Skip to content
View in the app

A better way to browse. Learn more.

Unraid

A full-screen app on your home screen with push notifications, badges and more.

To install this app on iOS and iPadOS
  1. Tap the Share icon in Safari
  2. Scroll the menu and tap Add to Home Screen.
  3. Tap Add in the top-right corner.
To install this app on Android
  1. Tap the 3-dot menu (⋮) in the top-right corner of the browser.
  2. Tap Add to Home screen or Install app.
  3. Confirm by tapping Install.

[Support] Djoss - Nginx Proxy Manager

Featured Replies

I would like to issue a WARNING to all users using this APP,
The source image and repository for this app / docker image are greatly OUTDATED - From 2021,

It is feasible that users of this app expose this nginx externally to the public internet, those user are facing security risks due to using outdated software, the image is built on-top of openresty, which itself is a standalone extended distribution of nginx, both products are constantly under security scrutiny and cycles of vulnerability detection and patching.

I have raised a closed github issue here: https://github.com/jlesage/docker-nginx-proxy-manager/issues/331
I recommen
d users to move to the official image: https://github.com/NginxProxyManager/nginx-proxy-manager/tree/develop


it is a drop in replacement, when using: https://github.com/chrizzo84/unraid-templates/tree/main/nginx-proxy-manager-jc21

  • 2 weeks later...
  • Replies 2k
  • Views 516.3k
  • Created
  • Last Reply

Top Posters In This Topic

Most Popular Posts

  • You can use my fork for now: https://hub.docker.com/r/mattie112/docker-nginx-proxy-manager (which I will delete if/when this gets implemented by Djoss)   My fork is 100% the same c

  • sdchoni
    sdchoni

    To temporarily resolve this issue, you can use the previous release of Nginx Proxy Manager. Edit the app and change the repository to: jlesage/nginx-proxy-manager:v25.09.1 Once this is resolved, you

  • Please verify that the problem is fixed with the latest version.

Posted Images

Hello everyone,

 

Disclaimer: Unraid is by far the most IT technical thing I have ever done, all based on iterative trial and error. It seems I really messed up this time however.

 

Definitions

PC = my main computer (1st machine)

Server = the 2nd machine that has Unraid on it

Everything is purely within the LAN network, both PC and Server are in the same house, i.e. both are connected to the walls in their respective rooms via an ethernet cable.

 

How the problem started:

  1. Decided to give Ngninx a try since I wanted to see if I could get HTTPS working.
  2. Installed Nginx docker, messed around with it a bit, seemed like I could not get it to work (could get it to make an SSL certificate via DuckDNS and set up some Proxy Hosts with duckdns subdomains, but everything staid HTTP when I clicked on the proxy host).
  3. Basically had no idea what I was doing. Was experimenting with having Nginx Proxy Hosts direct to different ports etc. and figured I'd just trial and error things a bit while following some Youtube tutorials etc. to see how far I'd get. Basically that's how I got this far using Unraid over the past several months in general. I was not aware about this being potentially dangerous outside of the docker containers, in hindsight I guess I should have.
  4. At some point I was also changing some ports in the different docker settings (as far as I know I did not create any overlapping ports, but who knows) and tried putting some dockers from "Bridge" to "br0" etc. (not having any deep understanding about the differences) but that did not seem to do much, in the end I just set everything back to "Bridge".
  5. Installed Traefik docker in Unraid, but then decided against starting to mess around with that as well, so jumped back to Nginx.
  6. All of a sudden I did not have LAN access to the server anymore (purely from messing around with Nginx as far as I could tell).
  7. Strangely, I could still go to different tabs within the Nginx GUI itself (e.g. "Proxy Host" and "SSL" tabs) but all the other dockers (including Unraid GUI itself) were unavailable so I was basically stuck - I tried to walk my steps back in Nginx but I don't know at what stage everything broke and I don't remember when I changed what, as I had been messing with it on and off over the course of several hours.
  8. Whenever I try to connect to the Server (or any of the dockers like Nextcloud or Jellyfin) from my PC via my PC browser (tested multiple browsers, using bookmarks to e.g. Nextcloud so nothing changed there either), both via "tower.local" or the "IP address", I get this message: 

"This site can’t be reached

192.168.0.100 [note: this is my local Unraid server IP] refused to connect.

