[Support] Djoss - Nginx Proxy Manager


Djoss

Recommended Posts

14 minutes ago, mattie112 said:

That folder is used by certbot. Somewhere in the nginx config it is defined. But the message is clear: a timeout while trying to connect to unsecured http on port 80. It could be as simple as restarting your modem. Or try to do an external port scan for example to verify / test. 

But surely you don't want me to open up port 80 on my router to my unraid server? 

Port 80 is now routed to port 180 on nginx. That is how it should work right?

Link to comment

How do i confirm that it works? My wordpress website on unraid is up and running through nginx. 

I can access https://hallum.20ten.nl from anywhere, and it works. So nginx is redirecting it from hallum.20ten.nl to unraids internals right? My A record at my provider is also correct (otherwise the site wont work). So what else is there to check or confirm? The website is up and running and accesible, i just can't get $%%$^ nginx to renew the certificate.

Link to comment
2 hours ago, jowi said:

How do i confirm that it works? My wordpress website on unraid is up and running through nginx. 

I can access https://hallum.20ten.nl from anywhere, and it works. So nginx is redirecting it from hallum.20ten.nl to unraids internals right? My A record at my provider is also correct (otherwise the site wont work). So what else is there to check or confirm? The website is up and running and accesible, i just can't get $%%$^ nginx to renew the certificate.

A random online port scan on the IP from the A record of the domain you provided lists port 80 as CLOSED. Letsencrypt needs this port to be open. Please double check this, really the last 10 pages of this topic is not issues with NPM but some issue with connectivity. And also I'm on holiday with only my phone so I don't have any tools to easally check things. 

Link to comment

ok, looks like it is working, be it not very well. Nginx is crashing constantly, had to restart it a few times. Suddenly i could add a new certificate. After that... all errors and nginx crashing again. After restarting, same errors. "certbot is already running"... and indeed it was. I have to restart nginx, kill the certbot process and then i can renew a certificate or add a new one... bonkers... but ok, i have some new certs until march 2023... so in a few months this will probably start all over again... 

 

*edit* now nginx is crashing randomly... even when i'm not actively using it. Weird.

Edited by jowi
Link to comment

A few post back someone else also said it took some time. Possible caching or rate limit? Was nginx crashing due to missing certificates? Possible you where restarting while certbot was doing its job? 

 

For me I had 0 issues in the last years. As long as you keep port 80 correctly open the Cerificates should be renewed just fine. Ofc always recommend to add an alert on your certs if you rely on them. 

  • Like 1
Link to comment

Yeah, it ran perfectly for over 2 years or so. Until a few weeks ago.

 

This happens all the time now. Only way to fix is to restart the container. Also it stops forwarding the defined sites. 

 

Maybe ill just delete it and start over.

 

BDD20A54-C94D-4086-91D9-016C0B1CDA05.png

Edited by jowi
Link to comment
12 hours ago, plantsandbinary said:

I just got a new router. Any idea how I am supposed to port forward NginxProxyManager? I'm confused what it means by providing an external IP range.

 

All of the asterisk* options are required.

 

nginx.thumb.png.4870c4ff797f2c6221fb072d4a696d2d.pngports.thumb.png.c69c7b5b489435e247380418c7fb3de7.png

 

I guess if you have multiple external IPs you could enable the forward only for one IP? But you will have to consult your router manual/docs for that. Or just use 0.0.0.0 - 255.255.255.255 to see if that works :)

Link to comment

Hi there,

 

I have an issue with my NGINX forwarding, once again I must say, but I'm not able to fix it on my own :(

One or two days ago, not quite sure, the forwarding to my Nextcloud (also an unRAID Docker) failed. Anytime I try to reach it, I get a timeout ("ERR_CONNECTION_TIMED_OUT" in Chrome). I tried to raise the limit to 300 in the nginx.conf, but no dice; however, it's appereant that the timeout comes sooner than 300s.

I didn't change anything in the config, nor did I update any docker. MariaDB is the database for my Nextcloud.

 

I attached a few files.

Fritzbox is my router, I screenshot the setup for the forwarding (fritboxHTTP and -HTTPS); when I type the given, open IP into my browser (the one I cancelled out with red), I get the screen nginxResult; so appereantly it works in general, but seemingly it needs to be setup?

 

The setup of nginx is displayed in the nginxDockerConfig as well as nginxConfig0, nginxConfig1 and nginxConfig2.

I also added the logs to the dockers of nginx and Nextcloud, appereantly no errors in there.

 

So what to make of it?

