mattie112 Posted September 26, 2021 Share Posted September 26, 2021 There should be an option to redirect traffic to HTTPS ('force https' or something like that). I can't currently check how it is called exactly as I am having some PSU issues so my server is offline Quote Link to comment
Nexius2 Posted October 4, 2021 Share Posted October 4, 2021 (edited) Hello, I have for the second time a problem with nginx proxy manager. I can't log in.... message "No relevant user found" nothing has been done since last connection. last time it happened, I couldn't do anything so I unintalled and redo everything. since then no issues and actually it is working fine. I juste can't log in is the problem knowned? thanks Edited October 4, 2021 by Nexius2 Quote Link to comment
Schmackei Posted October 10, 2021 Share Posted October 10, 2021 I am in need of help. Running unRaid with Nginx Proxy Manager + Cloudflare. I have nextcloud setup and have previously been using duckdns to access it, but since setting up nginx and cloudflare, have swapped to nextcloud.domainname.net. I have set cloudflare and nginx up correctly in unraid as i can access everything else without an issue, but whenever i try and access nextcloud.domainname.net, it will constantly url swap back to my previous duckdns link and error. I have confirmed through "curl -i -l https://nextcloud.domainname.net" that everything is working well until it hits on a location address "https://nextcloud.duckdns.org" instead of what i want. searching thoroughly confirms it is a 302 url rerouting error from nginx and needs the conf file to be edited. this is where my problem gets worse. There is no nginx.conf file locatable on my system at all. it does not appear to exist. locations i have checked include:- /etc/ (every sub folder) /usr/ (every sub folder) /root/ (every sub folder) */appdata/ (every sub folder) I am at a loss where the conf file is or how i can simply resolve the issue with the 302 rerouting issue. Quote /tmp # curl -i -l https://nextcloud.domainname.net HTTP/2 302 date: Sun, 10 Oct 2021 09:43:33 GMT content-type: text/html; charset=UTF-8 location: https://nextcloud.duckdns.org/login expires: Thu, 19 Nov 1981 08:52:00 GMT cache-control: no-store, no-cache, must-revalidate pragma: no-cache set-cookie: oc_sessionPassphrase=****; path=/; secure; HttpOnly; SameSite=Lax set-cookie: oc0rpib6w2sx=1iilp1jdtbf0koqrg0pn55aalq; path=/; secure; HttpOnly; SameSite=Lax set-cookie: __Host-nc_sameSiteCookielax=true; path=/; httponly;secure; expires=Fri, 31-Dec-2100 23:59:59 GMT; SameSite=lax set-cookie: __Host-nc_sameSiteCookiestrict=true; path=/; httponly;secure; expires=Fri, 31-Dec-2100 23:59:59 GMT; SameSite=strict content-security-policy: default-src 'self'; script-src 'self' 'nonce-****='; style-src 'self' 'unsafe-inline'; frame-src *; img-src * data: blob:; font-src 'self' data:; media-src *; connect-src *; object-src 'none'; base-uri 'self'; referrer-policy: no-referrer x-content-type-options: nosniff x-download-options: noopen x-frame-options: SAMEORIGIN x-permitted-cross-domain-policies: none x-robots-tag: none x-xss-protection: 1; mode=block x-served-by: nextcloud.domainname.net cf-cache-status: DYNAMIC expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=****,"group":"cf-nel","max_age":604800} nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server: cloudflare cf-ray: 69bee7adaed96a72-SYD alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400 Quote Link to comment
mattie112 Posted October 13, 2021 Share Posted October 13, 2021 Is this not an setting/issue with nextcloud? Does that have a redirect / force domain option? 1 Quote Link to comment
Schmackei Posted October 14, 2021 Share Posted October 14, 2021 (edited) 15 hours ago, mattie112 said: Is this not an setting/issue with nextcloud? Does that have a redirect / force domain option? I thank you so much, I was able to find the file to exit in the nextcloud/www/config/*.php file.. that was a huge pain in the a... thank you. Edited October 14, 2021 by Schmackei solved the issue. Quote Link to comment
