[Support] Djoss - Nginx Proxy Manager


Djoss

Recommended Posts

8 hours ago, cagemaster said:

Can someone help me getting custom locations to work? I want mydomain.com to link to 192.168.0.118:4001 (which it does). And then i want mydomain.com/radarr to link to 192.168.0.118:7878. So i added a custom location for for mydomain.com like so:


/radarr

http 192.168.0.118 7878

But it doesn't work. