[Support] Djoss - Nginx Proxy Manager


Djoss

Recommended Posts

On 7/2/2019 at 7:29 AM, Djoss said:

You can have a look at the corresponding log file under /mnt/user/appdata/NginxProxyManager/log/nginx/ to have a better understanding of what's happening when you access these locations.

Thanks... that proved inconclusive to me...

 

Wound up fixing it... needed to change the Airsonic docker to use:

 

JAVA_OPTS="-Dserver.use-forward-headers=true"

 

(or whatever format your world uses).

 

Info here:

 

https://github.com/airsonic/airsonic/issues/789#issuecomment-416079020

 

https://airsonic.github.io/docs/install/docker/#advanced-configuration

 

I didn't have to do the part about setting all the location options (X-Forwarded-Host, etc.) - just worked.

 

Hope that's useful to somebody.

Link to comment

Hi Guys - my unraid server log is getting spammed with the following:

 

Jul 5 14:18:29 Tower nginx: 2019/07/05 14:18:29 [crit] 6547#6547: *9967 connect() to unix:/var/tmp/NginxProxyManager.sock failed (2: No such file or directory) while connecting to upstream, client: 192.168.0.120, server: , request: "GET /dockerterminal/NginxProxyManager/ws HTTP/1.1", upstream: "http://unix:/var/tmp/NginxProxyManager.sock:/ws", host: "tower.x.net"
Jul 5 14:18:39 Tower nginx: 2019/07/05 14:18:39 [crit] 6547#6547: *10010 connect() to unix:/var/tmp/NginxProxyManager.sock failed (2: No such file or directory) while connecting to upstream, client: 192.168.0.120, server: , request: "GET /dockerterminal/NginxProxyManager/ws HTTP/1.1", upstream: "http://unix:/var/tmp/NginxProxyManager.sock:/ws", host: "tower.x.net"
Jul 5 14:18:49 Tower nginx: 2019/07/05 14:18:49 [crit] 6547#6547: *10047 connect() to unix:/var/tmp/NginxProxyManager.sock failed (2: No such file or directory) while connecting to upstream, client: 192.168.0.120, server: , request: "GET /dockerterminal/NginxProxyManager/ws HTTP/1.1", upstream: "http://unix:/var/tmp/NginxProxyManager.sock:/ws", host: "tower.x.net"
Jul 5 14:18:59 Tower nginx: 2019/07/05 14:18:59 [crit] 6547#6547: *10093 connect() to unix:/var/tmp/NginxProxyManager.sock failed (2: No such file or directory) while connecting to upstream, client: 192.168.0.120, server: , request: "GET /dockerterminal/NginxProxyManager/ws HTTP/1.1", upstream: "http://unix:/var/tmp/NginxProxyManager.sock:/ws", host: "tower.x.net"

 

I have removed the NginxProxyManager docker in hope to resolve this but it continues. Could someone please point me to a resolution?

Link to comment

First of; this is a brilliant piece of work. The last time I had to set up proxying on nginx it was on an ubuntu box and it was a huge hassle. This has worked so flawlessly and I applaud the effort!

I'm hoping you can help me solve one remaining issue, however.

This evening I've set up;


MariaDB

NextCloud

NGINX proxy Manager

 

To do; some web-server running a simple CMS.

 

I got NextCloud to work using my own subdomain at cloud.mydomain.com, unfortunately I lost all access to it internally upon doing so. I know it's to do with reverse proxying and the only workaround I had back in the day was to manually edit my host file. Unfortunately, since the nextcloud container sits on the same network as UnRaid it's not at 443 but 444, essentially I can only access UnRaid and not the NextCloud installation from inside the network.

Is there any way I can resolve this using this container, or do I need to look elsewhere? I'd like to 'fix' it for my entire network this time, as I plan to be using multiple mobile apps and get the wife syncing, too. I'm just hoping for a miracle, really.

Considering I am going to be adding a website, and probably some other stuff, it would be nice to be able to access it internally, too.

 

Cheers, if anyone has some insight to share.

