PSYCHOPATHiO Posted March 16, 2020 Share Posted March 16, 2020 This has been asked long time ago but is there a way to expose "visitor real IP"? I mean I setup an image hosting website but unfortunately all uploads will appear under my main user name cause of the same address & internal IP. I have a dedicated web server VM on a separate IP, from what I read previously at some point that it has to share the same IP with the NPM docker! Quote Link to comment
tknx Posted March 17, 2020 Share Posted March 17, 2020 Any guides on how to get a Minecraft Bedrock docker reverse proxied? Quote Link to comment
inh Posted March 22, 2020 Share Posted March 22, 2020 (edited) Cant seem to get it to start on a fresh unraid install: [s6-init] making user provided files available at /var/run/s6/etc...exited 0. [s6-init] ensuring user provided files have correct perms...exited 0. [fix-attrs.d] applying ownership & permissions fixes... [fix-attrs.d] done. [cont-init.d] executing container initialization scripts... [cont-init.d] 00-app-niceness.sh: executing... [cont-init.d] 00-app-niceness.sh: exited 0. [cont-init.d] 00-app-script.sh: executing... [cont-init.d] 00-app-script.sh: exited 0. [cont-init.d] 00-app-user-map.sh: executing... [cont-init.d] 00-app-user-map.sh: exited 0. [cont-init.d] 00-clean-logmonitor-states.sh: executing... [cont-init.d] 00-clean-logmonitor-states.sh: exited 0. [cont-init.d] 00-clean-tmp-dir.sh: executing... [cont-init.d] 00-clean-tmp-dir.sh: exited 0. [cont-init.d] 00-set-app-deps.sh: executing... [cont-init.d] 00-set-app-deps.sh: exited 0. [cont-init.d] 00-set-home.sh: executing... [cont-init.d] 00-set-home.sh: exited 0. [cont-init.d] 00-take-config-ownership.sh: executing... [cont-init.d] 00-take-config-ownership.sh: exited 0. [cont-init.d] 00-xdg-runtime-dir.sh: executing... [cont-init.d] 00-xdg-runtime-dir.sh: exited 0. [cont-init.d] nginx-proxy-manager.sh: executing... [cont-init.d] nginx-proxy-manager.sh: Initializing database data directory... [cont-init.d] nginx-proxy-manager.sh: exited 1. [services.d] stopping services [services.d] stopping s6-fdholderd... [cont-finish.d] executing container finish scripts... [cont-finish.d] done. [s6-finish] syncing disks. [s6-finish] sending all processes the TERM signal. [s6-finish] sending all processes the KILL signal and exiting. This is from the init_db log: Installing MariaDB/MySQL system tables in '/config/mysql' ... 2020-03-22 18:08:12 0 [ERROR] InnoDB: preallocating 12582912 bytes for file ./ibdata1 failed with error 95 2020-03-22 18:08:12 0 [ERROR] InnoDB: Could not set the file size of './ibdata1'. Probably out of disk space 2020-03-22 18:08:12 0 [ERROR] InnoDB: Database creation was aborted with error Generic error. You may need to delete the ibdata1 file before trying to start up again. 2020-03-22 18:08:13 0 [ERROR] Plugin 'InnoDB' init function returned error. 2020-03-22 18:08:13 0 [ERROR] Plugin 'InnoDB' registration as a STORAGE ENGINE failed. 2020-03-22 18:08:13 0 [ERROR] Unknown/unsupported storage engine: InnoDB 2020-03-22 18:08:13 0 [ERROR] Aborting After more digging in this thread, it appears that this is because my filesystem is ReiserFS and this container is incompatible with it. Did anyone ever fix this glaring oversight? Edited March 22, 2020 by inh Quote Link to comment
JonathanM Posted March 23, 2020 Share Posted March 23, 2020 13 hours ago, inh said: my filesystem is ReiserFS and this container is incompatible with it. Did anyone ever fix this glaring oversight? ReiserFS is not being updated or actively supported for many years now. It's going to cause more and more issues as time passes, not less. You need to migrate to XFS or BTRFS as soon as you can. There is a sticky thread from 5 years ago on conversion. https://forums.unraid.net/topic/35815-re-format-xfs-on-replacement-drive-convert-from-rfs-to-xfs-discussion-only/ Quote Link to comment
inh Posted March 23, 2020 Share Posted March 23, 2020 11 minutes ago, jonathanm said: ReiserFS is not being updated or actively supported for many years now. It's going to cause more and more issues as time passes, not less. You need to migrate to XFS or BTRFS as soon as you can. There is a sticky thread from 5 years ago on conversion. https://forums.unraid.net/topic/35815-re-format-xfs-on-replacement-drive-convert-from-rfs-to-xfs-discussion-only/ Ah look at that. Guess I got some work to do. Thank you! Quote Link to comment
