je82 Posted July 8, 2022 Share Posted July 8, 2022 (edited) I a m intrecidble confused by the NginxProxyManager, can someone please tell my the container is writing logs to 2 paths with identical data? In /mnt/cache/Appdata/NginxProxyManager i have 2 folders: /Log /Logs Both contains 983 files, and 1 folder, both seems to be log files with identical data, whats the point of having 2 paths with the exact same data? Why is this happening? Edited July 8, 2022 by je82 Quote Link to comment
mattie112 Posted July 8, 2022 Share Posted July 8, 2022 (edited) 9 minutes ago, je82 said: I a m intrecidble confused by the NginxProxyManager, can someone please tell my the container is writing logs to 2 paths with identical data? In /mnt/cache/Appdata/NginxProxyManager i have 2 folders: /Log /Logs Both contains 983 files, and 1 folder, both seems to be log files with identical data, whats the point of having 2 paths with the exact same data? Why is this happening? Yes but no The `logs` directory is a symlink to `/log`. So really just a "shortcut" to an other directory. This is a Linux thingy and it looks like it is duplicated but I can guarantee you that is is not. If you go to your Unraid terminal to that directory and do `ls -alh` you can see that it is simply liked and not a 'real' directory. root@Tower:/mnt/user/appdata/NginxProxyManager# ls -alh drwxrwxrwx 1 nobody users 3.7K Jul 3 16:10 log/ lrwxrwxrwx 1 root root 3 Jul 4 13:17 logs -> log/ edit: Oh and to why: I don't know, perhaps it is kept for backwards compatibility or something? Edited July 8, 2022 by mattie112 1 Quote Link to comment
Snack_Ears Posted July 27, 2022 Share Posted July 27, 2022 I have hit a wall and can't seem to figure out my issue. All of a sudden none of my containers are able to be reached through my reverse proxy. I haven't made any changes to my network or to my docker containers or my proxy hosts. I am able to load NGINX and all of my proxy host show as they always have and show online. I can curl all of my containers from an NGINX console window and all are available. Whenever I try to reach any of my dockers, I get a 522 error "timeout". I am at a loss as nothing has changed in over 6 months, and was running great just a week ago. I can provide any logs just not sure which ones will be needed. Any help will be greatly appreciated. Quote Link to comment
BigMal Posted July 28, 2022 Share Posted July 28, 2022 At the risk of sounding completely ignorant, I'm having trouble establishing a Let's Encrypt certificate. I can create custom ones easily enough, but would like to have auto-renewing certs to simplify the process. When entering my domain into the "Add Let's Encrypt Certificate" box, select "I agree to the...", and click Save, the following error shows up. Any pointers on what I may be doing wrong. I'm using Cloudflare to manage all DNS. Quote Link to comment
mattie112 Posted July 28, 2022 Share Posted July 28, 2022 So, does your domain point to the IP NPM is running on? Both 443 and 80? Quote Link to comment
BigMal Posted July 28, 2022 Share Posted July 28, 2022 (edited) 8 minutes ago, mattie112 said: So, does your domain point to the IP NPM is running on? Both 443 and 80? Yes, both 443 and 80 are open. I'm using Cloudflare to point to my public IP. I can access all other sites using NPM using the custom cert. I just cannot create a Let's Encrypt cert. I'm confident it's one setting I've got off...just don't know which one that "one" is. Edited July 28, 2022 by BigMal updated open ports Quote Link to comment
mattie112 Posted July 28, 2022 Share Posted July 28, 2022 I don't use CF. Perhaps it caches the url it uses to verify? Afaik the '.well-known' directory. Perhaps try it without CF first? Quote Link to comment
BigMal Posted July 28, 2022 Share Posted July 28, 2022 5 minutes ago, mattie112 said: I don't use CF. Perhaps it caches the url it uses to verify? Afaik the '.well-known' directory. Perhaps try it without CF first? It's got to be something related to CF as it works if I use port forwarding and a duckdns domain. Quote Link to comment
mattie112 Posted July 28, 2022 Share Posted July 28, 2022 Ah then I can't help you. I do it all myself including running my own nameservers so no CF or DNS providers for me Quote Link to comment
BigMal Posted July 28, 2022 Share Posted July 28, 2022 4 minutes ago, mattie112 said: Ah then I can't help you. I do it all myself including running my own nameservers so no CF or DNS providers for me You helped me narrow it down to CF as the issue. Thanks. 1 Quote Link to comment
