[Support] Djoss - Nginx Proxy Manager


Djoss

Recommended Posts

Just now, Nyghthawk said:

is this accomplished through proxy manager? or just opening up the few ports? 

For external access, this is done on your router.  So instead of forwarding port 80 to the IP address of unRAID and port 1880, choose something else then 80.

Link to comment
2 minutes ago, Djoss said:

For external access, this is done on your router.  So instead of forwarding port 80 to the IP address of unRAID and port 1880, choose something else then 80.

so right now i have port 180 forwarded to my unraid server.....

 

port 180 is open per your site you gave me....

 

so I cannot use proxy manager then? since it can only listen on port 80 correcT?

Edited by Nyghthawk
Link to comment
7 minutes ago, Nyghthawk said:

so right now i have port 180 forwarded to my unraid server.....

And forwarded to which internal port ?  1880?

8 minutes ago, Nyghthawk said:

so I cannot use proxy manager then? since it can only listen on port 80 correcT?

Yes you can.  The only thing you cannot have is the free and automatic certificates generation through Let'sEncrypt.

Link to comment
2 minutes ago, Djoss said:

And forwarded to which internal port ?  1880?

Yes you can.  The only thing you cannot have is the free and automatic certificates generation through Let'sEncrypt.

Port 180 forwarded to unraid:1880 and port 443 to unraid:18443

 

Proxy Manager ports are

1880

and 

18443

respectively

 

 

Link to comment
34 minutes ago, Nyghthawk said:

Port 180 forwarded to unraid:1880 and port 443 to unraid:18443

  

Proxy Manager ports are

1880

and 

18443

respectively

 

 

That looks good.  You should be able to access a configured service via http://subdomain.domain.com:180.

Link to comment
1 hour ago, Djoss said:

What?  Getting your certificates? Since it seems that your domain comes from  namecheap, you can buy certificates from them: https://www.namecheap.com/security/ssl-certificates/

But if you search a little bit, you will find a lot of other places.

Once you have the certificate, you can add it in NginxProxyManager (SSLCertificates->Add SSL Certificate->Custom).

I'm struggling with certs on CloudFlare right now.  I thought that's what LetsEncrypt does?  Do we need to fill in all 3 fields of the Custom section?  CloudFlare only gives a key and another file

Link to comment
16 minutes ago, thrroow said:

I'm struggling with certs on CloudFlare right now.  I thought that's what LetsEncrypt does?  Do we need to fill in all 3 fields of the Custom section?  CloudFlare only gives a key and another file

I'm not using CloudFlare, but are you able to generate Let'sEncrypt certificates?  If yes then you don't need to add custom ones.

Link to comment
9 minutes ago, Djoss said:

I'm not using CloudFlare, but are you able to generate Let'sEncrypt certificates?  If yes then you don't need to add custom ones.

Yes I can (at least I think).  But using cloudflare as my DNS I can't connect to any https docker.  The only thing I've gotten to work is an HTML5 speedtest that is http.  Another user on this thread told me to use CloudFlare generated keys in NGINX.  Doing that I'm getting a 521 error now (web server down).

Link to comment
12 minutes ago, thrroow said:

Yes I can (at least I think).  But using cloudflare as my DNS I can't connect to any https docker.  The only thing I've gotten to work is an HTML5 speedtest that is http.  Another user on this thread told me to use CloudFlare generated keys in NGINX.  Doing that I'm getting a 521 error now (web server down).

Which error do yo get with Let'sEncrypt certificates ?  502?  This is usually due to an incorrect config of your proxy host.

Link to comment
5 minutes ago, Djoss said:

Which error do yo get with Let'sEncrypt certificates ?  502?  This is usually due to an incorrect config of your proxy host.

Yes.  I have the 80/443 ports correctly configured, and my dockers apparently correctly configured (I was up and running with LetsEncrypt docker before).  Cloudflare handled my SSL certs before for some reason, could never figure out why I wasn't seeing LE certs.  I assume it's the same problem I'm running into now.

 

What do I need to check or revisit to try and get this working?

Link to comment
13 minutes ago, thrroow said:

Yes.  I have the 80/443 ports correctly configured, and my dockers apparently correctly configured (I was up and running with LetsEncrypt docker before).  Cloudflare handled my SSL certs before for some reason, could never figure out why I wasn't seeing LE certs.  I assume it's the same problem I'm running into now.

 

What do I need to check or revisit to try and get this working?

If you want to use LE certificates, I guess you need to disable any cert handling on cloudflare side.  A user also said that you need to disable "HTTPs rewrites".

