Djoss Posted May 7, 2019 Author Share Posted May 7, 2019 5 hours ago, Skipdog said: If I change to Bridge mode, the docker won't be able to proxy for my "host" dockers correct? Yes, it should work with containers in host mode. The scenario where is may not work is when you assign an IP to containers. Quote Link to comment
eds Posted May 7, 2019 Share Posted May 7, 2019 (edited) 1 hour ago, Djoss said: So your nextcloud container seems to be the problem. Can it resolve other DNS names (like www.google.com)? Yes, which is what I find so weird. It won't even resolve nextcloud.mydomainname.com. I get the error: wget bad address https://nextcloud.mydomainname.com. Not sure what that even means. Also, I should state, if I take the docker out of bridge mode (and give the docker its own ip), I can resolve the domain names, even nextcloud.mydomainname.com. Edited May 7, 2019 by eds update Quote Link to comment
Squiggley Posted May 8, 2019 Share Posted May 8, 2019 On 5/3/2019 at 11:23 AM, Djoss said: The fact that this container runs in bridge mode doesn't not prevent your to use other containers with different network mode. The scenario where you can have some limitations is when you run this container in another mode than bridge. I think we are talking at cross purposed here... I am not using subfolders I am using subdomains. I will try it again and see if its me being a dufus thanks Quote Link to comment
Djoss Posted May 9, 2019 Author Share Posted May 9, 2019 On 5/6/2019 at 10:14 PM, eds said: Yes, which is what I find so weird. It won't even resolve nextcloud.mydomainname.com. I get the error: wget bad address https://nextcloud.mydomainname.com. Not sure what that even means. Also, I should state, if I take the docker out of bridge mode (and give the docker its own ip), I can resolve the domain names, even nextcloud.mydomainname.com. "Bad address" means that the DNS name cannot be resolved. You can check the content of "/etc/resolv.conf", both on unRAID and in the container to see if your DNS server is properly used. Quote Link to comment
eds Posted May 9, 2019 Share Posted May 9, 2019 35 minutes ago, Djoss said: You can check the content of "/etc/resolv.conf", both on unRAID and in the container to see if your DNS server is properly used. Interesting. Are you saying I should I see the domain name here? Quote Link to comment
eds Posted May 9, 2019 Share Posted May 9, 2019 5 hours ago, Djoss said: "Bad address" means that the DNS name cannot be resolved. You can check the content of "/etc/resolv.conf", both on unRAID and in the container to see if your DNS server is properly used. 4 hours ago, eds said: Interesting. Are you saying I should I see the domain name here? OK, so I added the domain name to the resolv.conf manually. Unraid can resolve the url, but nextcloud still cannot. Clearly the issue is with the nextcloud docker. Will try to use a static ip and see if that works. Thanks. Quote Link to comment
malac Posted May 9, 2019 Share Posted May 9, 2019 are there plans to add fail2ban? Quote Link to comment
Djoss Posted May 10, 2019 Author Share Posted May 10, 2019 22 hours ago, eds said: Interesting. Are you saying I should I see the domain name here? You should see a like this: nameserver <IP of your DNS server> Quote Link to comment
Djoss Posted May 10, 2019 Author Share Posted May 10, 2019 4 hours ago, malac said: are there plans to add fail2ban? Not for the moment. I would prefer an implementation of fail2ban that is not tied to a particular container, since fail2ban would be typically used by multiple containers/services. Quote Link to comment
malac Posted May 10, 2019 Share Posted May 10, 2019 5 hours ago, Djoss said: Not for the moment. I would prefer an implementation of fail2ban that is not tied to a particular container, since fail2ban would be typically used by multiple containers/services. i use macvlan for all my docker images, so for the ban action i would need fail2ban integrated in this docker i think? Quote Link to comment
hmoney007 Posted May 10, 2019 Share Posted May 10, 2019 I updated nginxproxymanager last night and today I noticed that nextcloud wasn't connecting. I confirmed that my nslookups are still hitting my WAN IP, but none of my subdomains configured through nginxproxymanager are currently working. I did not change any configuration within the container. Is anyone else experiencing this? Quote Link to comment