isaw Posted March 24, 2020 Share Posted March 24, 2020 (edited) HI, I'm trying to forward OpenPorject as a docker (running br0) from within NginxPM. I'm pointing the sub.domain.com to the forwarder IP, but i'm getting 502 gateway errors when trying to access said webpage. I tried to read the log in nginx (below) but i'm not seeing much that directly points me to an error. I have no other details configured within Npm apart from the IP/port 2020/03/24 16:57:53 [error] 924#924: *30 connect() failed (113: Host is unreachable) while connecting to upstream, client: 192.168.0.1, server: project.hostname.biz, request: "GET / HTTP/1.1", upstream: "http://192.168.0.6:8080/", host: "project.hostname.biz", referrer: "http://192.168.0.200:7818/nginx/proxy" 2020/03/24 16:57:56 [error] 924#924: *30 connect() failed (113: Host is unreachable) while connecting to upstream, client: 192.168.0.1, server: project.hostname.biz, request: "GET /favicon.ico HTTP/1.1", upstream: "http://192.168.0.6:8080/favicon.ico", host: "project.hostname.biz", referrer: "http://project.hostname.biz/" Edit, further inspection lead me down the line of the br0 not being able to communicate with the bridge IP range. In the docker settings there is a option to allow communication between bridge/br0, so i've ticked that and hey presto! away we go. Now, is there a simple way to setup sub.tld.com/docker ? or do all the entries need to be docker.tld.com Edited March 25, 2020 by isaw fixed main issue Quote Link to comment
EC28 Posted March 25, 2020 Share Posted March 25, 2020 On 1/28/2019 at 7:39 AM, Djoss said: I have the same thing. It seems that Emby only runs on http port in this setup. But this is not an issue for me. Anybody every get a working https setup with Emby? Quote Link to comment
alturismo Posted March 25, 2020 Share Posted March 25, 2020 1 hour ago, EC28 said: Anybody every get a working https setup with Emby? https is handled by nginx, using https in emby makes only sense when u directly access emby by its https port from remote, in case u have issues there may try emby forum ? Quote Link to comment
EC28 Posted March 25, 2020 Share Posted March 25, 2020 4 minutes ago, alturismo said: https is handled by nginx, using https in emby makes only sense when u directly access emby by its https port from remote, in case u have issues there may try emby forum ? I'm not sure how I got it working, but the website shows as secure as of now. Quote Link to comment
Djoss Posted March 26, 2020 Author Share Posted March 26, 2020 On 3/24/2020 at 6:48 PM, isaw said: Now, is there a simple way to setup sub.tld.com/docker ? or do all the entries need to be docker.tld.com You can look at the "Custom location" tab, but it's much easier and less troubles to use a DNS name for each service you want to reverse-proxy. Quote Link to comment
EC28 Posted March 31, 2020 Share Posted March 31, 2020 Any update on the idea of being able to create a static webpage with this container? In that same vein, until there is one, what is the best container to use to create a static web landing page alongside this container for now? Quote Link to comment
debit lagos Posted April 1, 2020 Share Posted April 1, 2020 On 2/22/2020 at 10:24 PM, Djoss said: I also have the same issue. I'm not sure if this is a problem with NPM or not... Sorry it's been awhile, but In discussion over on the UI.com site, I was given this post as a workable solution to the Unifi Video not working with NPM. Could you assist with intrepreting the settings and how to implement them in NPM? Here's the link to the post: https://community.ui.com/questions/NGINX-Reverse-Proxy-in-a-Docker-Container/89509ee7-b920-4d9e-9736-73d981df97bb#answer/5b511459-5a02-46bb-ab60-a1b97c992189 Thanks in advance. Quote Link to comment
Snubbers Posted April 2, 2020 Share Posted April 2, 2020 This may well be the stupidest idea ever and feel free to laugh.. I have added a Proxy Host to effectively reverse proxy to the NPM's (NginxProxyManagers) own WEB UI, I wondered if it would blow up, but that part works well, I can access the proxy manager externally (using a sub-domain) and SSL. What doesn't work is when I add an 'Access List' to the Proxy Host config, I do this for my other Proxy Hosts to my other dockers, this gives a first layer of authentication independently of the target docker which makes me sleep better! When I say doesn't work, I mean, when you first access the URI externally you get the authentication dialog from the access list, but entering the correct credentials has it just pop up the same authentication dialog again, I can't get to the NPM login page. Not sure if I'm being stupid here, it feels wrong proxying to itself, but the WEBUI is on port 8081, the proxying is over 8080/4443 (the defaults). Quote Link to comment