 

Anytime I install nginx, I can't access Nextcloud through the WebUI as it directly re-directs through my DynDNS, resulting in the timeout. So I can't even tell if nginx is really the culprit here, I just assume it because in the past this was the case in a similar error

 

Best,

Rick

nginxConfig2.png

nginxConfig0.png

nginxDockerConfig.png

nginxResult.png

fritzboxHTTPS.png

nginxConfig1.png

fritzboxHTTP.png

nextcloud_dockerLog.txt nginx_dockerLog.txt

Link to comment

Hi all, this looks amazing - exactly what I need. But, new install on unraid 6.11.5

 

All works fine until I try creating the certificate. All port forwards are set up and firewall rules etc. But I get:

 

`communication with api failed, is npm running`

 

Do I need to install this manually or something? If I look in the logs, I have:

 

[12/18/2022] [3:04:34 PM] [SSL      ]    info      Renew Complete
`QueryBuilder#allowEager` method is deprecated. You should use `allowGraph` instead. `allowEager` method will be removed in 3.0
`QueryBuilder#eager` method is deprecated. You should use the `withGraphFetched` method instead. `eager` method will be removed in 3.0
QueryBuilder#omit is deprecated. This method will be removed in version 3.0
Model#$omit is deprected and will be removed in 3.0.
[12/18/2022] [3:10:04 PM] [SSL      ]    info      Testing http challenge for sub.mydomain.com
Uncaught SyntaxError: Unexpected end of JSON input

FROM
[services.d] stopping services
[services.d] stopping app...
[services.d] stopping cert_cleanup...
[services.d] stopping nginx...
[services.d] stopping statusmonitor...
[services.d] stopping logmonitor...
[services.d] stopping s6-fdholderd...
[cont-finish.d] executing container finish scripts...
[cont-finish.d] done.
[s6-finish] syncing disks.
[s6-finish] sending all processes the TERM signal.
[s6-finish] sending all processes the KILL signal and exiting.

 

Edited by banterer
Link to comment
On 12/18/2022 at 1:54 PM, CameraRick said:

Hi there,

 

I have an issue with my NGINX forwarding, once again I must say, but I'm not able to fix it on my own :(

One or two days ago, not quite sure, the forwarding to my Nextcloud (also an unRAID Docker) failed. Anytime I try to reach it, I get a timeout ("ERR_CONNECTION_TIMED_OUT" in Chrome). I tried to raise the limit to 300 in the nginx.conf, but no dice; however, it's appereant that the timeout comes sooner than 300s.

I didn't change anything in the config, nor did I update any docker. MariaDB is the database for my Nextcloud.

 

I attached a few files.

Fritzbox is my router, I screenshot the setup for the forwarding (fritboxHTTP and -HTTPS); when I type the given, open IP into my browser (the one I cancelled out with red), I get the screen nginxResult; so appereantly it works in general, but seemingly it needs to be setup?

 

The setup of nginx is displayed in the nginxDockerConfig as well as nginxConfig0, nginxConfig1 and nginxConfig2.

I also added the logs to the dockers of nginx and Nextcloud, appereantly no errors in there.

 

So what to make of it?

 

Anytime I install nginx, I can't access Nextcloud through the WebUI as it directly re-directs through my DynDNS, resulting in the timeout. So I can't even tell if nginx is really the culprit here, I just assume it because in the past this was the case in a similar error

 

Best,

Rick

nginxConfig2.png

nginxConfig0.png

nginxDockerConfig.png

nginxResult.png

fritzboxHTTPS.png

nginxConfig1.png

fritzboxHTTP.png

nextcloud_dockerLog.txt 4.16 kB · 0 downloads nginx_dockerLog.txt 5.07 kB · 0 downloads

 

A fun small experiment would be the following:

edit C:\Windows\System32\drivers\etc\hosts (use notepad in administrator mode)

add the following

INTERNAL.ip.of.nginxdocker your.nextcloud.hostname

(so for example 192.168.1.123 nextcloud.foo.bar)

 

Then try to see what happens. You have now "excluded" the entire DNS part as your (and only your) computer now "forces" the specified domain to the specified IP.

 

If it works: you have an issue with your DNS provider. If it doesn't, it is something with NPM

Link to comment
On 12/18/2022 at 4:15 PM, banterer said:

Hi all, this looks amazing - exactly what I need. But, new install on unraid 6.11.5

 

All works fine until I try creating the certificate. All port forwards are set up and firewall rules etc. But I get:

 

`communication with api failed, is npm running`

 

Do I need to install this manually or something? If I look in the logs, I have:

 

[12/18/2022] [3:04:34 PM] [SSL      ]    info      Renew Complete
`QueryBuilder#allowEager` method is deprecated. You should use `allowGraph` instead. `allowEager` method will be removed in 3.0
`QueryBuilder#eager` method is deprecated. You should use the `withGraphFetched` method instead. `eager` method will be removed in 3.0
QueryBuilder#omit is deprecated. This method will be removed in version 3.0
Model#$omit is deprected and will be removed in 3.0.
[12/18/2022] [3:10:04 PM] [SSL      ]    info      Testing http challenge for sub.mydomain.com
Uncaught SyntaxError: Unexpected end of JSON input