Try:

Checking the connection

Checking the proxy and the firewall

ERR_CONNECTION_REFUSED"

 

Once the problem occured:

  1. I still see the Server on its fixed LAN IP when logging into my modem, so that seems normal.
  2. I can get into the Server via physically connecting a screen/keyboard/mouse and booting into GUI (it seems to actually start a Linux instace and automatically opened a Firefox browser showing the Unraid GUI in there - hopefully makes sense?).
  3. The GUI in the Firefox browser on the server connects to the tower.local address in the adress bar.
  4. When I open a second tab in that Firefox browser on the server I seemingly can use the IP address to get to the login screen as well.
  5. However, I cannot get to the login screen via my PC anymore, neither to any of the dockers and SMB is also down (cannot get to my folders via windows explorer on PC).
  6. I tried connecting via my PC browser both without the dockers running and after the dockers started. Booting the Server in Unraid safe mode also does not change anything it seems.

 

I think I managed to get the diagnostics file (see attachment).

 

When I open "servers.conf.txt" in the diagnostics file I see some reference to Nginx, but I don't know what to make of it. I just mention it here because it may be relevant for somebody who does know how to read it.

 

I really tried troubleshooting it myself but I honestly do not know what else to do anymore at this stage without potentially creating an even bigger mess. I hope one of the experts here can help me get my server back up and running. Any help would be greatly, greatly appreciated.

 

//

 

Reporting back on some more troubleshooting I did in the meantime:

  1. Uninstalled the Nginx docker. Did not change anything.
  2. Reinstalled the Nginx docker, which gave errors because it as a standard uses port 80.
  3. I changed the Nginx docker settings back to what it was before I removed it.
  4. Strangely, when I then launched the Nginx GUI on the server, it just got me straight into Nginx, where it apparently had remembered the login credentials and still had the proxy host and SSL certificate?
  5. In other words, removing the Nginx docker apparently did not remove everything related to it and as a result also did not solve the issue and I still only have physical access to server with nothing remote (on the LAN) working :/ 

tower-diagnostics-20241216-0128.zip

The files are not stored in the container but mounted from the /appdata storage share. If you want to start over / clear everything empty-out that folder.

 

Check your docker config to see the exact path of mapped volumes.

  • 2 weeks later...

My Nginx has worked reliably until today! Today I had to restart my Unraid server because I had to increase the size of my Docker container. Since then, NGINX has stopped working - cannot be started and I get the following error in the log:

 

Mein Nginx funktionierte bis heute zuverlässig! Heute mußte ich aber meinen Unraid Server einen Neustart verpassen, weil ich die größe meines Docker Containers erhöhen musste. Seit dem funktioniert NGINX nicht mehr - lässt sich nicht starten und ich erhalte folgenden Fehler im Protokoll:

 

[init        ] container is starting...
[cont-env    ] loading container environment variables...
[cont-env    ] APP_NAME: loading...
[cont-env    ] APP_VERSION: loading...
[cont-env    ] DOCKER_IMAGE_PLATFORM: loading...
[cont-env    ] DOCKER_IMAGE_VERSION: loading...
[cont-env    ] HOME: loading...
[cont-env    ] TAKE_CONFIG_OWNERSHIP: loading...
[cont-env    ] XDG_CACHE_HOME: loading...
[cont-env    ] XDG_CONFIG_HOME: loading...
[cont-env    ] XDG_DATA_HOME: loading...
[cont-env    ] XDG_RUNTIME_DIR: loading...
[cont-env    ] XDG_STATE_HOME: loading...
[cont-env    ] container environment variables initialized.
[cont-secrets] loading container secrets...
[cont-secrets] container secrets loaded.
[cont-init   ] executing container initialization scripts...
[cont-init   ] 10-check-app-niceness.sh: executing...
[cont-init   ] 10-check-app-niceness.sh: terminated successfully.
[cont-init   ] 10-clean-logmonitor-states.sh: executing...
[cont-init   ] 10-clean-logmonitor-states.sh: terminated successfully.
[cont-init   ] 10-clean-tmp-dir.sh: executing...
[cont-init   ] 10-clean-tmp-dir.sh: terminated successfully.
[cont-init   ] 10-init-users.sh: executing...
[cont-init   ] 10-init-users.sh: terminated successfully.
[cont-init   ] 10-pkgs-mirror.sh: executing...
[cont-init   ] 10-pkgs-mirror.sh: terminated successfully.
[cont-init   ] 10-set-tmp-dir-perms.sh: executing...
[cont-init   ] 10-set-tmp-dir-perms.sh: terminated successfully.
[cont-init   ] 10-xdg-runtime-dir.sh: executing...
[cont-init   ] 10-xdg-runtime-dir.sh: terminated successfully.
[cont-init   ] 15-install-pkgs.sh: executing...
[cont-init   ] 15-install-pkgs.sh: terminated successfully.
[cont-init   ] 54-db-upgrade.sh: executing...
[cont-init   ] 54-db-upgrade.sh: terminated successfully.
[cont-init   ] 55-nginx-proxy-manager.sh: executing...
[cont-init   ] 55-nginx-proxy-manager.sh: ln: /config/logs: No space left on device
[cont-init   ] 55-nginx-proxy-manager.sh: terminated with error 1.