moraleseder Posted October 15, 2021 Share Posted October 15, 2021 I currently run this app on unraid, have been using it for a while and never had any issues until recently. My logs started showing this [nginx] starting... nginx: [warn] low address bits of 192.168.1.0/16 are meaningless in /data/nginx/proxy_host/10.conf:111 nginx: [warn] low address bits of 192.168.1.0/16 are meaningless in /data/nginx/proxy_host/11.conf:124 nginx: [warn] low address bits of 192.168.1.0/16 are meaningless in /data/nginx/proxy_host/15.conf:111 nginx: [warn] low address bits of 192.168.1.0/16 are meaningless in /data/nginx/proxy_host/20.conf:119 nginx: [warn] low address bits of 192.168.1.0/16 are meaningless in /data/nginx/proxy_host/22.conf:124 nginx: [warn] low address bits of 192.168.1.0/16 are meaningless in /data/nginx/proxy_host/24.conf:124 nginx: [warn] low address bits of 192.168.1.0/16 are meaningless in /data/nginx/proxy_host/25.conf:124 nginx: [warn] low address bits of 192.168.1.0/16 are meaningless in /data/nginx/proxy_host/28.conf:124 nginx: [warn] low address bits of 192.168.1.0/16 are meaningless in /data/nginx/proxy_host/29.conf:124 nginx: [warn] low address bits of 192.168.1.0/16 are meaningless in /data/nginx/proxy_host/3.conf:111 nginx: [warn] low address bits of 192.168.1.0/16 are meaningless in /data/nginx/proxy_host/33.conf:124 nginx: [warn] low address bits of 192.168.1.0/16 are meaningless in /data/nginx/proxy_host/35.conf:124 nginx: [warn] low address bits of 192.168.1.0/16 are meaningless in /data/nginx/proxy_host/37.conf:124 nginx: [warn] low address bits of 192.168.1.0/16 are meaningless in /data/nginx/proxy_host/4.conf:111 nginx: [warn] low address bits of 192.168.1.0/16 are meaningless in /data/nginx/proxy_host/5.conf:111 nginx: [warn] low address bits of 192.168.1.0/16 are meaningless in /data/nginx/proxy_host/6.conf:111 nginx: [warn] low address bits of 192.168.1.0/16 are meaningless in /data/nginx/proxy_host/8.conf:124 nginx: [warn] low address bits of 192.168.1.0/16 are meaningless in /data/nginx/proxy_host/9.conf:124 nginx: [warn] could not build optimal variables_hash, you should increase either variables_hash_max_size: 1024 or variables_hash_bucket_size: 64; ignoring variables_hash_bucket_size When I try to access any of my proxy hosts I get error 521, webserver is down. I haven't made any changes and I cant think of what would have triggered this error. Any help would be appreciated. Quote Link to comment
azkall Posted October 20, 2021 Share Posted October 20, 2021 Neel help reseting admin password! how do I do it? Quote Link to comment
mattie112 Posted October 20, 2021 Share Posted October 20, 2021 1 hour ago, azkall said: Neel help reseting admin password! how do I do it? Please just use the search.... https://forums.unraid.net/search/?q=reset password&quick=1&type=forums_topic&item=76460 But in case you cant find it: Quote Link to comment
Unraid-arr Posted October 24, 2021 Share Posted October 24, 2021 Hello @Djoss/Folks, I wanted to Set up authenticated origin pulls from CA, any help would be highly appreciated. I am not able to figure out what files need to to change. Here is the link from Cloudflare and What it says: Cloudflare Setup link 1. Install the above certificate at the origin web server to authenticate all connections. - What location to place the cert ? 2. For this example, you would have saved the certificate to /etc/nginx/certs/cloudflare.crt. - Which file to change for this ? ssl_client_certificate /etc/nginx/certs/cloudflare.crt; ssl_verify_client on; Thanks in advance. Quote Link to comment