Link to comment
3 minutes ago, Froberg said:

I got NextCloud to work using my own subdomain at cloud.mydomain.com, unfortunately I lost all access to it internally upon doing so.

You need to enable NAT loopback, hairpinning, or whatever your router calls it.

4 minutes ago, Froberg said:

Is there any way I can resolve this using this container, or do I need to look elsewhere?

It's controlled by your router.

  • Like 1
Link to comment
7 minutes ago, jonathanm said:

You need to enable NAT loopback, hairpinning, or whatever your router calls it.

It's controlled by your router.

NAT loopback brought me in the right direction;

https://community.linksys.com/t5/Wireless-Routers/WRT1900AC-NAT-Loopback/m-p/1013735/highlight/true#M318597

That did it. It's extremely slow, for some reason, but it did the trick!

Thank you so much. Now to figure out why it's so slow..

Link to comment
On 7/5/2019 at 12:33 AM, vfast said:

Hi Guys - my unraid server log is getting spammed with the following:

 

Jul 5 14:18:29 Tower nginx: 2019/07/05 14:18:29 [crit] 6547#6547: *9967 connect() to unix:/var/tmp/NginxProxyManager.sock failed (2: No such file or directory) while connecting to upstream, client: 192.168.0.120, server: , request: "GET /dockerterminal/NginxProxyManager/ws HTTP/1.1", upstream: "http://unix:/var/tmp/NginxProxyManager.sock:/ws", host: "tower.x.net"
Jul 5 14:18:39 Tower nginx: 2019/07/05 14:18:39 [crit] 6547#6547: *10010 connect() to unix:/var/tmp/NginxProxyManager.sock failed (2: No such file or directory) while connecting to upstream, client: 192.168.0.120, server: , request: "GET /dockerterminal/NginxProxyManager/ws HTTP/1.1", upstream: "http://unix:/var/tmp/NginxProxyManager.sock:/ws", host: "tower.x.net"
Jul 5 14:18:49 Tower nginx: 2019/07/05 14:18:49 [crit] 6547#6547: *10047 connect() to unix:/var/tmp/NginxProxyManager.sock failed (2: No such file or directory) while connecting to upstream, client: 192.168.0.120, server: , request: "GET /dockerterminal/NginxProxyManager/ws HTTP/1.1", upstream: "http://unix:/var/tmp/NginxProxyManager.sock:/ws", host: "tower.x.net"
Jul 5 14:18:59 Tower nginx: 2019/07/05 14:18:59 [crit] 6547#6547: *10093 connect() to unix:/var/tmp/NginxProxyManager.sock failed (2: No such file or directory) while connecting to upstream, client: 192.168.0.120, server: , request: "GET /dockerterminal/NginxProxyManager/ws HTTP/1.1", upstream: "http://unix:/var/tmp/NginxProxyManager.sock:/ws", host: "tower.x.net"

 

I have removed the NginxProxyManager docker in hope to resolve this but it continues. Could someone please point me to a resolution?

It seems that you have a Terminal web window opened.

Link to comment
  • 2 weeks later...
On 12/21/2018 at 1:14 PM, Djoss said:

@amacdonald, currently, Nginx Proxy Manager doesn't have the support for forwarding to a HTTPs backend/server.

 

In the meantime, if you really want to have your nexcloud forwarding working, you can manually edit the generated Nginx config to make your proxy works:

In /mnt/user/appdata/NginxProxyManager/nginx/proxy_host/, find the file associated to nextcloud. You then need replace the directive "include conf.d/include/proxy.conf" with:


add_header       X-Served-By $host;
proxy_set_header Host $host;
proxy_set_header X-Forwarded-Scheme $scheme;
proxy_set_header X-Forwarded-Proto  $scheme;
proxy_set_header X-Forwarded-For    $remote_addr;
proxy_pass       https://$server:$port;

Finally, restart the container.

Note: if you do a change from the UI, the config file will be overwritten and you will loose your changes!