Manually remove the log try again if you already increased the size of the docker image. 

Yes, I have already increased the Docker storage. How can I delete the log?

 

Ja den Docker Speicher habe ich bereits vergrößert. Wie kann ich den Log löschen?

Open the console to NPM via the Unraid container page (next to stop/start/restart) and remove it using the shell.

 

OR: delete NPM, then re-'install' it and use the same config/path mapping.

I think that's not the right way. But I still removed ngins without deleting the image and installed it again. Without success or changing the situation. Then I went into the log folder and deleted all the entries there, but that didn't make any changes either.

 

Ich denke das ist nicht der richtige weg. Ich habe jetzt aber trotzdem mal ngins entfernt-ohne das image zu löschen und habe es erneut installiert. Ohne Erfolg bzw veränderung der Situation. Dann bin ich in den Log Ordner gegangen und habe dort alle Einträge gelöscht, aber auch das führte zu keiner veränderung.

  • 2 weeks later...

Hello:)

 

Anyone who how to fix this one??

[IP Ranges] › ✖  error     getaddrinfo EAI_AGAIN ip-ranges.amazonaws.com

 

Thank you!

Hello again:)

 

This is the output.. 

Anyone with a idea of how to fix this??

 

User: npm PUID:0 ID:0 GROUP:0

Group: npm PGID:0 ID:0

-------------------------------------

❯ Starting nginx ...

❯ Starting backend ...

[1/5/2025] [2:01:42 PM] [Global ] › ℹ info Using Sqlite: /data/database.sqlite

[1/5/2025] [2:01:42 PM] [Migrate ] › ℹ info Current database version: none

[1/5/2025] [2:01:42 PM] [Setup ] › ℹ info Logrotate Timer initialized

[1/5/2025] [2:01:42 PM] [Global ] › ⬤ debug CMD: logrotate /etc/logrotate.d/nginx-proxy-manager

[1/5/2025] [2:01:42 PM] [Setup ] › ℹ info Logrotate completed.

[1/5/2025] [2:01:42 PM] [IP Ranges] › ℹ info Fetching IP Ranges from online services...

[1/5/2025] [2:01:42 PM] [IP Ranges] › ℹ info Fetching https://ip-ranges.amazonaws.com/ip-ranges.json

[1/5/2025] [2:01:58 PM] [IP Ranges] › ✖ error getaddrinfo EAI_AGAIN ip-ranges.amazonaws.com

[1/5/2025] [2:01:58 PM] [SSL ] › ℹ info Let's Encrypt Renewal Timer initialized

[1/5/2025] [2:01:58 PM] [SSL ] › ℹ info Renewing SSL certs expiring within 30 days ...

[1/5/2025] [2:01:58 PM] [IP Ranges] › ℹ info IP Ranges Renewal Timer initialized

[1/5/2025] [2:01:58 PM] [Global ] › ℹ info Backend PID 155 listening on port 3000 ...

[1/5/2025] [2:01:58 PM] [SSL ] › ℹ info Completed SSL cert renew process

[1/5/2025] [2:13:19 PM] [Global ] › ℹ info PID 155 received SIGTERM

[1/5/2025] [2:13:19 PM] [Global ] › ℹ info Stopping.

❯ Configuring npm user ...

0

usermod: no changes

❯ Configuring npm group ...

❯ Checking paths ...

❯ Setting ownership ...

❯ Dynamic resolvers ...

❯ IPv6 ...

Enabling IPV6 in hosts in: /etc/nginx/conf.d

- /etc/nginx/conf.d/default.conf

- /etc/nginx/conf.d/include/assets.conf

- /etc/nginx/conf.d/include/block-exploits.conf

- /etc/nginx/conf.d/include/force-ssl.conf

- /etc/nginx/conf.d/include/ip_ranges.conf

- /etc/nginx/conf.d/include/letsencrypt-acme-challenge.conf

- /etc/nginx/conf.d/include/log.conf

- /etc/nginx/conf.d/include/proxy.conf

- /etc/nginx/conf.d/include/ssl-ciphers.conf

- /etc/nginx/conf.d/include/resolvers.conf

- /etc/nginx/conf.d/production.conf

Enabling IPV6 in hosts in: /data/nginx

- /data/nginx/proxy_host/1.conf

❯ Docker secrets ...