rikdegraaff Posted October 27, 2021 Share Posted October 27, 2021 I have problems generating SSL certificates. When I add my subdomain "*.rikdegraaff.nl" I get an internal error while generating the SSL certificate. After I close the add Proxy Host window, it shows as a Proxy Host with HTTP only. When I click on my freshly added subdomain it sends me to my webUI inlog page of unRAID, instead of the docker page. So you see the default unRAID webUI login screen... Certbot also tries to get to ACME verification (default) through **************.unraid.net:443 instead of my local 192.168.2.*:443 address. Can failing to generate a certificate cohere with trying to generate through unraid.net instead of my local network?? And how am I supposed to solve this? My ports are forwarded as following: 192.168.2.* TCP&UDP 80:80 192.168.2.* TCP&UDP 443:443 192.168.2.* TCP&UDP 180:180 192.168.2.* TCP&UDP 1443:1443 192.168.2.* TCP&UDP 4443:4443 192.168.2.* TCP&UDP 8080:8080 192.168.2.* TCP&UDP 1880:1880 192.168.2.* TCP&UDP 18443:18443 192.168.2. *TCP&UDP 7818:7818 I hope that someone can help me out. Thanks in advance!!! Quote Link to comment
mattie112 Posted October 28, 2021 Share Posted October 28, 2021 You should only forward external ports 80 and 443 to your container. Is what you list the port forward in your router or the container ports? The 8181 port is just for management and should not be forwarded (in my opinion) So: external 80 -> container 1880 external 443 -> container 18443 1 Quote Link to comment
rikdegraaff Posted October 28, 2021 Share Posted October 28, 2021 (edited) 2 hours ago, mattie112 said: You should only forward external ports 80 and 443 to your container. Is what you list the port forward in your router or the container ports? The 8181 port is just for management and should not be forwarded (in my opinion) So: external 80 -> container 1880 external 443 -> container 18443 Thanks man, it worked. I removed all the port that were set in my router, that list was my port forward at the router side. Then added external 80 -> private 1880 and external 443 -> private 18443, and everything worked flawless. I was being busy with this yesterday the whole day, and could not come up with the above port forwardings.... You're a hero @mattie112, thanks! 😁 Edited October 28, 2021 by rikdegraaff typo 1 Quote Link to comment
ShadowNovo Posted November 1, 2021 Share Posted November 1, 2021 On 9/26/2021 at 4:25 PM, mattie112 said: There should be an option to redirect traffic to HTTPS ('force https' or something like that). I can't currently check how it is called exactly as I am having some PSU issues so my server is offline Hey, sry for the late reply 😅 Hope your server is fine again Where do you think I should be able to find that option? As I already stated, changing the scheme in the Edit menu just makes the subdomain unavailable :C This was the only option I found that has to do with https.. Thanks for the help ShadowNovo Quote Link to comment
ConnerVT Posted November 2, 2021 Share Posted November 2, 2021 13 hours ago, ShadowNovo said: Where do you think I should be able to find that option? As I already stated, changing the scheme in the Edit menu just makes the subdomain unavailable :C This was the only option I found that has to do with https.. Try this. Note that my container port is 444, not the default 443. Quote Link to comment
rbh00723 Posted November 6, 2021 Share Posted November 6, 2021 So I feel like this must have been covered by someone in here, but when I'm connected to my home wifi I can't access any of my domains. I know it has something to do with NAT and DNS or something like that but I don't understand it. I use PfSense so if someone could point me in a direction I'd really appreciate it. Thanks guys for all your help btw I'm getting a lot of stuff up and running here and it's really cool to me to be able to set up access like this. Quote Link to comment
rbh00723 Posted November 6, 2021 Share Posted November 6, 2021 On 9/26/2021 at 9:22 AM, ShadowNovo said: Hey there, I've got a Nextcloud docker configured to be accessible at nextcloud.mydomain.com This works perfectly but when I just input "nextcloud.mydomain.com" into a browser it defaults to http, even though "https://nextcloud.mydomain.com" also works perfectly fine. How can I get Nginx to use https as default? Changing the "Scheme" to https results in the Docker not to be accessible anymore. Sorry if this is a rookie question but I'm trying to get this to work for an eternity now and did't find anything elsewhere using the GUI. Thanks and greetings ShadowNovo So if you look at