repository to: jlesage/nginx-proxy-manager:v25.09.1 Once this is resolved, you

  • Please verify that the problem is fixed with the latest version.

Posted Images

Ik strange. You could check in the docker container itself on the filesystem (or in the app data) and manually remove any files that are certificates for your host. Or if you have not a lot of config yet just clear and restart. 

11 minutes ago, mattie112 said:

Ik strange. You could check in the docker container itself on the filesystem (or in the app data) and manually remove any files that are certificates for your host. Or if you have not a lot of config yet just clear and restart. 

I'll clear and restart.  My only other guess is I am not setting up the Proxy Host right.    NNote I have tried EVERY combination in port  (ie. I've tried http/https for 443, 444, 1443, etc).  Here is how I have it set up.  What do you think I should be using?

 

image.png.bc405423ec2bd86479693f7779ac3260.png

 

And my SWAG config file looks like this:

image.png.214a207ff3a3e1b6c5000c60cb245a1a.png

33 minutes ago, mattie112 said:

Ik strange. You could check in the docker container itself on the filesystem (or in the app data) and manually remove any files that are certificates for your host. Or if you have not a lot of config yet just clear and restart. 

I might have more information.  I checked logs when trying to pull a certificate and got this:

"Timeout during connect (likely firewall problem)"

 

My NGINX is setup exactly the same as SWAG (and I know i did port forwarding for SWAG).  Here is my NGINX PM:

image.png.243e6203e8dadc7aae68c8b1bd97a828.png

and note I also have this on the "Custom: Proxynet" network type as my SWAG is on that too.

 

Here is my SWAG:

image.png.2b106e2a2f6f476a77bb5ef0e285f259.png

You could try two things. With your phone on 4G try to access both 80 and 443. Are both not working or just one of them? Just to make sure we are looking in the right direction. 

My docker network configuration is:
- Docker custom network type: ipvlan
- Host access to custom networks: Disabled

 I have this problem:
 
1) npm is configured on the "br0" network with a fixed ip (192.168.10.238). But I can't access the panel because when i try to do login , shows the error “Bad Gateway". All the other containers are on a single network (bdrtec), only npm is on “br0”.

 

image.png.62fbb84546fcacdc7b6858f5badaa3db.png

  • 3 weeks later...

I have my Cloudflare Tunnel pointed to NPM and a wildcard cert setup. However, when I enable Force SSL, I get an error stating "too many redirects." Any idea why I am getting this error? 

 

NPM perfectly redirects my app.example.com to the correct docker container with this turned off. I just don't understand what is a causing the error.

12 hours ago, rbrowning85 said:

I have my Cloudflare Tunnel pointed to NPM and a wildcard cert setup. However, when I enable Force SSL, I get an error stating "too many redirects." Any idea why I am getting this error? 

 

NPM perfectly redirects my app.example.com to the correct docker container with this turned off. I just don't understand what is a causing the error.

I didn't point my cloudflare directly at NPM.....

 

I pointed my router to the AdGuard IP.
AdGuard points to NPM.
NPM points to the domains.

 

1 hour ago, Braulio Dias Ribeiro said:

I didn't point my cloudflare directly at NPM.....

 

I pointed my router to the AdGuard IP.
AdGuard points to NPM.
NPM points to the domains.

 

Interesting. So you are pointing your Cloudflare Tunnel to your router's IP address? Then using an Adguard DNS rewrite, you are then forwarding that to NPM, which then proxies it to the correct docker container? 

 

app.example.com --> Cloudflare Tunnel --> home router --> AdGuard DNS rewrite --> NPM --> docker container

 

Does this require you to open ports 80 and 443 on your router? 

32 minutes ago, rbrowning85 said:

Interesting. So you are pointing your Cloudflare Tunnel to your router's IP address? Then using an Adguard DNS rewrite, you are then forwarding that to NPM, which then proxies it to the correct docker container? 