MowMdown Posted May 10, 2019 Share Posted May 10, 2019 (edited) Question. I have HTTP AUTH enabled for my dockers proxied, however I need to expose an endpoint for SAB to be able to fetch from Hydra. Obviously when SAB goes to do that currently, its met with a 401 not authorized. is there a way to expose the endpoint needed to fetch The NZB from hydra without exposing the entire domain? hydra.mydomain.tld/getnzb is what I need to expose for this to work. Is what I need possible with NPM? Or... is there a way to whitelist SAB from requiring authorization? Edited May 10, 2019 by MowMdown Quote Link to comment
eds Posted May 11, 2019 Share Posted May 11, 2019 On 5/9/2019 at 8:34 PM, Djoss said: You should see a like this: nameserver <IP of your DNS server> Ok, well I do see the ip of the dns server in the resolv.conf file. What is curious is I am seeing errors that look like this in the npm log: nginx: [emerg] host not found in resolver "<mydomainname.com>" in /etc/nginx/conf.d/include/resolvers.conf:1 nginx: configuration file /etc/nginx/nginx.conf test failed How to fix? Quote Link to comment
Djoss Posted May 13, 2019 Author Share Posted May 13, 2019 On 5/10/2019 at 4:56 PM, hmoney007 said: I updated nginxproxymanager last night and today I noticed that nextcloud wasn't connecting. I confirmed that my nslookups are still hitting my WAN IP, but none of my subdomains configured through nginxproxymanager are currently working. I did not change any configuration within the container. Is anyone else experiencing this? Are you able to access the Nginx Proxy Manager interface? Quote Link to comment
Djoss Posted May 13, 2019 Author Share Posted May 13, 2019 On 5/10/2019 at 7:38 PM, MowMdown said: Question. I have HTTP AUTH enabled for my dockers proxied, however I need to expose an endpoint for SAB to be able to fetch from Hydra. Obviously when SAB goes to do that currently, its met with a 401 not authorized. is there a way to expose the endpoint needed to fetch The NZB from hydra without exposing the entire domain? hydra.mydomain.tld/getnzb is what I need to expose for this to work. Is what I need possible with NPM? Or... is there a way to whitelist SAB from requiring authorization? Do you need your endpoint to be accessible from the Internet ? Quote Link to comment
Djoss Posted May 13, 2019 Author Share Posted May 13, 2019 On 5/10/2019 at 10:20 PM, eds said: Ok, well I do see the ip of the dns server in the resolv.conf file. What is curious is I am seeing errors that look like this in the npm log: nginx: [emerg] host not found in resolver "<mydomainname.com>" in /etc/nginx/conf.d/include/resolvers.conf:1 nginx: configuration file /etc/nginx/nginx.conf test failed How to fix? What is the content of /mnt/user/appdata/NginxProxyManager/nginx/resolvers.conf ? Look s like it is not correctly generated. Quote Link to comment
hmoney007 Posted May 13, 2019 Share Posted May 13, 2019 6 minutes ago, Djoss said: Are you able to access the Nginx Proxy Manager interface? I apologize for not updating this. I was getting errors in the nginx proxy manager interface when trying to make changes to a new proxy host. I took a screenshot of my config, deleted the docker container + folder within appdata and then installed and configured it fresh. It's now working as expected! One thing I did notice: when adding multiple proxy hosts i went back to confirm that all of the settings were correct and noticed that almost all of my newly-configured proxy hosts had all of the options unchecked in the SSL tab, and I am 100% sure that I had checked them all off. Quote Link to comment
eds Posted May 13, 2019 Share Posted May 13, 2019 13 hours ago, Djoss said: What is the content of /mnt/user/appdata/NginxProxyManager/nginx/resolvers.conf ? Look s like it is not correctly generated. This is what I have: resolver 1.1.1.1 1.0.0.1 192.168.0.1 ; Quote Link to comment
