[Support] Djoss - Nginx Proxy Manager


Djoss

Recommended Posts

9 hours ago, Ghostwalker42 said:

I make the change and got an error on the container.

 

root@localhost:# /usr/local/emhttp/plugins/dynamix.docker.manager/scripts/docker run -d --name='NginxProxyManager' --net='bridge' -e TZ="America/New_York" -e HOST_OS="Unraid" -e 'USER_ID'='99' -e 'GROUP_ID'='100' -e 'UMASK'='000' -e 'APP_NICENESS'='' -p '7818:8181/tcp' -p '80:8080/tcp' -p '443:4443/tcp' -v '/mnt/user/appdata/NginxProxyManager':'/config':'rw' 'jlesage/nginx-proxy-manager'

1326cdb5a9b92f53de57223388cd1d9072b11c69c8b0fa73d73ce70b45dc0537
/usr/bin/docker: Error response from daemon: driver failed programming external connectivity on endpoint NginxProxyManager (26b4a97add4c658413cbc8924b1a8e868409759809d132c4547c95ee547801d9): Error starting userland proxy: listen tcp 0.0.0.0:80: bind: address already in use.

The command failed.

It's because port 80 is already used, probably by unRAID's web interface.  Can your router forward to a different port?  If yes, then use default container settings and adjust your router accordingly.  Else, you need to change the port of the unRAID web interface.

Link to comment
  • 2 weeks later...

Installed this plugin for my Unraid 6 Server and love the UI and the simplicity.

 

However when Im trying to add webservers from a different VLAN I cant access them trough nginx

getting this in the "error" logfile:

 

Quote

[error] 1971#1971: *2095 connect() failed (113: Host is unreachable) while connecting to upstream

and 502 Bad Gateway, when trying to connect to the webserver in Chrome.

 

Running Unifi with "Corporate network" on both VLANs so the firewall sould route traffic trough

 

I can access 192.168.48.3:8123 fine when in using a pc on 192.168.0.0 network.

 

Is this a NGINX config error or a firewall error?

 

nginx.jpg

Unraid networksettings.jpg

docker.jpg

unifi firewall.jpg

Link to comment
10 hours ago, GreenEyedMonster said:

I'm now getting this error.   [Warning] InnoDB: Table mysql/innodb_index_stats has length mismatch in the column name table_name. Please run mysql_upgrade  

 

How would I upgrade mysql?!

 

Try the latest update, it should fix this.

Link to comment
1 hour ago, zJonesz said:

Installed this plugin for my Unraid 6 Server and love the UI and the simplicity.

 

However when Im trying to add webservers from a different VLAN I cant access them trough nginx

getting this in the "error" logfile:

 

and 502 Bad Gateway, when trying to connect to the webserver in Chrome.

 

Running Unifi with "Corporate network" on both VLANs so the firewall sould route traffic trough

 

I can access 192.168.48.3:8123 fine when in using a pc on 192.168.0.0 network.

 

Is this a NGINX config error or a firewall error?

 

nginx.jpg

Unraid networksettings.jpg

docker.jpg

unifi firewall.jpg

From unRAID, are you able to ping 192.168.48.3?  And from the container (docker exec NginxProxyManager ping 192.168.48.3)?

Link to comment

Just wanted to throw in my feedback on what could potentially be an amazing docker for everyone...

 

Read through the thread and saw that there's no way to get this working on its own IP using ports 80 and 443. As much as I love the idea of having a GUI to make Nginx easier, this is a deal breaker for me. I was bashing my head into it trying to figure out why it wouldn't work until I came here. Like the other 2 guys here I prefer to have my Nginx get its own IP address and be using 80 and 443 so I can split dns and use the same names both internally and externally to access my services. 

 

The linuxserver letsencrypt docker does this for me, so I guess I'll stay over here and keep on configuring things by text file.

 

Another bonus would be adding the feature (yes I saw the bug report #36) to allow *.domain.tld DNS registration with the certs. Those of us running a ton of services that have subdomains aliasing all of them don't want to and shouldn't have to configure individual certs for each of them. This is another thing the linuxserver container is already doing as well and has been for some time.

Link to comment
10 hours ago, InfInIty said:

Has anyone gotten Ombi to work through this docker?  I have gotten Unifi, and nextcloud working, but Ombi, i just get a bad gateway error.

I figured this out, need to do http instead of https on the proxy config.

 

Is anyone running nextcloud through this.  I can login and everything just fine, but get time outs anytime I try and upload a file.

uploads via the webui seem to work fine.  From IOS i just get timeouts.