 

app.example.com --> Cloudflare Tunnel --> home router --> AdGuard DNS rewrite --> NPM --> docker container

 

Does this require you to open ports 80 and 443 on your router? 

My redirect sub domains are internal......
Some are external
 

Cloudflare Tunnel Site --> Cloudflare Tunnel Docker Unraid

Router --> AdGuard DNS rewrite --> NPM --> docker container

 

image.thumb.png.ab12b25e54f2baa9d1d839221a6f63a9.png

 

image.thumb.png.016a89104989743de06c8fff134d769f.png

 

image.thumb.png.2555cc8e67a998c61942f39113e9d520.png

Edited by Braulio Dias Ribeiro

Just looking for a little advice about the assigned ports. I have started to use Immich recently. And it doesn't play nice with cloudflare because of it not breaking down the files into chunks. So any files over 100mb gets blocked. In order to combat this I set a local DNS record on my UDM P so these files will upload when on my home network. 

 

In order to ensure the traffic sent on the local DNS rule reached NPM I had to set the ports to the default 80 and 443. This is because I cant set a local port forwarding rule... At least I haven't found how to do it yet. The port forwarding rules only applies to internet traffic. I have this done and all is working just fine. 

 

My question is are there any security concerns doing this? or any other reason I shouldn't do it? 

Hey all, I can no longer connect to the webui, just says connection refused error. In my docker log for nginx I just have this repeating forever. Any ideas?

I checked my folders and there's no npm-9 folder at all, just 1, 2, 6, 7, and 8.

 

EDIT: go ahead and ignore this, i deleted the docker and reinstalled from scratch and works right away.

 

image.thumb.png.f00ff2f0e1c7adf5088dc3dd6a4a9a0d.png

Edited by nxtiak

  • 4 weeks later...

Have had this socker running for ages and been spot on

 

noticed today noticed one ssl needed to be renewed by 24th Nov 2024, tried to manually renew but got an internal error.

 

Googled and saw one post on GitHub to say to switch off forced SSL and try, so did this and manual renew worked, not sure why its started to be an issue now and not before, Ive always had force ssl on.

 

Also using cloudflare cname record with proxy enabled (if that matters)

 

 

Hi, I try to set up my things and when I create my ssl I got this:

 

CommandError: Saving debug log to /tmp/letsencrypt-log/letsencrypt.log
Some challenges have failed.
Ask for help or search for solutions at https://community.letsencrypt.org. See the logfile /tmp/letsencrypt-log/letsencrypt.log or re-run Certbot with -v for more details.

    at /opt/nginx-proxy-manager/lib/utils.js:16:13
    at ChildProcess.exithandler (node:child_process:410:5)
    at ChildProcess.emit (node:events:513:28)
    at maybeClose (node:internal/child_process:1100:16)
    at Process.ChildProcess._handle.onexit (node:internal/child_process:304:5)

 

Somebody knows why?

 

Make sure both ports 80 and 443 are forwarded to your container and that DNS changes have actually propagated, it's not always instant when you add a new subdomain.

Edited by Kilrah

Thanks @Kilrah, I found yesterday my problem.

Hello!

 

I just got an email from let's encrypt that my certs are expiring. 

 

I went into the SSL Certs section of this application and hit renew on let's encrypt. It error'ed out. Just says "Internal Error."

 

I am using cloudflare. 

 

Where can I go from here? 

An update on my situation. 

 

I setup a new Let's Encrypt cert and now I can't access my services outside of my network. "too many redirects"

 

I can still access internally by IP. 

 

My phone when trying to access my websites via cellular says "The webpage at *REDACTED URL* might be temporarily down or it may have moved permanently to a new web address."

 

I tried the other certs I made in the past and none of them work. 

 

And all of a sudden today my certs are all renewed. 

 

Do I have to start from scratch? 

 

EDIT: I have no backups of my previous settings. 

Edited by urbanracer34

I fixed it! I had to recreate the domain and everything else and now it appears to be working. 

