February 28, 20251 yr On 2/7/2025 at 6:32 AM, BœufLord said: Same problem here: I can no longer access the interface, and none of the configured sites are working. Has anyone figured this out?
March 1, 20251 yr On 2/28/2025 at 5:40 AM, eeplelife said: Has anyone figured this out? I don't know if it helps you, but my problem was that I logged in to Cloudflare with an Apple "shadowed" email AKA *Hide my email*. So my email asking for certificates from NGINX, didn't match the one from Cloudflare. I had to delete my account with Cloudflere and start over, using same email as in NGINX.
March 31, 20251 yr I have been experiencing periodic crashes with nginx in Unraid Docker. It only happens every couple of weeks, but I have no idea how to fix this. Google has not been helpful, either. Below is the end of the nginx log from when I found the container had stopped. Any help would be much appreciated! I have 128gb of RAM, so Unraid shouldn't be actually running out of memory. [app ] [3/28/2025] [11:00:23 PM] [SSL ] › ℹ info Completed SSL cert renew process [app ] [3/29/2025] [12:00:23 AM] [IP Ranges] › ℹ info Fetching IP Ranges from online services... [app ] [3/29/2025] [12:00:23 AM] [IP Ranges] › ℹ info Fetching https://ip-ranges.amazonaws.com/ip-ranges.json [app ] [3/29/2025] [12:00:23 AM] [SSL ] › ℹ info Renewing SSL certs expiring within 30 days ... [app ] [3/29/2025] [12:00:23 AM] [SSL ] › ℹ info Completed SSL cert renew process [app ] <--- Last few GCs ---> [app ] [423:0x145bbd2c70b0] 259201328 ms: Mark-sweep 232.7 (254.7) -> 231.1 (254.7) MB, 25.0 / 0.0 ms (average mu = 0.761, current mu = 0.808) task; scavenge might not succeed [app ] [423:0x145bbd2c70b0] 259201448 ms: Mark-sweep 232.1 (254.7) -> 231.8 (255.5) MB, 46.1 / 0.0 ms (average mu = 0.684, current mu = 0.614) allocation failure; scavenge might not succeed [app ] <--- JS stacktrace ---> [app ] FATAL ERROR: Reached heap limit Allocation failed - JavaScript heap out of memory [supervisor ] service 'app' exited (got signal SIGABRT). [supervisor ] service 'app' exited, shutting down... [supervisor ] stopping service 'nginx'... [supervisor ] service 'nginx' exited (with status 0). [finish ] executing container finish scripts... [finish ] all container finish scripts executed.
August 10, 2025Aug 10 update. Fixed. port 80 showed closed, remapped in router and now fixed. In case some one else comes across the error.Looking for some help. Not sure what's causing the error and not sure how to renew outside of the container. I get the following error when trying to renew:[app ] [8/9/2025] [10:34:34 PM] [SSL ] › ℹ info Renewing Let'sEncrypt certificates for Cert #86: ai.digital-domination.net[app ] [8/9/2025] [10:34:34 PM] [SSL ] › ℹ info Command: certbot renew --force-renewal --config '/etc/letsencrypt.ini' --work-dir "/tmp/letsencrypt-lib" --logs-dir "/tmp/letsencrypt-log" --cert-name 'npm-86' --preferred-challenges "dns,http" --no-random-sleep-on-renew --disable-hook-validation [app ] [8/9/2025] [10:34:34 PM] [Global ] › ⬤ debug CMD: certbot renew --force-renewal --config '/etc/letsencrypt.ini' --work-dir "/tmp/letsencrypt-lib" --logs-dir "/tmp/letsencrypt-log" --cert-name 'npm-86' --preferred-challenges "dns,http" --no-random-sleep-on-renew --disable-hook-validation [app ] [8/9/2025] [10:34:45 PM] [Express ] › ⚠ warning Saving debug log to /tmp/letsencrypt-log/letsencrypt.log[app ] Failed to renew certificate npm-86 with error: Some challenges have failed.[app ] All renewals failed. The following certificates could not be renewed:[app ] /etc/letsencrypt/live/npm-86/fullchain.pem (failure)[app ] 1 renew failure(s), 0 parse failure(s)Taken from the container log. If any other log is needed, please let me know where and which one and I will post it. I have several certs that need renewing and any help would be appreciated. I did upgrade my router a couple of months ago, in case that could be the issue. Edited August 10, 2025Aug 10 by Spectral Force
August 20, 2025Aug 20 On 2/27/2025 at 8:40 PM, eeplelife said:Has anyone figured this out?So I dug into this and it turns out the container is out of date. It is currently running v2.12.3 while the current version is v2.12.6 (which includes a fix).See this issue on the Nginx Proxy Manager repo: https://github.com/NginxProxyManager/nginx-proxy-manager/issues/4606And I created this issue on jlesage's docker-nginx-proxy-manager repo: https://github.com/jlesage/docker-nginx-proxy-manager/issues/345. Hopefully it is seen and fixed soon :) Edited August 20, 2025Aug 20 by finder39
August 20, 2025Aug 20 5 hours ago, finder39 said:So I dug into this and it turns out the container is out of date. It is currently running v2.12.3 while the current version is v2.12.6 (which includes a fix).Check you haven't pinned the version yourself.