ConnerVT Posted July 29, 2022 Share Posted July 29, 2022 I use Cloudflare, and have set up both Let's Encrypt and CF/Custom certs for this docker. If you use the Let's Encrypt cert, you need to set your Coudflare DNS to DNS Only. Quote Link to comment
Leo191 Posted August 12, 2022 Share Posted August 12, 2022 Why When I resetup the nginx,It's cannot show me the login page, and I have read the log, [nginx] starting... nginx: [emerg] cannot load certificate "/etc/letsencrypt/live/npm-15/fullchain.pem": BIO_new_file() failed (SSL: error:02001002:system library:fopen:No such file or directory:fopen('/etc/letsencrypt/live/npm-15/fullchain.pem','r') error:2006D080:BIO routines:BIO_new_file:no such file) T.T Quote Link to comment
mattie112 Posted August 17, 2022 Share Posted August 17, 2022 It seems to expect a file but that file does not exist. Did you manually remove something? Possible you can create just an empty file perhaps it will start then. Or remove al config for the domain with ID "15" so it does not try to load it. Quote Link to comment
Masterwishx Posted August 20, 2022 Share Posted August 20, 2022 Do we have some resriction for Logs i mean by time ? For how long time we have logs ? cant find any setting for it Quote Link to comment
MrLinford Posted August 23, 2022 Share Posted August 23, 2022 I have just gone to create a new host and it failed. Here is the log: 2022-08-23 19:51:27,153:DEBUG:certbot._internal.main:certbot version: 1.27.0 2022-08-23 19:51:27,153:DEBUG:certbot._internal.main:Location of certbot entry point: /usr/bin/certbot 2022-08-23 19:51:27,153:DEBUG:certbot._internal.main:Arguments: ['--config', '/etc/letsencrypt.ini', '--cert-name', 'npm-40', '--agree-tos', '--authenticator', 'webroot', '--email', '<REMOVED>', '--preferred-challenges', 'dns,http', '--domains', 'eveinsight.brothercraig.ddns.me'] 2022-08-23 19:51:27,153:DEBUG:certbot._internal.main:Discovered plugins: PluginsRegistry(PluginEntryPoint#manual,PluginEntryPoint#null,PluginEntryPoint#standalone,PluginEntryPoint#webroot) 2022-08-23 19:51:27,165:DEBUG:certbot._internal.lock:A lock on /var/log/letsencrypt/.certbot.lock is held by another process. 2022-08-23 19:51:27,165:DEBUG:certbot._internal.log:Exiting abnormally: Traceback (most recent call last): File "/usr/lib/python3.9/site-packages/certbot/_internal/lock.py", line 126, in _try_lock fcntl.lockf(fd, fcntl.LOCK_EX | fcntl.LOCK_NB) BlockingIOError: [Errno 11] Resource temporarily unavailable During handling of the above exception, another exception occurred: Traceback (most recent call last): File "/usr/bin/certbot", line 8, in <module> sys.exit(main()) File "/usr/lib/python3.9/site-packages/certbot/main.py", line 19, in main return internal_main.main(cli_args) File "/usr/lib/python3.9/site-packages/certbot/_internal/main.py", line 1728, in main log.post_arg_parse_setup(config) File "/usr/lib/python3.9/site-packages/certbot/_internal/log.py", line 107, in post_arg_parse_setup file_handler, file_path = setup_log_file_handler( File "/usr/lib/python3.9/site-packages/certbot/_internal/log.py", line 161, in setup_log_file_handler util.set_up_core_dir(config.logs_dir, 0o700, config.strict_permissions) File "/usr/lib/python3.9/site-packages/certbot/util.py", line 183, in set_up_core_dir lock_dir_until_exit(directory) File "/usr/lib/python3.9/site-packages/certbot/util.py", line 157, in lock_dir_until_exit _LOCKS[dir_path] = lock.lock_dir(dir_path) File "/usr/lib/python3.9/site-packages/certbot/_internal/lock.py", line 259, in lock_dir return LockFile(os.path.join(dir_path, '.certbot.lock')) File "/usr/lib/python3.9/site-packages/certbot/_internal/lock.py", line 45, in __init__ self.acquire() File "/usr/lib/python3.9/site-packages/certbot/_internal/lock.py", line 60, in acquire self._lock_mechanism.acquire() File "/usr/lib/python3.9/site-packages/certbot/_internal/lock.py", line 112, in acquire self._try_lock(fd) File "/usr/lib/python3.9/site-packages/certbot/_internal/lock.py", line 130, in _try_lock raise errors.LockError('Another instance of Certbot is already running.') certbot.errors.LockError: Another instance of Certbot is already running. 2022-08-23 19:51:27,165:ERROR:certbot._internal.log:Another instance of Certbot is already running. I also noticed, after check, in the docker logs the renewals are also failing. Quote Link to comment
mattie112 Posted August 24, 2022 Share Posted August 24, 2022 So it seems like certbot is already running (or stuck) and cannot start a 2nd time. I would try to restart your container and see what happens then. Quote Link to comment
MrLinford Posted August 24, 2022 Share Posted August 24, 2022 Done that, even restarted the server. Quote Link to comment
