Djoss Posted October 10, 2019 Author Share Posted October 10, 2019 1 hour ago, Brydezen said: I only have one user named lol and the password is also lol. Does it only work if the username is admin? EDIT: I just tried doing the auth in a new browser (firefox) and it worked flawlessly. But chrome seems to mess me up. Ok, you may need to clear chrome's cache... Quote Link to comment
jj_uk Posted October 21, 2019 Share Posted October 21, 2019 Is anyone using this with the home assistant docker? I can't get access to HA when going through this proxy. I get a bad gateway error. Quote Link to comment
TDA Posted October 21, 2019 Share Posted October 21, 2019 Is there a way to implement fail2ban? 1 Quote Link to comment
Djoss Posted October 22, 2019 Author Share Posted October 22, 2019 On 10/21/2019 at 4:04 AM, jj_uk said: Is anyone using this with the home assistant docker? I can't get access to HA when going through this proxy. I get a bad gateway error. This error is usually caused by an incorrect configuration of your proxy host. Make sure the forward host is properly set with the correct http scheme and port. According to https://www.home-assistant.io/docs/ecosystem/nginx/, it seems that you need to enable WebSocket support. You may also have to adjust the config of HA. Quote Link to comment
Djoss Posted October 22, 2019 Author Share Posted October 22, 2019 14 hours ago, TDA said: Is there a way to implement fail2ban? If you have an instance already running (in another container for examle), you can configure it to point to NginxProxyManager's log files and it should work. Quote Link to comment
jj_uk Posted October 22, 2019 Share Posted October 22, 2019 This error is usually caused by an incorrect configuration of your proxy host. Make sure the forward host is properly set with the correct http scheme and port. According to https://www.home-assistant.io/docs/ecosystem/nginx/, it seems that you need to enable WebSocket support. You may also have to adjust the config of HA.Within the link posted, there is a nginx setup configuration. Is nginx already configured like this or do I need to change something? Quote Link to comment
Djoss Posted October 22, 2019 Author Share Posted October 22, 2019 4 hours ago, jj_uk said: 6 hours ago, Djoss said: This error is usually caused by an incorrect configuration of your proxy host. Make sure the forward host is properly set with the correct http scheme and port. According to https://www.home-assistant.io/docs/ecosystem/nginx/, it seems that you need to enable WebSocket support. You may also have to adjust the config of HA. Within the link posted, there is a nginx setup configuration. Is nginx already configured like this or do I need to change something? I think you don't need any advanced config. Make sure to enable WebSocket. Quote Link to comment
jj_uk Posted October 22, 2019 Share Posted October 22, 2019 3 hours ago, Djoss said: I think you don't need any advanced config. Make sure to enable WebSocket. I can't get this to work. I've tried all sorts of configuration in HA. Quote Link to comment
TDA Posted October 23, 2019 Share Posted October 23, 2019 23 hours ago, Djoss said: If you have an instance already running (in another container for examle), you can configure it to point to NginxProxyManager's log files and it should work. Unfortunately I haven't one, and apparently there isn't any standalone docker in UNRAID for fail2ban. Why is fail2ban not already implemented into NginxProxyManager? How would you suggest to protect against brute-force-attacks and so on? thx Quote Link to comment
duskofdawn Posted October 25, 2019 Share Posted October 25, 2019 (edited) I've got NPM up and running, and I've got it working with a host (jellyfin), however, when I enable/force SSL, it breaks. As soon as I disable SSL, it works again. I made sure to request a letsencrypt cert, and it seems to have been successful. It's behind a pfsense firewall, and any time port 80 appears, ports 443 and 81 appear with it (alias for web ports). Any suggestions/troubleshooting? EDIT: Nevermind. Working flawlessly now. Not sure if it was that particular computer I was using, dns cache or what. Thanks for this program, it's saved me a lot of headache. Edited October 26, 2019 by duskofdawn Quote Link to comment
swingline Posted October 27, 2019 Share Posted October 27, 2019 I recently started having issues with Bookstack container and NginxProxyManager giving "502 Bad Gateway" when accessing from the domain pointed at it. The Bookstack container is accessible for it IP on local network, restarting the NginxProxyManager fixes the issue for a few minutes then back to 502 Quote Link to comment
Djoss Posted October 28, 2019 Author Share Posted October 28, 2019 On 10/22/2019 at 4:18 PM, jj_uk said: I can't get this to work. I've tried all sorts of configuration in HA. I have installed Home Assistant from scratch and created an account. No other setting changed. I have the following proxy host that works: Scheme : http Forward host: unRAID IP address Port: 8123 WebSocket support : Enabled Quote Link to comment