August 20, 2025Aug 20 On 1/22/2025 at 1:19 PM, mjeshurun said:Good to know I'm not the only one suffering from this.What does it mean that the sample config changed?Do we need to change it for it to work again? Edit: Until a solution is found for this NginxProxyManager issue, I switched my external url's connections from NginxProxyManager to Cloudflare Tunnels.Now everything is working again, but that's not really a solution to the NginxProxyManage issue.I was able to find a solution to this as well. Previously my x.conf files looked like this:server { set $forward_scheme https; set $server “cool_name.local"; set $port 1234; listen 8080; listen [::]:8080; listen 4443 ssl http2; listen [::]:4443 ssl http2; ... location / { proxy_set_header Host $host; proxy_set_header X-Forwarded-Scheme $scheme; proxy_set_header X-Forwarded-Proto $scheme; proxy_set_header X-Forwarded-For $remote_addr; proxy_set_header X-Real-IP $remote_addr; proxy_pass http://cool_name.local:1234; ...I modified them like as follows and the container was able to start up right away and everything worked!server { set $forward_scheme https; set $server “192.168.xxx.xxx“; // change this to the IP address instead of the .local name set $port 1234; listen 8080; listen [::]:8080; // these change as well, handling the new way we need to use http2 listen 4443 ssl; listen [::]:4443 ssl; http2 on; ... location / { proxy_set_header Host $host; proxy_set_header X-Forwarded-Scheme $scheme; proxy_set_header X-Forwarded-Proto $scheme; proxy_set_header X-Forwarded-For $remote_addr; proxy_set_header X-Real-IP $remote_addr; proxy_pass http://$server:$port; // this is to make use of what is in the server section Edited August 20, 2025Aug 20 by finder39
August 20, 2025Aug 20 9 hours ago, Kilrah said:Check you haven't pinned the version yourself.I checked and I haven't, the latest version of the repo the unraid template points to is only running v2.12.3
November 5, 2025Nov 5 Hey @DjossI'm having issues communicating from NPM to certain containers on different networks within unraid. Can you let me know what's the best network setup for NPM to communicate with any/all containers across different networks?I can successfully communicate from the following:NPM 10.48.48.96 (druproxynet) --> any container on (bridge)NPM 10.48.48.96 (druproxynet) --> 192.168.107 (on proxmox server)I can't ping from the following:NPM 10.48.48.96 (druproxynet) --> 192.168.72.3 (br1)NPM 10.48.48.96 (druproxynet) --> 10.48.48.3 (br0)Please see screenshots for the docker setting, network listings, container list.Thanks Edited November 8, 2025Nov 8 by TekDRu add interface settings
November 18, 2025Nov 18 On 8/9/2025 at 10:40 PM, Spectral Force said:Fixed. port 80 showed closed, remapped in router and now fixed. In case some one else comes across the error.Huge thanks! I changed modems and had this issue...port 80 wasn't mapped and I couldn't renew my certs. Appreciate the solution! Edited November 18, 2025Nov 18 by Andiroo2
January 22Jan 22 Need some help....My setup is as follows:DDNS is setup trought duckdns: mysubnet.duckdns.orgCNAME is configured in domain registrar myserver.mydomain.com points to mysubnet.duckdns.orgISP modem has fowarded ports 80/53/443 to NPMlocal adress in the range of 192.168.2.xNPM is configured with the ports listening at 80/53/443i cannot use NPM to redirect https.... here is what iv'e done:if i open a port at the ISP modem level, lets say port 9999 redirects to a service on the server and i access it through duckdns.org it goes through to the service ath server without any problems..mysubnet.duckdns.org:9999 ---> it goes through as long port forward is enabledif the port at the ISP modem level, port 9999 is closed.... then it doesnt go through....NPM has the same service proxied, and enabled as myserver.mydomain.com at port 9999 this port is https,NPM does not go through, i cannot connect to the service, but if i change the same service to another port, lets say 9090 and this port only handles http, it does go through...NPM does show welcome page if you go to http://NPMlocaladdress:80Somehow i could register for the letsencrypt ssl certificate after many attemps, still the PROXY address does not go through, the CNAME is correctly registered (i have 4 CNAME enabled at the domain registrar). None of them go through if its HTTPS, only HTTP......i don´t know what am i missing,two years ago was working correctly, i stopped the service a while ago.... changed ISP modem, same settings on the new modem, same ISP....any help is appreciatededit: localaddress changed to NPMlocaladress Edited January 22Jan 22 by kicsrules
March 16Mar 16 I installed the latest version and am getting an SSL handshake failed error Error code 525 Even the website is having the same problem:Application Site: https://nginxproxymanager.jc21.comIs there any way to fix this?