MrLinford Posted August 24, 2022 Share Posted August 24, 2022 OK, fixed it following this post: https://community.letsencrypt.org/t/solved-another-instance-of-certbot-is-already-running/44690 Quote Link to comment
Mason736 Posted August 25, 2022 Share Posted August 25, 2022 Hello fellow unraiders. I decided to setup NGINX after debating it for a while. For some reason, I can't get the final piece to work. I followed many of the tutorials, setup duckdns, setup port forwarding, created a subdomain for overseer (trial app), etc... If i go to overseer.mydomain.com, get a "the site cannot be reached" overseer.mydomain.com refused to connect. However, if I put in my ISP IP address:8080, (port number I setup), I can get to the page showing "Congratulations! You've successfully started the Nginx Proxy Manager. If you're seeing this site then you're trying to access a host that isn't setup yet." I'm not sure what else to do to troubleshoot. Additionally, I keep getting "internal error" when trying to setup the SSL for the host (overseer). Quote Link to comment
Mason736 Posted August 25, 2022 Share Posted August 25, 2022 So i made progress. I switched to the Official release of NGINX app. Now i'm getting the SSL cert to authorize and go through, however I'm getting the 502 Bad Gateway error now. Quote Link to comment
Mason736 Posted August 25, 2022 Share Posted August 25, 2022 I got it fixed! This post was so helpful to figure out the issue. I was trying to cross br0 and bridge networks. Quote Link to comment
MrLinford Posted August 26, 2022 Share Posted August 26, 2022 (edited) On to my next issue, challenges are failing for some reason today at 06:50:02[8/26/2022] [6:50:02 AM] [SSL ] › ✖ error Error: Command failed: certbot renew --non-interactive --quiet --config "/etc/letsencrypt.ini" --preferred-challenges "dns,http" --disable-hook-validation today at 06:50:02Failed to renew certificate npm-10 with error: Some challenges have failed. today at 06:50:02Failed to renew certificate npm-11 with error: Some challenges have failed. today at 06:50:02Failed to renew certificate npm-12 with error: Some challenges have failed. today at 06:50:02Failed to renew certificate npm-13 with error: Some challenges have failed. today at 06:50:02Failed to renew certificate npm-15 with error: Some challenges have failed. today at 06:50:02Failed to renew certificate npm-16 with error: Some challenges have failed. today at 06:50:02Failed to renew certificate npm-17 with error: Some challenges have failed. today at 06:50:02Failed to renew certificate npm-18 with error: Some challenges have failed. today at 06:50:02Failed to renew certificate npm-19 with error: Some challenges have failed. today at 06:50:02Failed to renew certificate npm-20 with error: Some challenges have failed. today at 06:50:02Failed to renew certificate npm-21 with error: Some challenges have failed. today at 06:50:02Failed to renew certificate npm-22 with error: Some challenges have failed. today at 06:50:02Failed to renew certificate npm-23 with error: Some challenges have failed. today at 06:50:02Failed to renew certificate npm-24 with error: Some challenges have failed. today at 06:50:02Failed to renew certificate npm-26 with error: Some challenges have failed. today at 06:50:02Failed to renew certificate npm-27 with error: Some challenges have failed. today at 06:50:02Failed to renew certificate npm-8 with error: Some challenges have failed. today at 06:50:02Failed to renew certificate npm-9 with error: Some challenges have failed. today at 06:50:02All renewals failed. The following certificates could not be renewed: today at 06:50:02 /etc/letsencrypt/live/npm-10/fullchain.pem (failure) today at 06:50:02 /etc/letsencrypt/live/npm-11/fullchain.pem (failure) today at 06:50:02 /etc/letsencrypt/live/npm-12/fullchain.pem (failure) today at 06:50:02 /etc/letsencrypt/live/npm-13/fullchain.pem (failure) today at 06:50:02 /etc/letsencrypt/live/npm-15/fullchain.pem (failure) today at 06:50:02 /etc/letsencrypt/live/npm-16/fullchain.pem (failure) today at 06:50:02 /etc/letsencrypt/live/npm-17/fullchain.pem (failure) today at 06:50:02 /etc/letsencrypt/live/npm-18/fullchain.pem (failure) today at 06:50:02 /etc/letsencrypt/live/npm-19/fullchain.pem (failure) today at 06:50:02 /etc/letsencrypt/live/npm-20/fullchain.pem (failure) today at 06:50:02 /etc/letsencrypt/live/npm-21/fullchain.pem (failure) today at 06:50:02 /etc/letsencrypt/live/npm-22/fullchain.pem (failure) today at 06:50:02 /etc/letsencrypt/live/npm-23/fullchain.pem (failure) today