Bandit_King Posted April 3, 2020 Share Posted April 3, 2020 All i get is stupid internal error and the program is never updates how I add jc21 version to my docker apps? What's the command? Quote Link to comment
ultimz Posted April 5, 2020 Share Posted April 5, 2020 Hi all, is it possible to get this docker app to listen on a custom br0 IP on port 80 and 443? I've tried to use custom br0 (with a new IP on my range where 80 and 443 is available) but it keeps defaulting to 8080 and 4443. Any help would be appreciated Quote Link to comment
ultimz Posted April 6, 2020 Share Posted April 6, 2020 23 hours ago, ultimz said: Hi all, is it possible to get this docker app to listen on a custom br0 IP on port 80 and 443? I've tried to use custom br0 (with a new IP on my range where 80 and 443 is available) but it keeps defaulting to 8080 and 4443. Any help would be appreciated I've done some investigating and the commands seem to be different when spinning up the container (Bridge vs Custom br0 with assigning different IP): On bridge /usr/local/emhttp/plugins/dynamix.docker.manager/scripts/docker run -d --name='NginxProxyManager' --net='bridge' -e TZ="Africa/Johannesburg" -e HOST_OS="Unraid" -e 'USER_ID'='99' -e 'GROUP_ID'='100' -e 'UMASK'='000' -e 'APP_NICENESS'='' -p '8181:8181/tcp' -p '81:8080/tcp' -p '444:4443/tcp' -v '/mnt/user/appdata/NginxProxyManager':'/config':'rw' 'jlesage/nginx-proxy-manager' On custom br0 /usr/local/emhttp/plugins/dynamix.docker.manager/scripts/docker run -d --name='NginxProxyManager' --net='br0' --ip='192.168.0.7' -e TZ="Africa/Johannesburg" -e HOST_OS="Unraid" -e 'TCP_PORT_8181'='8181' -e 'TCP_PORT_8080'='80' -e 'TCP_PORT_4443'='443' -e 'USER_ID'='99' -e 'GROUP_ID'='100' -e 'UMASK'='000' -e 'APP_NICENESS'='' -v '/mnt/user/appdata/NginxProxyManager':'/config':'rw' 'jlesage/nginx-proxy-manager' Any ideas on how I can fix this? Or can it be fixed with an update? Quote Link to comment
cesar_panter Posted April 7, 2020 Share Posted April 7, 2020 Hi, Thanks for the great work. I have a situation; i have a port forward in the router (80/443) pointing to the nginx proxy manager (A), and also and a website running with their nginx and ssl, within a server client (B) witch i don't have access . Can i have a custom/advanced configuration in the configured proxy, in nginx proxy manager (A) to use the remote certificate server (B), like a tcp pass through in haproxy ? Thanks Quote Link to comment
Djoss Posted April 7, 2020 Author Share Posted April 7, 2020 On 4/1/2020 at 12:34 PM, debit lagos said: Sorry it's been awhile, but In discussion over on the UI.com site, I was given this post as a workable solution to the Unifi Video not working with NPM. Could you assist with intrepreting the settings and how to implement them in NPM? Here's the link to the post: https://community.ui.com/questions/NGINX-Reverse-Proxy-in-a-Docker-Container/89509ee7-b920-4d9e-9736-73d981df97bb#answer/5b511459-5a02-46bb-ab60-a1b97c992189 Thanks in advance. What is not working exactly with NPM ? Are you at least able to get the login page? Quote Link to comment
Djoss Posted April 7, 2020 Author Share Posted April 7, 2020 On 4/2/2020 at 9:35 AM, Snubbers said: This may well be the stupidest idea ever and feel free to laugh.. I have added a Proxy Host to effectively reverse proxy to the NPM's (NginxProxyManagers) own WEB UI, I wondered if it would blow up, but that part works well, I can access the proxy manager externally (using a sub-domain) and SSL. What doesn't work is when I add an 'Access List' to the Proxy Host config, I do this for my other Proxy Hosts to my other dockers, this gives a first layer of authentication independently of the target docker which makes me sleep better! When I say doesn't work, I mean, when you first access the URI externally you get the authentication dialog from the access list, but entering the correct credentials has it just pop up the same authentication dialog again, I can't get to the NPM login page. Not sure if I'm being stupid here, it feels wrong proxying to itself, but the WEBUI is on port 8081, the proxying is over 8080/4443 (the defaults). It make sense to reverse proxy the admin page. I'm not sure about this the issue you are seeing with the access list, but since there is already a login page, is an access list needed? Quote Link to comment
Djoss Posted April 7, 2020 Author Share Posted April 7, 2020 On 4/3/2020 at 1:51 AM, Bandit_King said: All i get is stupid internal error and the program is never updates how I add jc21 version to my docker apps? What's the command? In settings of the Community Apps plugin, you have an option that allow you to get search results from Dockerhub. But since this container is based on jc21's one, you will probably get the same "internal error", which is usually related to an issue with the setup. Quote Link to comment