March 16Mar 16 Author Can you share the config of the host ? What kind of cert it used ? Letsencrypt or a custom Cloudflare cert ?Can you share the full log (docker logs NginxProxyManager)?Can you also check the nginx log associated to the host ? Edited March 16Mar 16 by Djoss
March 16Mar 16 @Djoss The problem is described here:I have Cloudflare set up, and the certificate is configured in Nginx via Cloudflare.Logi:│ ││ Application: Nginx Proxy Manager ││ Application Version: 2.14.0 ││ Docker Image Version: 26.03.1 ││ Docker Image Platform: linux/amd64 ││ │╰――――――――――――――――――――――――――――――――――――――――――――――――――――――――――――――――――――――╯[cont-init ] 89-info.sh: terminated successfully.[cont-init ] all container initialization scripts executed.[init ] giving control to process supervisor.[supervisor ] loading services...[supervisor ] loading service 'default'...[supervisor ] loading service 'app'...[supervisor ] loading service 'nginx'...[supervisor ] loading service 'logmonitor'...[supervisor ] service 'logmonitor' is disabled.[supervisor ] loading service 'logrotate'...[supervisor ] service 'logrotate' is disabled.[supervisor ] loading service 'cert_cleanup'...[supervisor ] all services loaded.[supervisor ] starting services...[supervisor ] starting service 'nginx'...[supervisor ] starting service 'app'...[supervisor ] all services started.[cert_cleanup] ----------------------------------------------------------[cert_cleanup] Let's Encrypt certificates cleanup - 2026/03/16 12:56:50[cert_cleanup] ----------------------------------------------------------[cert_cleanup] Keeping /etc/letsencrypt/archive/npm-9/fullchain2.pem.[cert_cleanup] Keeping /etc/letsencrypt/archive/npm-9/privkey2.pem.[cert_cleanup] Keeping /etc/letsencrypt/archive/npm-9/chain2.pem.[cert_cleanup] Keeping /etc/letsencrypt/archive/npm-9/cert2.pem.[cert_cleanup] Keeping /etc/letsencrypt/archive/npm-2/fullchain9.pem.[cert_cleanup] Keeping /etc/letsencrypt/archive/npm-2/chain9.pem.[cert_cleanup] Keeping /etc/letsencrypt/archive/npm-2/cert9.pem.[cert_cleanup] Keeping /etc/letsencrypt/archive/npm-2/privkey9.pem.[cert_cleanup] 8 file(s) kept.[cert_cleanup] 0 file(s) deleted.[app ] [3/16/2026] [12:56:50 PM] [Global ] › ℹ info Using configuration from file: ./config/production.json[app ] [3/16/2026] [12:56:50 PM] [Migrate ] › ℹ info Current database version: none[app ] [3/16/2026] [12:56:50 PM] [Setup ] › ℹ info Logrotate Timer initialized[app ] [3/16/2026] [12:56:50 PM] [Setup ] › ℹ info Logrotate completed.[app ] [3/16/2026] [12:56:50 PM] [Global ] › ℹ info IP Ranges fetch is enabled[app ] [3/16/2026] [12:56:50 PM] [IP Ranges] › ℹ info Fetching IP Ranges from online services...[app ] [3/16/2026] [12:56:50 PM] [IP Ranges] › ℹ info Fetching https://ip-ranges.amazonaws.com/ip-ranges.json[app ] [3/16/2026] [12:56:50 PM] [IP Ranges] › ℹ info Fetching https://www.cloudflare.com/ips-v4[app ] [3/16/2026] [12:56:51 PM] [IP Ranges] › ℹ info Fetching https://www.cloudflare.com/ips-v6[app ] [3/16/2026] [12:56:51 PM] [SSL ] › ℹ info Let's Encrypt Renewal Timer initialized[app ] [3/16/2026] [12:56:51 PM] [SSL ] › ℹ info Renewing SSL certs expiring within 30 days ...[app ] [3/16/2026] [12:56:51 PM] [IP Ranges] › ℹ info IP Ranges Renewal Timer initialized[app ] [3/16/2026] [12:56:51 PM] [Global ] › ℹ info Backend PID 560 listening on port 3000 ...