at 06:50:02 /etc/letsencrypt/live/npm-24/fullchain.pem (failure) today at 06:50:02 /etc/letsencrypt/live/npm-26/fullchain.pem (failure) today at 06:50:02 /etc/letsencrypt/live/npm-27/fullchain.pem (failure) today at 06:50:02 /etc/letsencrypt/live/npm-8/fullchain.pem (failure) today at 06:50:02 /etc/letsencrypt/live/npm-9/fullchain.pem (failure) today at 06:50:0218 renew failure(s), 0 parse failure(s) today at 06:50:02 today at 06:50:02 at ChildProcess.exithandler (node:child_process:399:12) today at 06:50:02 at ChildProcess.emit (node:events:526:28) today at 06:50:02 at maybeClose (node:internal/child_process:1092:16) today at 06:50:02 at Process.ChildProcess._handle.onexit (node:internal/child_process:302:5) Checking the letsencrypt.log Quote 2022-08-26 06:50:02,492:DEBUG:acme.client:Storing nonce: 0001_undfctTqZ9baRaugQQWs1NLmyi1KbD_beHhlQ_epuQ 2022-08-26 06:50:02,493:INFO:certbot._internal.auth_handler:Challenge failed for domain emby.brothercraig.ddns.me 2022-08-26 06:50:02,493:INFO:certbot._internal.auth_handler:http-01 challenge for emby.brothercraig.ddns.me 2022-08-26 06:50:02,493:DEBUG:certbot._internal.display.obj:Notifying user: Certbot failed to authenticate some domains (authenticator: webroot). The Certificate Authority reported these problems: Domain: emby.brothercraig.ddns.me Type: connection Detail: 2.24.123.204: Fetching http://emby.brothercraig.ddns.me/.well-known/acme-challenge/j3zsjOyI-QyJlW0eip3AOjpa31lTx-J6teBcRUwL2QM: Error getting validation data Hint: The Certificate Authority failed to download the temporary challenge files created by Certbot. Ensure that the listed domains serve their content from the provided --webroot-path/-w and that files created there can be downloaded from the internet. Edited August 26, 2022 by MrLinford Update Quote Link to comment
Vesko Posted September 19, 2022 Share Posted September 19, 2022 (edited) Hi,i have 2 Unraid servers and trying to install on both Npm on one of them everything works perfect but on second it works only if first one is turned off. I change and forward ports on the second Unraid box but still get some problems and cant access the dockers. I use OpnSense firewall . Should i put from my modem second router so i have every unraid on different router or i dont know. I use Godaddy thru Cloudflare. Thank you. Edited September 19, 2022 by Vesko Quote Link to comment
aglyons Posted September 19, 2022 Share Posted September 19, 2022 (edited) 35 minutes ago, Vesko said: Hi,i have 2 Unraid servers and trying to install on both Npm on one of them everything works perfect but on second it works only if first one is turned off. I change and forward ports on the second Unraid box but still get some problems and cant access the dockers. I use OpnSense firewall . Should i put from my modem second router so i have every unraid on different router or i dont know. I use Godaddy thru Cloudflare. Thank you. You can't forward the same port to two different IP's on your LAN. I'm surprised your router allowed you to even enter this config. Just do all the NPM forwarding on box1 to all the services that are on box2 with the appropriate IP's/ports. Quote Should i put from my modem second router so i have every unraid on different router or i dont know. So what I read from this is you are double NAT'ed. That's a nightmare. There should be a way you can configure your providers modem/router to operate in bridge mode. That essentially disables the built in router and allows your PFSense to act as the primary (and only) firewall/router. This should simplify managing the system and clear up a lot of port forward/conflict issues. Edited September 19, 2022 by aglyons 1 Quote Link to comment
Vesko Posted September 19, 2022 Share Posted September 19, 2022 22 minutes ago, aglyons said: You can't forward the same port to two different IP's on your LAN. I'm surprised your router allowed you to even enter this config. Just do all the NPM forwarding on box1 to all the services that are on box2 with the appropriate IP's/ports. Thank you for the fast answer i was trying from yesterday to understand how it works.I will never try this way.Thank you again very much. So i delete the Npm on Box 2 and delete the second forward ports on the router and now works. So now the box 1 then should do all job then. If Box 1 is turned off how i can setup things to work. I need to install Npm on box 2 also with same settings but keep it OFF and if box 1 is off need to turn on Npm on box 2 because 2 Pnm cant work same time yes. Quote Link to comment
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.