FROM
[services.d] stopping services
[services.d] stopping app...
[services.d] stopping cert_cleanup...
[services.d] stopping nginx...
[services.d] stopping statusmonitor...
[services.d] stopping logmonitor...
[services.d] stopping s6-fdholderd...
[cont-finish.d] executing container finish scripts...
[cont-finish.d] done.
[s6-finish] syncing disks.
[s6-finish] sending all processes the TERM signal.
[s6-finish] sending all processes the KILL signal and exiting.

 

 

Hm that is a strange error, afaik it should not "stop" if it cannot create a SSL certificate. What you can try is to first add a host without SSL and make sure that works. At least you know NPM works then.

Link to comment

I am unable to locally connect to the NPM webgui, and I am stuck trying to debug why.  I have created the docker container with all the default values as shown below, but when I attempt to connect (using URL http://10.55.83.190:7818/ , I get a "unable to connect" in the web browser.  The only thing in the NPM log directory is an error.log file that contains one line:

2022/12/23 09:25:43 [notice] 678#678: signal process started

 

I haven't port forwarded ports 80 or 443 in my router yet, but that should not prevent accessing the NPM webgui? ...I am able to access another docker container webserver (photoprism) locally (at http://10.55.83.190:2342 ), so it shouldn't be firewall issues? (I am running a netgate router with pfSense)

 

 

Edited by wmcneil
pictures were removed. Docker network type is bridge, Web UI Port is 7818, and docker status shows 10.55.83.190:7818 mapped to 172.17.0.3:7818 for the NPM application.
Link to comment
1 hour ago, wmcneil said:

I am unable to locally connect to the NPM webgui, and I am stuck trying to debug why.  I have created the docker container with all the default values as shown below, but when I attempt to connect (using URL http://10.55.83.190:7818/ , I get a "unable to connect" in the web browser.  The only thing in the NPM log directory is an error.log file that contains one line:

2022/12/23 09:25:43 [notice] 678#678: signal process started

 

I haven't port forwarded ports 80 or 443 in my router yet, but that should not prevent accessing the NPM webgui? ...I am able to access another docker container webserver (photoprism) locally (at http://10.55.83.190:2342 ), so it shouldn't be firewall issues? (I am running a netgate router with pfSense)

 

 

I figured it out. I originally created the docker container using network type host, and when I later changed the value to bridge and updated, the update did not work entirely correctly (apparently). I deleted the container, created new, and now I can access the webgui.

  • Like 1
Link to comment
On 12/21/2022 at 7:36 PM, mattie112 said:

 

Hm that is a strange error, afaik it should not "stop" if it cannot create a SSL certificate. What you can try is to first add a host without SSL and make sure that works. At least you know NPM works then.

Ok so this worked! It let me create an insecure one, and it's now letting me create https ok and SSL is working too!

But... when I set it up for home assistant, I get '400: Bad Request'.

 

This is my setup:

1504665685_Screenshot2022-12-27at19_28_28.thumb.png.c85527a46da71667251a15951b9a732b.png

 

1012961560_Screenshot2022-12-27at19_28_47.thumb.png.cf26e2da5a7da7b6c5094f389b15b263.png

 

I want SSL to Nginx and http to home assistant on port 8123, so this is correct surely? I know it's getting through to Nginx ok, and the url http://10.10.10.10:8123 works fine locally.

Link to comment
13 hours ago, banterer said:

Ok so this worked! It let me create an insecure one, and it's now letting me create https ok and SSL is working too!

But... when I set it up for home assistant, I get '400: Bad Request'.

 

This is my setup:

1504665685_Screenshot2022-12-27at19_28_28.thumb.png.c85527a46da71667251a15951b9a732b.png

 

1012961560_Screenshot2022-12-27at19_28_47.thumb.png.cf26e2da5a7da7b6c5094f389b15b263.png

 

I want SSL to Nginx and http to home assistant on port 8123, so this is correct surely? I know it's getting through to Nginx ok, and the url http://10.10.10.10:8123 works fine locally.

 

Yes that should work just fine. On what action do you get the 400 error? Adding the host or enabling SSL? You could try to remove all files in appdata and start fresh if you have nothing on it just to make sure nothing "strange" happend during initial setup. Or go to the console of NPM and try a couple of `certbot` commands to manually get a SSL certificate (I don't know the exact commands) and see if that works or if that possible gives an error that you can search for.

Link to comment

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.

Guest
Reply to this topic...

×   Pasted as rich text.   Restore formatting

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.