I've recently moved and switched to using Starlink for my internet. I'd prefer to stay on the Residential plan which gives me unlimited data, but has the downside to being behind a GNAT. Luckily, I'm using a Unifi Ultra gateway, so I can use ipv6 to access my internal devices from outside the network.

 

I've managed to give my unraid server an ipv6 address and confirmed it works. I've also managed to set up my NPM container with an ipv6 address and can hit it publicly as well. I updated my public DNS records for my domains to point to my NPM address, but it's not forwarding the traffic to my backend devices, which are only running on ipv4.

I've configured my NPM container to use the proxynet and br0 networks, while all of my backend containers are using just proxynet.

I'm at a loss on how to get that traffic to forward properly and would love any help.

 

I'm currently running on Unraid 6.9.2.

>CGNAT, ipv6, etc...

 

Use Tailscale, don't forward and open ports. If you run Tailscale inside the same container as NPM and on Unraid as a Plugin, you won't have to worry about creating additional special docker-specific networks or configuring any containers for proxying or outside access. You'll be able to access anything you want on the Unraid system, including all containers and VMs from outside with any machine that's connected to the Tailnet (any machine also running Tailscale, like your phone, notebook, machine at another house, etc.)

 

 

Edited by Espressomatic

4 minutes ago, Espressomatic said:

>CGNAT, ipv6, etc...

 

Use Tailscale, don't forward and open ports.

 

 

Thanks, I'll look into that.

10 hours ago, Professor Oak said:

I've recently moved and switched to using Starlink for my internet. I'd prefer to stay on the Residential plan which gives me unlimited data, but has the downside to being behind a GNAT. Luckily, I'm using a Unifi Ultra gateway, so I can use ipv6 to access my internal devices from outside the network.

 

I've managed to give my unraid server an ipv6 address and confirmed it works. I've also managed to set up my NPM container with an ipv6 address and can hit it publicly as well. I updated my public DNS records for my domains to point to my NPM address, but it's not forwarding the traffic to my backend devices, which are only running on ipv4.

I've configured my NPM container to use the proxynet and br0 networks, while all of my backend containers are using just proxynet.

I'm at a loss on how to get that traffic to forward properly and would love any help.

 

I'm currently running on Unraid 6.9.2.

 

And other then what was already suggested: try testing things one by one.

 

Can you access your NPM over IPv6?

Does the DNS resolve correctly (perhaps your Unraid machine has a different IP then your NPM container)

Does the forwarding work over IPv4?

On 11/11/2024 at 5:05 PM, Espressomatic said:

>CGNAT, ipv6, etc...

 

Use Tailscale, don't forward and open ports. If you run Tailscale inside the same container as NPM and on Unraid as a Plugin, you won't have to worry about creating additional special docker-specific networks or configuring any containers for proxying or outside access. You'll be able to access anything you want on the Unraid system, including all containers and VMs from outside with any machine that's connected to the Tailnet (any machine also running Tailscale, like your phone, notebook, machine at another house, etc.)

 

 

Okay, I think I hit a wall here..

I've got the tailscale plugin installed and managed to configure it to route subnets (192.168.1.0/24) and act as an exit node. I've also got the newer Tailscale-Docker container installed and on the bridge network, but I couldn't get it to act as an exit node even when setting the correct flag.

I've tried several different configurations for the NPM container, but still can't figure out how to hit it externally.

Sorry for not being more specific earlier: Don't run the Tailscale docker container.

 

So far, this is the most versatile way I've found to set this up (spoiler: NPM/Tailscale inside Debian LXC) - instructions below include scripts to for NPM and Tailscale installations in the LXC.

 

 

Edited by Espressomatic

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.

Guest
Reply to this topic...

Account

Navigation

Search

Search

Configure browser push notifications

Chrome (Android)
  1. Tap the lock icon next to the address bar.
  2. Tap Permissions → Notifications.
  3. Adjust your preference.
Chrome (Desktop)
  1. Click the padlock icon in the address bar.
  2. Select Site settings.
  3. Find Notifications and adjust your preference.