[app ] [3/16/2026] [12:56:51 PM] [SSL ] › ℹ info Completed SSL cert renew processMy settings router:My docker parametrs:docker run -d --name='NginxProxyManager' --net='dockernet' --pids-limit 2048 -e TZ="Europe/Warsaw" -e HOST_OS="Unraid" -e HOST_HOSTNAME="KulisUnRaid" -e HOST_CONTAINERNAME="NginxProxyManager" -e 'USER_ID'='99' -e 'GROUP_ID'='100' -e 'UMASK'='0000' -e 'APP_NICENESS'='0' -e 'DISABLE_IPV6'='0' -l net.unraid.docker.managed=dockerman -l net.unraid.docker.webui='http://[IP]:[PORT:8181]' -l net.unraid.docker.icon='' -p '7818:8181/tcp' -p '1880:8080/tcp' -p '18443:4443/tcp' -v '/mnt/user/appdata/NginxProxyManager':'/config':'rw' 'jlesage/nginx-proxy-manager'
March 16Mar 16 Same issues as above.What I believe to be the Issue:Current database version: noneWhat i can almost guarantee due to the log output above, that's the issue lol.[app ] [3/16/2026] [12:56:50 PM] [Migrate ] › ℹ info Current database version: noneStarting some tests for resolution will report back ASAP!
March 16Mar 16 Having the exact same issues as the users above & also using Cloudflare.Was working prior to update and no configuration changes prior or post updating the container.Unable to do any real troubleshooting until I get back from work later today.
March 16Mar 16 To temporarily resolve this issue, you can use the previous release of Nginx Proxy Manager. Edit the app and change the repository to:jlesage/nginx-proxy-manager:v25.09.1Once this is resolved, you should change it back to:jlesage/nginx-proxy-manage
March 16Mar 16 @sdchoniWhen I do that, I get a message in the log saying that the migration failed. Edited March 16Mar 16 by Kulis
March 16Mar 16 Milage may vary. GOLDEN RULE: BACK YOU DATA UP NO IF ANDS OR BUTS BEFORE ATTEMPTING! (Options Least to Most invasive)1: Roll the docker image back to prior version, until image issue is resolved. 2: In the NGINX Proxy Manager UI, go to your proxy hosts, disable the cert, save, enable the cert save and check mark all 4 of the main boxes (or your flavor) this forces the .conf to update - Check proxy. 3: Confirm Port mappings in the container.4. If that fails move check your DB for merge locks etc. This was causing my database version to be :none check DB version:docker logs <container_name> | grep "Current database version"# Set your database path hereDB_PATH="/your/custom/path/to/database.sqlite"# 1. Back up the databasecp "$DB_PATH" "${DB_PATH}.bak"# 2. Sync migrationssqlite3 "$DB_PATH" "INSERT INTO knex_migrations SELECT * FROM migrations;"# 3. Clear the locksqlite3 "$DB_PATH" "UPDATE knex_migrations_lock SET is_locked = 0;"Some like this direct format more:# 1. Back up the existing databasecp /path/to/nginxproxymanager/database.sqlite /path/to/nginxproxymanager/database.sqlite.bak# 2. Sync the old migrations table to the new knex_migrations tablesqlite3 /path/to/nginxproxymanager/database.sqlite "INSERT INTO knex_migrations SELECT * FROM migrations;"# 3. Ensure the migration lock is cleared so NPM can bootsqlite3 /path/to/nginxproxymanager/database.sqlite "UPDATE knex_migrations_lock SET is_locked = 0;"#check DB versiondocker logs <container_name> | grep "Current database version"**If that is now showing a proper version and still failing do/check steps 2/3 again! Hope this help, this got me up and running, I obviously cant account for all scenarios & will advise once more BACK UP YOUR DATA!