It's been quite a few months since this workaround.  I do see in the Nginx Proxy Manage now that forwarding to HTTPS servers is supported, however I still cannot get it to work with my Nextcloud container.  I get 502 Bad Gateway.  Is there some other trick in getting this working?  Thanks!

Link to comment
6 hours ago, PaulieORF said:

It's been quite a few months since this workaround.  I do see in the Nginx Proxy Manage now that forwarding to HTTPS servers is supported, however I still cannot get it to work with my Nextcloud container.  I get 502 Bad Gateway.  Is there some other trick in getting this working?  Thanks!

As I set this up a few months ago I might actually be of use here.

Assuming you set up the proxy-part correctly, maybe you're missing some steps in the owncloud config. (i.e. forcing https, maybe..)

Check your config.pgp and ensure the following lines are present:

  'overwrite.cli.url' => 'your.domain.goes.here',
  'overwritehost' => 'your.domain.goes.here',
  'overwriteprotocol' => 'https',

(substitute your own domain, of course.)


You also need to make sure that the Nginx Proxy Manager and the NextCloud container is on the same ip address.

Edited by Froberg
typo
Link to comment
2 hours ago, Froberg said:

As I set this up a few months ago I might actually be of use here.

Assuming you set up the proxy-part correctly, maybe you're missing some steps in the owncloud config. (i.e. forcing https, maybe..)

Check your config.pgp and ensure the following lines are present:


  'overwrite.cli.url' => 'your.domain.goes.here',
  'overwritehost' => 'your.domain.goes.here',
  'overwriteprotocol' => 'https',

(substitute your own domain, of course.)


You also need to make sure that the Nginx Proxy Manager and the NextCloud container is on the same ip address.

Wow, so my problem was that I had the Nextcloud container using its own IP address.  Just changed it to the same as the Unraid server and it's now working.  Thanks!!

Link to comment
2 hours ago, Froberg said:

As I set this up a few months ago I might actually be of use here.

Assuming you set up the proxy-part correctly, maybe you're missing some steps in the owncloud config. (i.e. forcing https, maybe..)

Check your config.pgp and ensure the following lines are present:


  'overwrite.cli.url' => 'your.domain.goes.here',
  'overwritehost' => 'your.domain.goes.here',
  'overwriteprotocol' => 'https',

(substitute your own domain, of course.)


You also need to make sure that the Nginx Proxy Manager and the NextCloud container is on the same ip address.

Have you been able to over come this message?

Quote

The "Strict-Transport-Security" HTTP header is not set to at least "15552000" seconds.

I've got HSTS turned on in Nginx, but this still shows up.

Link to comment
6 hours ago, Froberg said:

As I set this up a few months ago I might actually be of use here.

Assuming you set up the proxy-part correctly, maybe you're missing some steps in the owncloud config. (i.e. forcing https, maybe..)

Check your config.pgp and ensure the following lines are present:


  'overwrite.cli.url' => 'your.domain.goes.here',
  'overwritehost' => 'your.domain.goes.here',
  'overwriteprotocol' => 'https',

(substitute your own domain, of course.)


You also need to make sure that the Nginx Proxy Manager and the NextCloud container is on the same ip address.

Hi all,

I'm having trouble getting Nextcloud setup with NPM, all I get is a 502 Bad Gateway. My Nextcloud config has:

'trusted_domains' => 
  array (
    0 => '10.0.0.30:4039',
    1 => 'cloud.domain.com',
  ),
  'trusted_proxies' => ['letsencrypt'],

  'overwrite.cli.url' => 'https://cloud.domain.com/',
  'overwritehost' => 'cloud.domain.com',
  'overwriteprotocol' => 'https',

and my NPM and Dockers are set out in the images. I've also tried with both dockers just set in the standard bridge network, but no dice. Any help would be greatly appreciated!

details.png

NPM details. Custom Locations is blank.

ssl.png

NPM SSL. Advanced is blank. 

nextcloud.png

npm.png

Edited by awilderaid
Link to comment
6 hours ago, Froberg said:

What's with the trusted_proxies line?