Djoss Posted October 28, 2019 Author Share Posted October 28, 2019 On 10/23/2019 at 6:15 AM, TDA said: Unfortunately I haven't one, and apparently there isn't any standalone docker in UNRAID for fail2ban. Why is fail2ban not already implemented into NginxProxyManager? How would you suggest to protect against brute-force-attacks and so on? thx Because fail2ban play with iptables rules on the host, one cannot have multiple instances of iptables running. Thus, I feel that implementing fail2ban in this Docker container is not the right way to go, since fail2ban is potentially wanted by other containers as well. Nginx as some built-in protections. Maybe this is something you can look at: https://www.nginx.com/blog/mitigating-ddos-attacks-with-nginx-and-nginx-plus/ Quote Link to comment
Djoss Posted October 28, 2019 Author Share Posted October 28, 2019 9 hours ago, swingline said: I recently started having issues with Bookstack container and NginxProxyManager giving "502 Bad Gateway" when accessing from the domain pointed at it. The Bookstack container is accessible for it IP on local network, restarting the NginxProxyManager fixes the issue for a few minutes then back to 502 Do you have more details/log from the Bookstack container when the problem happens? Quote Link to comment
drawmonster Posted October 28, 2019 Share Posted October 28, 2019 Has anyone got Organizr Server Authentication working with NPM? https://docs.organizr.app/books/setup-features/page/serverauth Also, I'm coming from using the Letsencrypt container. For my wordpress site, I just dropped it's folder into the "www" directory to get it going. How does that work with NPM? Thanks. Quote Link to comment
jj_uk Posted October 28, 2019 Share Posted October 28, 2019 (edited) 18 hours ago, Djoss said: I have installed Home Assistant from scratch and created an account. No other setting changed. I have the following proxy host that works: Scheme : http Forward host: unRAID IP address Port: 8123 WebSocket support : Enabled "Scheme : http" This fixed it for me, i was using "https" for the scheme as it connects with ssl. Clearly I don't understand the difference. Thanks for your help! Edited October 28, 2019 by jj_uk Quote Link to comment
swingline Posted October 30, 2019 Share Posted October 30, 2019 On 10/28/2019 at 4:22 AM, Djoss said: Do you have more details/log from the Bookstack container when the problem happens? Thanks for the reply. Here is everything in the bookstack logs. [s6-init] making user provided files available at /var/run/s6/etc...exited 0. [s6-init] ensuring user provided files have correct perms...exited 0. [fix-attrs.d] applying ownership & permissions fixes... [fix-attrs.d] done. [cont-init.d] executing container initialization scripts... [cont-init.d] 10-adduser: executing... ------------------------------------- _ () | | ___ _ __ | | / __| | | / \ | | \__ \ | | | () | |_| |___/ |_| \__/ Brought to you by linuxserver.io We gratefully accept donations at: https://www.linuxserver.io/donate/ ------------------------------------- GID/UID ------------------------------------- User uid: 99 User gid: 100 ------------------------------------- [cont-init.d] 10-adduser: exited 0. [cont-init.d] 20-config: executing... [cont-init.d] 20-config: exited 0. [cont-init.d] 30-keygen: executing... using keys found in /config/keys [cont-init.d] 30-keygen: exited 0. [cont-init.d] 50-config: executing... App Key found - setting variable for seds Running config - db_user set /var/run/s6/etc/cont-init.d/50-config: line 63: warning: command substitution: ignored null byte in input /var/run/s6/etc/cont-init.d/50-config: line 63: warning: command substitution: ignored null byte in input Nothing to migrate. [cont-init.d] 50-config: exited 0. [cont-init.d] 99-custom-files: executing... [custom-init] no custom files found exiting... [cont-init.d] 99-custom-files: exited 0. [cont-init.d] done. [services.d] starting services [services.d] done. Quote Link to comment
duskofdawn Posted October 30, 2019 Share Posted October 30, 2019 SSL worked for about a day before breaking again. I'm not sure what I was doing that got it to work vs not work. I spun up a new VM, downloaded the example config, and after initial setup, created two hosts. They both point to the same server, one has SSL enabled with a letsencrypt certificate generated by NPM. The other is HTTP only. When I go to the SSL one (in CHrome), it throws up "Your connection is not private NTT::ERR_CERT_AUTHORITY_INVALID. The cert itself is from BMS. If I click advanced, and then proceed, I get ERR_EMPTY_RESPONSE. Quote Link to comment
WannabeMKII Posted November 5, 2019 Share Posted November 5, 2019 I had an issue with another Docker image, so carried out a restore and I'm now seeing the following error in the logs; [nginx] starting... nginx: [emerg] PEM_read_bio_X509_AUX("/etc/letsencrypt/live/npm-1/fullchain.pem") failed (SSL: error:0909006C:PEM routines:get_name:no start line:Expecting: TRUSTED CERTIFICATE) Any ideas? Quote Link to comment