these two pics you'll see the details tab, you need to set this to match whatever the service your trying to forward uses. so if when you open the web UI and you get to a http site you need to choose HTTP, if you open it up and it uses https you need to choose HTTPS. It's under the SSL tab where you set up whether you want the page served to the client device as HTTP or HTTPS. If you want HTTPS you'll need to set up a cert. I personally use the cloudflare API for a DNS challenge. I honestly don't exactly understand how all that stuff works with SSL and what not I mean yes I use it but it was a confusing worm hole for me to learn how to do it but that doesn't mean I understand how it works exactly...Feel free to send me a PM if you need help I can try to help you out the best I can. I am a noob myself but we'll make it happen. Quote Link to comment
JonathanM Posted November 6, 2021 Share Posted November 6, 2021 50 minutes ago, rbh00723 said: So I feel like this must have been covered by someone in here, but when I'm connected to my home wifi I can't access any of my domains. I know it has something to do with NAT and DNS or something like that but I don't understand it. I use PfSense so if someone could point me in a direction I'd really appreciate it. Thanks guys for all your help btw I'm getting a lot of stuff up and running here and it's really cool to me to be able to set up access like this. https://docs.netgate.com/pfsense/en/latest/nat/reflection.html 1 Quote Link to comment
dirtymike0330 Posted November 8, 2021 Share Posted November 8, 2021 I'm not overly familiar with GitHub, but what is the time frame usually for the develop branch to get merged into a master branch? Or, if there a way with the unRAID docker to switch to using the dev branch instead of master? The latest dev release has a vital upgrade (haven't been able to access my arr apps via reverse proxy address in several days because something in the code had to be renamed) that was released today but it isn't reflecting in unRAID yet. Thanks! Quote Link to comment
damnshaneisthatu Posted November 13, 2021 Share Posted November 13, 2021 Having issues accessing some of my domains. "NET::ERR_CERT_DATE_INVALID" Log reporting: Error: Command failed: certbot renew --non-interactive --quiet --config "/etc/letsencrypt.ini" --preferred-challenges "dns,http" --disable-hook-validation All renewals failed. The following certificates could not be renewed: Can anyone offer any guidance here? Thank you. Quote Link to comment
mattie112 Posted November 14, 2021 Share Posted November 14, 2021 And there is no more logging? Try to run it manually: https://forums.unraid.net/topic/76460-support-djoss-nginx-proxy-manager/page/56/?tab=comments#comment-1000941 Quote Link to comment
Philby1975 Posted November 15, 2021 Share Posted November 15, 2021 (edited) Hoping someone can help me. I have the docker up and running (bridge network) and it’s forwarding to Unraid dockers just fine. I have 2 web apps running on separate Hyper V VM's - Hudu and HumHum. These two webapps work find when port forwarding go directly to them, however will not work when port forwarding goes to NPM. Both apps have letsencrypt SSL built in however I don't think that's the issue - it may however be another issue down the track. I have tried; Turning off forced SSL on NPM - HTTP2 error With SSL turned on (NPM) - Redirection error. Various 'custom location' configs - although I don't really know what I'm doing. Various 'Advanced' configs - again, basically guesswork in the hope of noticing a helpful behavioral change. Various changes to the 'default' file of Hudu I spent weeks (or more) trying to set up a reverse proxy a year or so ago but ended up giving up so I really want to get this running. Would be great to be able to host more than one thing through a single WAN connection. I have the feeling that it's as trust issue and hoping it's a simple inclusion to each app, and not individual script each and every time. Any help is greatly appreciated. EDIT : Since posting this I've notice an embarrassing oversight - http vs https selection when creating Proxy Host. I now have some consistency at least - Bad Gateway on both Web Apps. Will continue trouble shooting but hope someone can swoop in and save the day with the missing piece of the puzzle. EDIT: Thanks everyone for the help. I got it sorted. An embarrassing number of hours spent... I completely missed the HTTPS selection, and then just needed to set the port to 443 instead of 80. I hope this helps someone else. Edited November 15, 2021 by Philby1975 Quote Link to comment