March 16Mar 16 NGINX v2.14.0 works after unRAID reboot, some time later starts failing, with Cloudflare reporting Bad Gateway Error code 502:(This is a configuration that has worked correctly for the last year until recently)The error messages in the NGINX proxy-host-2_error.log:2026/03/16 11:38:31 [error] 482#482: *16 recv() failed (104: Connection reset by peer) while reading response header from upstream, client: 162.158.155.156, server: APPLICATION.MYDOMAIN.net, request: "GET / HTTP/1.1", upstream: "http://10.55.83.191:8080/", host: "APPLICATION.MYDOMAIN.net"2026/03/16 11:38:32 [error] 483#483: *18 recv() failed (104: Connection reset by peer) while reading response header from upstream, client: 104.23.187.209, server: APPLICATION.MYDOMAIN.net, request: "GET /ui3serviceworker.js?v=318-6.0.3.8 HTTP/1.1", upstream: "http://10.55.83.191:8080/ui3serviceworker.js?v=318-6.0.3.8", host: "APPLICATION.MYDOMAIN.net"2026/03/16 11:38:33 [error] 484#484: *20 recv() failed (104: Connection reset by peer) while reading response header from upstream, client: 104.23.190.195, server: APPLICATION.MYDOMAIN.net, request: "GET /favicon.ico HTTP/1.1", upstream: "http://10.55.83.191:8080/favicon.ico", host: "APPLICATION.MYDOMAIN.net", referrer: "https://APPLICATION.MYDOMAIN.net/"
March 17Mar 17 Author @wmcneil the connection seems to be terminated by your upstream at 10.55.83.191. Get you can more details on the upstream ?Also, does Cloudflare give more details about the problem ?
March 17Mar 17 11 hours ago, Djoss said:@wmcneil the connection seems to be terminated by your upstream at 10.55.83.191. Get you can more details on the upstream ?Also, does Cloudflare give more details about the problem ?Hi, thanks for your response. 10.55.83.191 is the ultimate webserver. The webserver in this case is a BlueIris webserver running in a Win11 VM that is located on the same unRAID machine that is running the NGINX docker under unRAID. After further testing, I see that upon stopping and starting BlueIris, things are working. I will wait until the next failure to see if I can glean anything from the BlueIris log. Cloudflair claims "The HTTP 502 error is coming from your origin web server and is not caused by Cloudflare."
March 18Mar 18 I had restored my data/configuration for nginx proxy manager from a backup after the update yesterday prior to rolling back to v25.09.1, just to get me going again. Unsure if this will make a difference for others that just rolled back and have the db migration issue.Just updated, I also made sure to target the new version - v26.03.2. There are still some errors in my container log.[app ] [3/18/2026] [5:22:18 PM] [SSL ] › ℹ info Renewing LetsEncrypt certificates for Cert #29: test.example.com[app ] [3/18/2026] [5:22:18 PM] [SSL ] › ℹ info Command: certbot renew --force-renewal --config /etc/letsencrypt.ini --work-dir /tmp/letsencrypt-lib --logs-dir /data/logs --cert-name npm-29 --preferred-challenges http --no-random-sleep-on-renew --disable-hook-validation[app ] [3/18/2026] [5:22:21 PM] [SSL ] › ✖ error Saving debug log to /data/logs/letsencrypt.log[app ] Failed to renew certificate npm-29 with error: Some challenges have failed.[app ] All renewals failed. The following certificates could not be renewed:[app ] /etc/letsencrypt/live/npm-29/fullchain.pem (failure)[app ] 1 renew failure(s), 0 parse failure(s)[app ] Ask for help or search for solutions at https://community.letsencrypt.org. See the logfile /data/logs/letsencrypt.log or re-run Certbot with -v for more details.[app ] [3/18/2026] [5:22:21 PM] [SSL ] › ℹ info Completed SSL cert renew processEven with these errors, it appears nginx is working okay, have only tested a few containers but all are configured in the same manner with a CF origin cert.
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.