Edited by InfInIty
Link to comment
On 2/22/2019 at 11:37 PM, cpsmith516 said:

Like the other 2 guys here I prefer to have my Nginx get its own IP address and be using 80 and 443 so I can split dns and use the same names both internally and externally to access my services. 

This could also be done on your router.  Check for a feature called NAT reflection or something like that.  This is working very well for me.

On 2/22/2019 at 11:37 PM, cpsmith516 said:

The linuxserver letsencrypt docker does this for me, so I guess I'll stay over here and keep on configuring things by text file.

You mean that you run the container on its own IP?

On 2/22/2019 at 11:37 PM, cpsmith516 said:

Another bonus would be adding the feature (yes I saw the bug report #36) to allow *.domain.tld DNS registration with the certs. Those of us running a ton of services that have subdomains aliasing all of them don't want to and shouldn't have to configure individual certs for each of them. This is another thing the linuxserver container is already doing as well and has been for some time.

Would you add an individual proxy host for each domain name you need?  Because if that the case, registering the certificate is done at the same time and doesn't require an extra step.

Link to comment

I'm having trouble getting this running. I installed using the default values and whenever I try to start the container, it seems to just crash. Here is the log for the container:

 

[s6-init] making user provided files available at /var/run/s6/etc...exited 0.
[s6-init] ensuring user provided files have correct perms...exited 0.
[fix-attrs.d] applying ownership & permissions fixes...
[fix-attrs.d] done.
[cont-init.d] executing container initialization scripts...
[cont-init.d] 00-app-niceness.sh: executing...
[cont-init.d] 00-app-niceness.sh: exited 0.
[cont-init.d] 00-app-script.sh: executing...
[cont-init.d] 00-app-script.sh: exited 0.
[cont-init.d] 00-app-user-map.sh: executing...
[cont-init.d] 00-app-user-map.sh: exited 0.
[cont-init.d] 00-clean-logmonitor-states.sh: executing...
[cont-init.d] 00-clean-logmonitor-states.sh: exited 0.
[cont-init.d] 00-clean-tmp-dir.sh: executing...
[cont-init.d] 00-clean-tmp-dir.sh: exited 0.
[cont-init.d] 00-set-app-deps.sh: executing...
[cont-init.d] 00-set-app-deps.sh: exited 0.
[cont-init.d] 00-set-home.sh: executing...
[cont-init.d] 00-set-home.sh: exited 0.
[cont-init.d] 00-take-config-ownership.sh: executing...
[cont-init.d] 00-take-config-ownership.sh: exited 0.
[cont-init.d] 00-xdg-runtime-dir.sh: executing...
[cont-init.d] 00-xdg-runtime-dir.sh: exited 0.
[cont-init.d] nginx-proxy-manager.sh: executing...
[cont-init.d] nginx-proxy-manager.sh: Initializing database data directory...
[cont-init.d] nginx-proxy-manager.sh: exited 1.
[services.d] stopping services
[services.d] stopping s6-fdholderd...
[cont-finish.d] executing container finish scripts...
[cont-finish.d] done.
[s6-finish] syncing disks.
[s6-finish] sending all processes the TERM signal.
[s6-finish] sending all processes the KILL signal and exiting.

What can I do?

hamptonserver-diagnostics-20190302-1841.zip

Edited by flippedcracker
Link to comment

I am using Nginx Proxy Manager to serve remote access for a Home Assistant installation.  I want Nginx to drop any connections that don't come from mysubdomain.mydomain.com.  I would also like to use GeoIP to block foreign IP from troublemaker countries.  I have tried numerous ways to add the catch-all for any hosts/IP's other than mysubdomain.mydomain.com, but it is reading default_server from inside the docker container and when I try to add one in the custom config for my proxy host I get an error that there is a duplicate.  It is my understanding that any custom config should be in /appdata, not in the docker container so that the config persists after an update.  Because NPM is relatively new i've not had much luck in how to accomplish this within my config in /appdata.

Link to comment
8 hours ago, flippedcracker said:

I'm having trouble getting this running. I installed using the default values and whenever I try to start the container, it seems to just crash. Here is the log for the container:

 