damnshaneisthatu Posted November 15, 2021 Share Posted November 15, 2021 (edited) 6 hours ago, mattie112 said: And there is no more logging? Try to run it manually: https://forums.unraid.net/topic/76460-support-djoss-nginx-proxy-manager/page/56/?tab=comments#comment-1000941 Still failing after running both renewal commands: "Hint: The Certificate Authority failed to download the temporary challenge files created by Certbot. Ensure that the listed domains serve their content from the provided --webroot-path/-w and that files created there can be downloaded from the internet." Edited November 15, 2021 by damnshaneisthatu Quote Link to comment
mattie112 Posted November 15, 2021 Share Posted November 15, 2021 8 hours ago, Philby1975 said: Hoping someone can help me. I have the docker up and running (bridge network) and it’s forwarding to Unraid dockers just fine. I have 2 web apps running on separate Hyper V VM's - Hudu and HumHum. These two webapps work find when port forwarding go directly to them, however will not work when port forwarding goes to NPM. Both apps have letsencrypt SSL built in however I don't think that's the issue - it may however be another issue down the track. I have tried; Turning off forced SSL on NPM - HTTP2 error With SSL turned on (NPM) - Redirection error. Various 'custom location' configs - although I don't really know what I'm doing. Various 'Advanced' configs - again, basically guesswork in the hope of noticing a helpful behavioral change. Various changes to the 'default' file of Hudu I spent weeks (or more) trying to set up a reverse proxy a year or so ago but ended up giving up so I really want to get this running. Would be great to be able to host more than one thing through a single WAN connection. I have the feeling that it's as trust issue and hoping it's a simple inclusion to each app, and not individual script each and every time. Any help is greatly appreciated. EDIT : Since posting this I've notice an embarrassing oversight - http vs https selection when creating Proxy Host. I now have some consistency at least - Bad Gateway on both Web Apps. Will continue trouble shooting but hope someone can swoop in and save the day with the missing piece of the puzzle. So your apps already have SSL? Why do you want NPM then? A bad gateway error is that NPM cannot access your application. Quote Link to comment
mattie112 Posted November 15, 2021 Share Posted November 15, 2021 7 hours ago, damnshaneisthatu said: Still failing after running both renewal commands: "Hint: The Certificate Authority failed to download the temporary challenge files created by Certbot. Ensure that the listed domains serve their content from the provided --webroot-path/-w and that files created there can be downloaded from the internet." Can you access your domain from a remote connection? It seems that it cannot access your domain and then it won't supply a certificate. Quote Link to comment
damnshaneisthatu Posted November 15, 2021 Share Posted November 15, 2021 (edited) 7 hours ago, mattie112 said: Can you access your domain from a remote connection? It seems that it cannot access your domain and then it won't supply a certificate. There's one that is working. For the certs that are failing, I'm getting: Your connection is not private Attackers might be trying to steal your information from radarr.mydomain.com (for example, passwords, messages, or credit cards). Learn more NET::ERR_CERT_DATE_INVALID Edited November 15, 2021 by damnshaneisthatu Quote Link to comment
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.