Djoss Posted April 7, 2020 Author Share Posted April 7, 2020 19 hours ago, ultimz said: I've done some investigating and the commands seem to be different when spinning up the container (Bridge vs Custom br0 with assigning different IP): On bridge /usr/local/emhttp/plugins/dynamix.docker.manager/scripts/docker run -d --name='NginxProxyManager' --net='bridge' -e TZ="Africa/Johannesburg" -e HOST_OS="Unraid" -e 'USER_ID'='99' -e 'GROUP_ID'='100' -e 'UMASK'='000' -e 'APP_NICENESS'='' -p '8181:8181/tcp' -p '81:8080/tcp' -p '444:4443/tcp' -v '/mnt/user/appdata/NginxProxyManager':'/config':'rw' 'jlesage/nginx-proxy-manager' On custom br0 /usr/local/emhttp/plugins/dynamix.docker.manager/scripts/docker run -d --name='NginxProxyManager' --net='br0' --ip='192.168.0.7' -e TZ="Africa/Johannesburg" -e HOST_OS="Unraid" -e 'TCP_PORT_8181'='8181' -e 'TCP_PORT_8080'='80' -e 'TCP_PORT_4443'='443' -e 'USER_ID'='99' -e 'GROUP_ID'='100' -e 'UMASK'='000' -e 'APP_NICENESS'='' -v '/mnt/user/appdata/NginxProxyManager':'/config':'rw' 'jlesage/nginx-proxy-manager' Any ideas on how I can fix this? Or can it be fixed with an update? Port mappings work only when using the bridge network mode. In other modes, you have to work with container's ports (8080 and 4443). Quote Link to comment
Djoss Posted April 7, 2020 Author Share Posted April 7, 2020 1 hour ago, cesar_panter said: Hi, Thanks for the great work. I have a situation; i have a port forward in the router (80/443) pointing to the nginx proxy manager (A), and also and a website running with their nginx and ssl, within a server client (B) witch i don't have access . Can i have a custom/advanced configuration in the configured proxy, in nginx proxy manager (A) to use the remote certificate server (B), like a tcp pass through in haproxy ? Thanks It seems that the "stream" feature of nginx could do the job, but I don't know if this can be mixed with other stuff on the same port... Quote Link to comment
ultimz Posted April 7, 2020 Share Posted April 7, 2020 2 hours ago, Djoss said: Port mappings work only when using the bridge network mode. In other modes, you have to work with container's ports (8080 and 4443). Thanks Djoss - I have moved the unraid server off port 80 and made this container use bridge network mode and port 80/443. Thanks for all the amazing work. This docker is very useful! Quote Link to comment
cesar_panter Posted April 7, 2020 Share Posted April 7, 2020 (edited) 7 hours ago, Djoss said: It seems that the "stream" feature of nginx could do the job, but I don't know if this can be mixed with other stuff on the same port... Hummm... How do i implement the stream option? I mean, beside configure one in the stream panel; how do i link a name server to the stream? sorry for the inconvenience... Thanks Edited April 7, 2020 by cesar_panter Quote Link to comment
Snubbers Posted April 7, 2020 Share Posted April 7, 2020 (edited) 9 hours ago, Djoss said: It make sense to reverse proxy the admin page. I'm not sure about this the issue you are seeing with the access list, but since there is already a login page, is an access list needed? Thanks for the reply! In this day/age of security I'd say it's becoming essential if you do expose services by - Adding a layer of anonymity, anyone snooping around won't know the service you are proxying to, all they will know if they fail the access list authentication is you are running nginx. - By directly exposing the service, I am relying on the robustness of their individual authentication methods, and this ties in with the previous point of hiding the service as much as possible. My setup (in case it helps in any way!) It's setup using br0 (so own IP address) using default 8080/4443 ports My DNS record is a subdomain CNAME pointing to a Dynamic DNS address that points to my WAN IP. My proxy host in NPM is set as follows (private info removed Domain Name: subdomain.mydomain.com scheme: http Forward Hostname/IP: NginxProxyManager (I'm using the container name, but tried the IP as well with the same issue) Forward Port: 8181 Cache Assets: Off Block Common Exploits: On Websockets Support: Off Access List: "Home" (A list called home with a single user, 'admin' ) Custom Locations: None SSL: Custom (1and1 Wildcard cert for my domain) Force SSL: On HSTS Enabled: Off HTTP/2 Support: Off HSTS Subdomains: N/A Advanced: Empty It may well be an issue with the NPM itself? Edited April 7, 2020 by Snubbers Quote Link to comment
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.