Is there any way I can edit the template app-store pulls myself?
Wants to get NPM to run on port 443 and not 4443 because I want to integrate it with Tailscale and Tailscale only uses the container port, not the redirect port, so don’t help to set port 443-->4443 :(

yes, I know I can just run this in docker compose myself, but I like much better how Unriad7 shows/handles the Tailscale container integration in the GUI instead of having a sidecar container showing.

Sure, just click edit on the container. 

21 minutes ago, Kilrah said:

Sure, just click edit on the container. 

Does not work, the container port is always 4443

9 hours ago, isvein said:

Does not work, the container port is always 4443

If you run it on bridge that's not a problem. You didn't say what network you needed.

 

If you need it on port 80 for host/br0 just use the official container instead of this modified one. 

 

But if you use ipv6 you kinda do need to use it :)

1 hour ago, Kilrah said:

If you run it on bridge that's not a problem. You didn't say what network you needed.

 

If you need it on port 80 for host/br0 just use the official container instead of this modified one. 

 

True, was too late to remember that :(
Im using custom vlan so the container has its own IP
Ended up using the official one :)

On 12/29/2023 at 12:46 PM, Ptolemyiv said:

Am getting a certbot route53 error again in the logs and am unable to log in to the gui (since itself relies on ssl certificate!) - log is showing the following repeatedly:

 

[app         ] [12/29/2023] [11:33:43 AM] [Global   ] › ✖  error     Command failed: pip install --no-cache-dir certbot-dns-route53==$(certbot --version | grep -Eo '[0-9](\.[0-9]+)+') 
[app         ] The 'certbot_dns_route53.authenticator' plugin errored while loading: cannot import name 'DEFAULT_CIPHERS' from 'urllib3.util.ssl_' (/usr/lib/python3.10/site-packages/urllib3/util/ssl_.py). You may need to remove or update this plugin. The Certbot log will contain the full error details and this should be reported to the plugin developer.
[app         ] Ask for help or search for solutions at https://community.letsencrypt.org. See the logfile /tmp/certbot-log-ul_q9vn7/log or re-run Certbot with -v for more details.
[app         ] ERROR: Could not find a version that satisfies the requirement certbot-dns-route53== (from versions: 0.15.0.dev0, 0.15.0, 0.16.0, 0.17.0, 0.18.0, 0.18.1, 0.18.2, 0.19.0, 0.20.0, 0.21.0, 0.21.1, 0.22.0, 0.22.1, 0.22.2, 0.23.0, 0.24.0, 0.25.0, 0.25.1, 0.26.0, 0.26.1, 0.27.0, 0.27.1, 0.28.0, 0.29.0, 0.29.1, 0.30.0, 0.30.1, 0.30.2, 0.31.0, 0.32.0, 0.33.0, 0.33.1, 0.34.0, 0.34.1, 0.34.2, 0.35.0, 0.35.1, 0.36.0, 0.37.0, 0.37.1, 0.37.2, 0.38.0, 0.39.0, 0.40.0, 0.40.1, 1.0.0, 1.1.0, 1.2.0, 1.3.0, 1.4.0, 1.5.0, 1.6.0, 1.7.0, 1.8.0, 1.9.0, 1.10.0, 1.10.1, 1.11.0, 1.12.0, 1.13.0, 1.14.0, 1.15.0, 1.16.0, 1.17.0, 1.18.0, 1.19.0, 1.20.0, 1.21.0, 1.22.0, 1.23.0, 1.24.0, 1.25.0, 1.26.0, 1.27.0, 1.28.0, 1.29.0, 1.30.0, 1.31.0, 1.32.0, 2.0.0, 2.1.0, 2.2.0, 2.3.0, 2.4.0, 2.5.0, 2.6.0, 2.7.0, 2.7.1, 2.7.2, 2.7.3, 2.7.4, 2.8.0)
[app         ] ERROR: No matching distribution found for certbot-dns-route53==
[app         ] [12/29/2023] [11:33:44 AM] [Migrate  ] › ℹ  info      Current database version: none

 

Unfortunately the fix before doesn't seem to be working - anyone know how to fix this once and for all? (may be a recent update issue since only just started reoccurring again)

 

EDIT: So the only way I was able to fix this error was to run the following command and download urllib manually:

pip install 'urllib3<2'

 

Nginx Proxy Manager then loaded and unsuccessfully failed to auto-renew the certificates - after this, I was able to manually renew the certificates from the UI.

 

Strangely, if I reboot the container than the original error re-occurs and I have to manually execute the above command again...