Link to comment
8 hours ago, thrroow said:

No, I have not.  You use the .key as the Certificate Key and the .PEM as the Certificate and the Intermediate Certificate?

So I have cloudflare and Nginx proxy manager working.

 

  • make sure all the port forwarding is setup per your router to the Nginx container
  • I went onto cloudflare and created my cnames for my domain under DNS
  • Then went to crypto tab and created the origin certificates - you can create individual one for each subdomain or have one with all the subdomain added.
  • this will give you the .PEM and .Key 
  • you save these on to your desktop as whateveryouwanttocallit.pem and whateveryouwanttocallit.key
  • goto ngnx proxy manager and goto SSL certificates 
  • create a custom certificate
  • only need the .pem and .key files to create a new certificate
  • once this creates it ogot the Hosts > Proxy Host tab
  • create your proxy host
  • Fill out the details Tab --> then under SSL tab choose the custom certificate 

 

 

This setup works for me.

I cannot use force SSL tab, if I do so then I get errors for some reason

 

I also setup the firewall rules on cloudflare to block all non US web requests.

 

Link to comment
13 hours ago, Djoss said:

The upstream server IP is 127.0.0.1.  You should set instead a local IP.  If the service is running on unRAID, use the unRAID's IP.

 

Hi Djoss, no luck with my local (192.168.x.y) or public IPs :(. Any other ideas?

My setup is:

  * Linux Host

  * Your image running on Docker

  * Another image running on Docker, exposing port 3000 to the router.

 

Accessing my local IP directly works and nginx-proxy image works as expected.

 

Any other ideas?

Link to comment
4 minutes ago, Cat_Seeder said:

Hi Djoss, no luck with my local (192.168.x.y) or public IPs :(. Any other ideas?

My setup is:

  * Linux Host

  * Your image running on Docker

  * Another image running on Docker, exposing port 3000 to the router.

 

Accessing my local IP directly works and nginx-proxy image works as expected.

 

Any other ideas?

What are the errors now?

Link to comment
10 hours ago, littlebudha said:

So I have cloudflare and Nginx proxy manager working.

 

  • make sure all the port forwarding is setup per your router to the Nginx container
  • I went onto cloudflare and created my cnames for my domain under DNS
  • Then went to crypto tab and created the origin certificates - you can create individual one for each subdomain or have one with all the subdomain added.
  • this will give you the .PEM and .Key 
  • you save these on to your desktop as whateveryouwanttocallit.pem and whateveryouwanttocallit.key
  • goto ngnx proxy manager and goto SSL certificates 
  • create a custom certificate
  • only need the .pem and .key files to create a new certificate
  • once this creates it ogot the Hosts > Proxy Host tab
  • create your proxy host
  • Fill out the details Tab --> then under SSL tab choose the custom certificate 

 

 

This setup works for me.

I cannot use force SSL tab, if I do so then I get errors for some reason

 

I also setup the firewall rules on cloudflare to block all non US web requests.

 

Thanks, I finally got it working.  I think I had other settings in CloudFlare that were messing me up.  Here are some of my settings in case anyone else has to figure this out:

 

DNS Tab:

A records that point to my IP.  Set to automatic (orange cloud)

 

Crypo tab:

 

SSL: Full

Origin Cert: *.mydomain.com, mydomain.com (save both these outputs as .PEM and .KEY)

Always use HTTPS: Off

Auth Origin Pull: Off

Min TLS: 1.0

Opportunistic Encrypt: Off

Onion Routing: Off

TLS 1.3: Disabled

Link to comment

before i go pestering the developer on github, does anybody know if its possible to configure multiple ports for a proxy host?, i have tvheadend running and i would like to forward to ports 9981 and 9982, as far as i can tell there i currently no way of doing this through the ui, maybe some additional advanced nginx config would allow me to do this? (anybody got any examples) until this is included in the ui - assuming it is possible.

Link to comment
2 hours ago, binhex said:

before i go pestering the developer on github, does anybody know if its possible to configure multiple ports for a proxy host?, i have tvheadend running and i would like to forward to ports 9981 and 9982, as far as i can tell there i currently no way of doing this through the ui, maybe some additional advanced nginx config would allow me to do this? (anybody got any examples) until this is included in the ui - assuming it is possible.

I think that only port 9981 is HTTP.  This would be the one handled by Nginx.

Link to comment

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.

Guest
Reply to this topic...

×   Pasted as rich text.   Restore formatting

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.