[s6-init] making user provided files available at /var/run/s6/etc...exited 0.
[s6-init] ensuring user provided files have correct perms...exited 0.
[fix-attrs.d] applying ownership & permissions fixes...
[fix-attrs.d] done.
[cont-init.d] executing container initialization scripts...
[cont-init.d] 00-app-niceness.sh: executing...
[cont-init.d] 00-app-niceness.sh: exited 0.
[cont-init.d] 00-app-script.sh: executing...
[cont-init.d] 00-app-script.sh: exited 0.
[cont-init.d] 00-app-user-map.sh: executing...
[cont-init.d] 00-app-user-map.sh: exited 0.
[cont-init.d] 00-clean-logmonitor-states.sh: executing...
[cont-init.d] 00-clean-logmonitor-states.sh: exited 0.
[cont-init.d] 00-clean-tmp-dir.sh: executing...
[cont-init.d] 00-clean-tmp-dir.sh: exited 0.
[cont-init.d] 00-set-app-deps.sh: executing...
[cont-init.d] 00-set-app-deps.sh: exited 0.
[cont-init.d] 00-set-home.sh: executing...
[cont-init.d] 00-set-home.sh: exited 0.
[cont-init.d] 00-take-config-ownership.sh: executing...
[cont-init.d] 00-take-config-ownership.sh: exited 0.
[cont-init.d] 00-xdg-runtime-dir.sh: executing...
[cont-init.d] 00-xdg-runtime-dir.sh: exited 0.
[cont-init.d] nginx-proxy-manager.sh: executing...
[cont-init.d] nginx-proxy-manager.sh: Initializing database data directory...
[cont-init.d] nginx-proxy-manager.sh: exited 1.
[services.d] stopping services
[services.d] stopping s6-fdholderd...
[cont-finish.d] executing container finish scripts...
[cont-finish.d] done.
[s6-finish] syncing disks.
[s6-finish] sending all processes the TERM signal.
[s6-finish] sending all processes the KILL signal and exiting.

What can I do?

hamptonserver-diagnostics-20190302-1841.zip

Can you have a look at /mnt/user/appdata/NginxProxyManager/log/init_db.log?

Link to comment
6 hours ago, KG_NV said:

I am using Nginx Proxy Manager to serve remote access for a Home Assistant installation.  I want Nginx to drop any connections that don't come from mysubdomain.mydomain.com.  I would also like to use GeoIP to block foreign IP from troublemaker countries.  I have tried numerous ways to add the catch-all for any hosts/IP's other than mysubdomain.mydomain.com, but it is reading default_server from inside the docker container and when I try to add one in the custom config for my proxy host I get an error that there is a duplicate.  It is my understanding that any custom config should be in /appdata, not in the docker container so that the config persists after an update.  Because NPM is relatively new i've not had much luck in how to accomplish this within my config in /appdata.

Is your DNS service configured to resolve any subdomain?  I.e. *.mydomain.com will resolve to your IP address?

Link to comment
2 minutes ago, Djoss said:

Is your DNS service configured to resolve any subdomain?  I.e. *.mydomain.com will resolve to your IP address?

Subdomains are setup as C-names on the domain manager that point to a duckdns DDNS which ultimately points to my WAN IP.  Everything is resolving fine.  I just need to shut down all other connections.

Link to comment
5 minutes ago, KG_NV said:

Subdomains are setup as C-names on the domain manager that point to a duckdns DDNS which ultimately points to my WAN IP.  Everything is resolving fine.  I just need to shut down all other connections.

So if you have specific domain names, can't you block the ones you don't want by adding "404 Hosts"?

 

Btw, the ability to customize/disable the default page is a feature that as been requested on the project.

Link to comment
4 hours ago, Djoss said:

Can you have a look at /mnt/user/appdata/NginxProxyManager/log/init_db.log?

Installing MariaDB/MySQL system tables in '/config/mysql' ...
2019-03-02 22:28:08 22400584366984 [ERROR] InnoDB: preallocating 12582912 bytes for file ./ibdata1 failed with error 95
2019-03-02 22:28:08 22400584366984 [ERROR] InnoDB: Could not set the file size of './ibdata1'. Probably out of disk space
2019-03-02 22:28:08 22400584366984 [ERROR] InnoDB: Database creation was aborted with error Generic error. You may need to delete the ibdata1 file before trying to start up again.
2019-03-02 22:28:09 22400584366984 [ERROR] Plugin 'InnoDB' init function returned error.
2019-03-02 22:28:09 22400584366984 [ERROR] Plugin 'InnoDB' registration as a STORAGE ENGINE failed.
2019-03-02 22:28:09 22400584366984 [ERROR] Unknown/unsupported storage engine: InnoDB
2019-03-02 22:28:09 22400584366984 [ERROR] Aborting


Installation of system tables failed!  Examine the logs in
/config/mysql for more information.

The problem could be conflicting information in an external
my.cnf files. You can ignore these by doing:

    shell> /usr/bin/mysql_install_db --defaults-file=~/.my.cnf

You can also try to start the mysqld daemon with:

    shell> /usr/bin/mysqld --skip-grant-tables --general-log &

and use the command line tool /usr/bin/mysql
to connect to the mysql database and look at the grant tables:

    shell> /usr/bin/mysql -u root mysql
    mysql> show tables;

Try 'mysqld --help' if you have problems with paths.  Using
--general-log gives you a log in /config/mysql that may be helpful.