 

Anyone else encountering the same or can suggest a permanent fix? Many thanks

 

 

I still have to take care of this issue every 3 month :D

On 1/5/2025 at 1:54 PM, Mattti1912 said:

Anyone who how to fix this one??

[IP Ranges] › ✖  error     getaddrinfo EAI_AGAIN ip-ranges.amazonaws.com

Did you solve it?

On 12/4/2024 at 3:17 PM, Free-MeN4 said:

I would like to issue a WARNING to all users using this APP,
The source image and repository for this app / docker image are greatly OUTDATED - From 2021,

It is feasible that users of this app expose this nginx externally to the public internet, those user are facing security risks due to using outdated software, the image is built on-top of openresty, which itself is a standalone extended distribution of nginx, both products are constantly under security scrutiny and cycles of vulnerability detection and patching.

I have raised a closed github issue here: https://github.com/jlesage/docker-nginx-proxy-manager/issues/331
I recommen
d users to move to the official image: https://github.com/NginxProxyManager/nginx-proxy-manager/tree/develop


it is a drop in replacement, when using: https://github.com/chrizzo84/unraid-templates/tree/main/nginx-proxy-manager-jc21

Is there a simple way to copy all your settings across if you change to the official docker?

On 1/19/2025 at 5:01 AM, bobalot said:

Is there a simple way to copy all your settings across if you change to the official docker?

 

Unfortunately, no. I'd further avoid trying to manually copy config files and databases. I've done this successfully in the past, but I've also done it unsuccessfully a couple of times. One of those times everything seemed to work for a couple of months, but then I found that Certbot wasn't able to renew anything - which I found out was due to some key mismatch in one file per certificate - this isn't something you want to be trying to fix in a rush at the last minute.

 

Just set up a parallel install and manually recreate everything. It didn't take me very long for 20-something hosts and about 10 certificates.

 

 

Edited by Espressomatic

Hi friends,

Since today, I'm seeing this repeating message in my NginxProxyManager log:

 

nginx       ] nginx: [warn] the "listen ... http2" directive is deprecated, use the "http2" directive instead in /data/nginx/proxy_host/10.conf:14

 

I also cannot open my docker apps webui's that are configured to run behind NginxProxyManager with my external domain urls.

 

When I use my internal ip's for my docker apps, I can open their webui's and use them.

 

Can someone please assist in solving this issue?

9 hours ago, mjeshurun said:

Hi friends,

Since today, I'm seeing this repeating message in my NginxProxyManager log:

 

nginx       ] nginx: [warn] the "listen ... http2" directive is deprecated, use the "http2" directive instead in /data/nginx/proxy_host/10.conf:14

 

I also cannot open my docker apps webui's that are configured to run behind NginxProxyManager with my external domain urls.

 

When I use my internal ip's for my docker apps, I can open their webui's and use them.

 

Can someone please assist in solving this issue?

I'm having the same issue and my external URLs aren't working.

 

Edit: Looks like the sample config has changed, see https://github.com/linuxserver/docker-swag/blob/master/root/defaults/nginx/site-confs/default.conf.sample

Edited by ryphez

15 hours ago, ryphez said:

I'm having the same issue and my external URLs aren't working.

 

Edit: Looks like the sample config has changed, see https://github.com/linuxserver/docker-swag/blob/master/root/defaults/nginx/site-confs/default.conf.sample

Good to know I'm not the only one suffering from this.
What does it mean that the sample config changed?
Do we need to change it for it to work again?

 

Edit: Until a solution is found for this NginxProxyManager issue, I switched my external url's connections from NginxProxyManager to Cloudflare Tunnels.

Now everything is working again, but that's not really a solution to the NginxProxyManage issue.

Edited by mjeshurun

  • 3 weeks later...
On 1/22/2025 at 10:19 PM, mjeshurun said:

Good to know I'm not the only one suffering from this.
What does it mean that the sample config changed?
Do we need to change it for it to work again?

 

Edit: Until a solution is found for this NginxProxyManager issue, I switched my external url's connections from NginxProxyManager to Cloudflare Tunnels.

Now everything is working again, but that's not really a solution to the NginxProxyManage issue.

 

Same problem here: I can no longer access the interface, and none of the configured sites are working.

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.

Guest
Reply to this topic...

Account

Navigation

Search

Search

Configure browser push notifications

Chrome (Android)
  1. Tap the lock icon next to the address bar.
  2. Tap Permissions → Notifications.
  3. Adjust your preference.
Chrome (Desktop)
  1. Click the padlock icon in the address bar.
  2. Select Site settings.
  3. Find Notifications and adjust your preference.