Saw it posted somewhere while I was trying to find a fix for this. Just looked into it now, no idea what the 'letsencrypt' setting is supposed to be as it takes IP addresses. That's now fixed to read:

'trusted_proxies' => 
  array (
    0 => '10.0.0.30',
    1 => '127.0.0.1',
    2 => '192.168.255.10',
  ),

But no dice. Removing it completely also doesn't work. 

Link to comment

Maybe try reverting the config to a default one. I haven't had much experience with setting up alternate networks but it seems the 502 Bad Gateway is connected to nginx proxy manager being unable to route to the docker you want - as per the post directly above yours.

I'd start with a fresh config if I were you, and make sure to clean up the appdata so you don't just get the old config back.

I can't see anything in your settings that would explain it. Maybe someone else can spot it though, as I'm far from an expert.

Link to comment

I'm pretty sure this has been discussed somewhere on the forums, but let me explain my not so complicated yet unsolvable "Bad Gateway" problem.

 

The network is as follows

Lan 10.0.0.0/24

SLAN 10.0.1.0/24

WLAN 10.0.2.0/24

VPLAN1 10.0.3.0/24

VPLAN2 10.0.4.0/24

 

Vidas: has 3 networks:

10.0.0.3 - 10.0.1.3 - 10.0.3.3

I changed unraid default ports from 443 to 9989 and 80 to 8182, NPM is on bridge on ports 443 and port 80

all configured will I can access services on the VM either locally or from the inter, but when trying to access Docker services I get bad gateway!!! to solve this is issue I have setup NPM on another unraid server.

 

I need the NPM to be on port 443 for my local serveries to be accessible via lan

Edited by PSYCHOPATHiO
Link to comment
13 hours ago, PSYCHOPATHiO said:

I'm pretty sure this has been discussed somewhere on the forums, but let me explain my not so complicated yet unsolvable "Bad Gateway" problem.

 

The network is as follows

Lan 10.0.0.0/24

SLAN 10.0.1.0/24

WLAN 10.0.2.0/24

VPLAN1 10.0.3.0/24

VPLAN2 10.0.4.0/24

 

Vidas: has 3 networks:

10.0.0.3 - 10.0.1.3 - 10.0.3.3

I changed unraid default ports from 443 to 9989 and 80 to 8182, NPM is on bridge on ports 443 and port 80

all configured will I can access services on the VM either locally or from the inter, but when trying to access Docker services I get bad gateway!!! to solve this is issue I have setup NPM on another unraid server.

 

I need the NPM to be on port 443 for my local serveries to be accessible via lan

Do you also have your docker services configured with the Bridge networking mode?

Link to comment
6 hours ago, scooterh928 said:

if port 80 is blocked via ISP how can I do the SSL certs with this proxy manager, before I moved I set this up with the certs as port 80 wasn't blocked worked great, now that I moved new provider and they block port 80

 

To automatically generate letsencrypt certificates, the container needs to be reachable from the internet on port 80, since it's the only method supported by NPM.

Link to comment
2 hours ago, Djoss said:

Do you also have your docker services configured with the Bridge networking mode?

yes, it is in docker mode.

I tried every possible variation from docker mode, host mode, different ips & last night I wiped my pfsense & reinstalled fresh copy & spent a couple of hours re-configuring to find out i still get bad gateway.

I think the problem is somewhere in the docker configuration or network on the unraid server it self but I cant find it.

Link to comment

Hey All,

Sorry if this has been asked before, I didn't see anything in the search I did.

I have NPM setup and trying to get it to work with Nextcloud, however every time I create a proxy it shows up in NPM as Status: Offline.
UjFDfmV.png

 

I have found that if I setup NPM to not use SSL, then the proxy works fine, but I'd like to try to get the SSL working. I'm very new to Unraid so this has me kinda stumped. Thank you for any help.

Here are the settings I have entered:
B4xhLe8.png

 

Bdom5Q8.png

 

Edited by deadletters
added configuration settings
Link to comment

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.

Guest
Reply to this topic...

×   Pasted as rich text.   Restore formatting

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.