MowMdown Posted May 14, 2019 Share Posted May 14, 2019 (edited) On 5/12/2019 at 10:15 PM, Djoss said: Do you need your endpoint to be accessible from the Internet ? Basically I want to be able to whitelist the /getnzb endpoint so I can fetch the URL without needing http auth. Sabnzbd has two methods of retrieving nzb files. you can upload the data to sab OR you can have sab fetch the data from a URL. The URL needed to fetch the data is behind hydra.mydomain.tld/getnzb/some_nzb_file.nzb however because I put hydra.mydomain.tld behind http_auth, sab is greeted with a 401 error (no authorization) (maybe what I am asking is not possible due to limitations of nginx) I either need to whitelist the /getnzb endpoint ONLY so no http auth is required OR somehow allow sab through the auth. It's not the end of the world but I would prefer the fetch method over upload. I was trying to edit the .conf using this documentation with no sucsess Edit: I think I figured it out, I went in and created a custom location "/getnzb" and used the same IP:PORT as the main proxy and it seems to work. however if you try to normally access it, it will give you an AUTH form so it's not accessible from a browser. Safe enough for me. Edited May 15, 2019 by MowMdown Quote Link to comment
Djoss Posted May 15, 2019 Author Share Posted May 15, 2019 On 5/13/2019 at 11:28 AM, eds said: This is what I have: resolver 1.1.1.1 1.0.0.1 192.168.0.1 ; This seems valid... Are you getting this error regularly ? Or are you sure you got the error while the content of the file was the one you provided? Quote Link to comment
Djoss Posted May 15, 2019 Author Share Posted May 15, 2019 On 5/14/2019 at 4:17 PM, MowMdown said: Basically I want to be able to whitelist the /getnzb endpoint so I can fetch the URL without needing http auth. Sabnzbd has two methods of retrieving nzb files. you can upload the data to sab OR you can have sab fetch the data from a URL. The URL needed to fetch the data is behind hydra.mydomain.tld/getnzb/some_nzb_file.nzb however because I put hydra.mydomain.tld behind http_auth, sab is greeted with a 401 error (no authorization) (maybe what I am asking is not possible due to limitations of nginx) I either need to whitelist the /getnzb endpoint ONLY so no http auth is required OR somehow allow sab through the auth. It's not the end of the world but I would prefer the fetch method over upload. I was trying to edit the .conf using this documentation with no sucsess Edit: I think I figured it out, I went in and created a custom location "/getnzb" and used the same IP:PORT as the main proxy and it seems to work. however if you try to normally access it, it will give you an AUTH form so it's not accessible from a browser. Safe enough for me. Or if you can fetch by using the local IP address you would bypass NginxProxyManager. Quote Link to comment
MowMdown Posted May 16, 2019 Share Posted May 16, 2019 (edited) 12 hours ago, Djoss said: Or if you can fetch by using the local IP address you would bypass NginxProxyManager. Hydra doesn't work that way if you aren't accessing it by local ip (it's weird I know). I don't think the dev has any plans on changing that either. Basically if I visit "hydra.mydomain.tld" it generates the links as "hydra.mydomain.tld/getnzb/..." instead of "http://192.168.1.200:5076/getnzb/…" It's fine though, I found a work around for it, thanks though. Edited May 16, 2019 by MowMdown Quote Link to comment
eds Posted May 16, 2019 Share Posted May 16, 2019 13 hours ago, Djoss said: This seems valid... Are you getting this error regularly ? Or are you sure you got the error while the content of the file was the one you provided? I'm not seeing the error right now so it appears to be exclusive to whatever issue I am having with the subdomain assigned to nextcloud. Quote Link to comment
SoloLab Posted May 19, 2019 Share Posted May 19, 2019 On 3/25/2019 at 5:08 AM, Djoss said: The scheme you are configuring is for the forwarded host (i.e. how you access your internal service) and is not related to how it is accessed externally. To better help you, please provide a screenshot of your proxy host configuration and a screenshot of the browser's error. First off sorry for the really late reply, hope someone can still help. This setup will not work. I get The following error But if I change the Scheme to HTTP: I can externally access it, but if I go to the nav bar and directly add the `s` to the URL, it still works. Quote Link to comment
Djoss Posted May 20, 2019 Author Share Posted May 20, 2019 On 5/16/2019 at 9:11 AM, eds said: I'm not seeing the error right now so it appears to be exclusive to whatever issue I am having with the subdomain assigned to nextcloud. Can you confirm that you are still getting the error and if yes take the content of /mnt/user/a ppdata/NginxProxyManager/nginx/resolvers.conf at that moment? Quote Link to comment
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.