The latest information about mysql_install_db is available at
https://mariadb.com/kb/en/installing-system-tables-mysql_install_db
You can find the latest source at https://downloads.mariadb.org and
the maria-discuss email list at https://launchpad.net/~maria-discuss

Please check all of the above before submitting a bug report
at http://mariadb.org/jira

I used to have a mysql docker and a mariadb docker, but don't anymore. Think that has something to do with it?

Link to comment

I want to make sure I understand correctly before I sink any more time into this... If I give all my dockers it's own IP (from ranges of VLAN's I configured) and I also give NginxProxyManager it's own IP (thus it is able to see the other dockers through LAN) it still doesn't work?

 

If so I don't understand why NginxProxyManager doesn't work and the LE docker does.

Link to comment
On 3/3/2019 at 2:51 AM, flippedcracker said:

Installing MariaDB/MySQL system tables in '/config/mysql' ...
2019-03-02 22:28:08 22400584366984 [ERROR] InnoDB: preallocating 12582912 bytes for file ./ibdata1 failed with error 95
2019-03-02 22:28:08 22400584366984 [ERROR] InnoDB: Could not set the file size of './ibdata1'. Probably out of disk space
2019-03-02 22:28:08 22400584366984 [ERROR] InnoDB: Database creation was aborted with error Generic error. You may need to delete the ibdata1 file before trying to start up again.
2019-03-02 22:28:09 22400584366984 [ERROR] Plugin 'InnoDB' init function returned error.
2019-03-02 22:28:09 22400584366984 [ERROR] Plugin 'InnoDB' registration as a STORAGE ENGINE failed.
2019-03-02 22:28:09 22400584366984 [ERROR] Unknown/unsupported storage engine: InnoDB
2019-03-02 22:28:09 22400584366984 [ERROR] Aborting


Installation of system tables failed!  Examine the logs in
/config/mysql for more information.

The problem could be conflicting information in an external
my.cnf files. You can ignore these by doing:

    shell> /usr/bin/mysql_install_db --defaults-file=~/.my.cnf

You can also try to start the mysqld daemon with:

    shell> /usr/bin/mysqld --skip-grant-tables --general-log &

and use the command line tool /usr/bin/mysql
to connect to the mysql database and look at the grant tables:

    shell> /usr/bin/mysql -u root mysql
    mysql> show tables;

Try 'mysqld --help' if you have problems with paths.  Using
--general-log gives you a log in /config/mysql that may be helpful.

The latest information about mysql_install_db is available at
https://mariadb.com/kb/en/installing-system-tables-mysql_install_db
You can find the latest source at https://downloads.mariadb.org and
the maria-discuss email list at https://launchpad.net/~maria-discuss

Please check all of the above before submitting a bug report
at http://mariadb.org/jira

I used to have a mysql docker and a mariadb docker, but don't anymore. Think that has something to do with it?

Make sure that Settings -> Global Share Settings -> Tunable (enable Direct IO) is set to "Auto".

Also, which filesystem are you using?

Link to comment
On 3/3/2019 at 9:39 AM, Kaizac said:

I want to make sure I understand correctly before I sink any more time into this... If I give all my dockers it's own IP (from ranges of VLAN's I configured) and I also give NginxProxyManager it's own IP (thus it is able to see the other dockers through LAN) it still doesn't work?

 

If so I don't understand why NginxProxyManager doesn't work and the LE docker does.

If it works with LE, it should work with this one also.  How are you configured exactly?  You containers have their own IP on different VLANs?

Link to comment
6 hours ago, Djoss said:

If it works with LE, it should work with this one also.  How are you configured exactly?  You containers have their own IP on different VLANs?

I have the NginxProxyManager docker on it's own IP in the same VLAN as my other dockers. All other dockers also have their own IP in this VLAN. So I put the NginxProxyManager on ports 80 and 443 and I opened and forwarded these ports on my router to the IP of the NginxProxyManager.

 

Then when I add my proxy hosts and request the certificates I always get the error "Internal Error". When I look in my log it says the following:

Failed authorization procedure. bitwarden.mydomain.com (http-01): urn:acme:error:connection :: The server could not connect to the client to verify the domain :: Fetching http://bitwarden.mydomain.com/.well-known/acme-challenge/As3xDn2mZgCJzRpsFyGtlXKog3UZBRzrsHVaActeN6s: Connection refused

 

Link to comment

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.

Guest
Reply to this topic...

×   Pasted as rich text.   Restore formatting

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.