Djoss Posted November 6, 2019 Author Share Posted November 6, 2019 On 10/30/2019 at 1:12 PM, swingline said: Thanks for the reply. Here is everything in the bookstack logs. [s6-init] making user provided files available at /var/run/s6/etc...exited 0. [s6-init] ensuring user provided files have correct perms...exited 0. [fix-attrs.d] applying ownership & permissions fixes... [fix-attrs.d] done. [cont-init.d] executing container initialization scripts... [cont-init.d] 10-adduser: executing... ------------------------------------- _ () | | ___ _ __ | | / __| | | / \ | | \__ \ | | | () | |_| |___/ |_| \__/ Brought to you by linuxserver.io We gratefully accept donations at: https://www.linuxserver.io/donate/ ------------------------------------- GID/UID ------------------------------------- User uid: 99 User gid: 100 ------------------------------------- [cont-init.d] 10-adduser: exited 0. [cont-init.d] 20-config: executing... [cont-init.d] 20-config: exited 0. [cont-init.d] 30-keygen: executing... using keys found in /config/keys [cont-init.d] 30-keygen: exited 0. [cont-init.d] 50-config: executing... App Key found - setting variable for seds Running config - db_user set /var/run/s6/etc/cont-init.d/50-config: line 63: warning: command substitution: ignored null byte in input /var/run/s6/etc/cont-init.d/50-config: line 63: warning: command substitution: ignored null byte in input Nothing to migrate. [cont-init.d] 50-config: exited 0. [cont-init.d] 99-custom-files: executing... [custom-init] no custom files found exiting... [cont-init.d] 99-custom-files: exited 0. [cont-init.d] done. [services.d] starting services [services.d] done. I would also check the log for your proxy host under /mnt/user/appdata/NginxProxyManager/log/nginx/ to see if you can get more details. Do you have the issue only when you access the domain name from your own network? Quote Link to comment
Djoss Posted November 6, 2019 Author Share Posted November 6, 2019 On 10/30/2019 at 5:28 PM, duskofdawn said: SSL worked for about a day before breaking again. I'm not sure what I was doing that got it to work vs not work. I spun up a new VM, downloaded the example config, and after initial setup, created two hosts. They both point to the same server, one has SSL enabled with a letsencrypt certificate generated by NPM. The other is HTTP only. When I go to the SSL one (in CHrome), it throws up "Your connection is not private NTT::ERR_CERT_AUTHORITY_INVALID. The cert itself is from BMS. If I click advanced, and then proceed, I get ERR_EMPTY_RESPONSE. If the certificate is not from Letsencrypt, then you are probably not reaching the container... or are you using a DNS service that could interfer? Quote Link to comment
Djoss Posted November 6, 2019 Author Share Posted November 6, 2019 16 hours ago, WannabeMKII said: I had an issue with another Docker image, so carried out a restore and I'm now seeing the following error in the logs; [nginx] starting... nginx: [emerg] PEM_read_bio_X509_AUX("/etc/letsencrypt/live/npm-1/fullchain.pem") failed (SSL: error:0909006C:PEM routines:get_name:no start line:Expecting: TRUSTED CERTIFICATE) Any ideas? Looks like a certificate is corrupted.... You can check if you can read the certificate at /mnt/user/appdata/NginxProxyManager/letsencrypt/live/npm-1/fullchain.pem. Quote Link to comment
WannabeMKII Posted November 6, 2019 Share Posted November 6, 2019 9 hours ago, Djoss said: Looks like a certificate is corrupted.... You can check if you can read the certificate at /mnt/user/appdata/NginxProxyManager/letsencrypt/live/npm-1/fullchain.pem. Stupid question, but how would I test I can read it? Krusader is reporting the file as 0 bytes in size? Also, if I go into the webgui and try to edit one of the hosts and hit save, it comes back with a 'Internal Error'? Does any of that help? Quote Link to comment
swingline Posted November 6, 2019 Share Posted November 6, 2019 16 hours ago, Djoss said: I would also check the log for your proxy host under /mnt/user/appdata/NginxProxyManager/log/nginx/ to see if you can get more details. Do you have the issue only when you access the domain name from your own network? I have issues from all networks when accessing from domain. I have NAT refection turned on my firewall and all other domains I have are working. The container is accessible from its IP address. Below is a log excerpt from when it stops working. It never recovers unless I restart the NginxProxyManger container then fails after i close my session with the bookstack. [02/Nov/2019:21:11:22 +0400] - 502 502 - GET https wiki.domain.pw "/" [Client 10.0.0.1] [Length 166] [Gzip -] [Sent-to 10.0.0.64] "Mozilla/5.0 (X11; Fedora; Linux x86_64; rv:70.0) Gecko/20100101 Firefox/70.0" "http://10.0.0.77:8181/nginx/proxy" [06/Nov/2019:23:10:18 +0400] - 502 502 - GET https wiki.domain.pw "/" [Client 10.0.0.1] [Length 166] [Gzip -] [Sent-to 10.0.0.64] "Mozilla/5.0 (X11; Fedora; Linux x86_64; rv:70.0) Gecko/20100101 Firefox/70.0" "-" Quote Link to comment
cagemaster Posted November 6, 2019 Share Posted November 6, 2019 Can someone help me getting custom locations to work? I want mydomain.com to link to 192.168.0.118:4001 (which it does). And then i want mydomain.com/radarr to link to 192.168.0.118:7878. So i added a custom location for for mydomain.com like so: /radarr http 192.168.0.118 7878 But it doesn't work. Why? Thanks! Quote Link to comment
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.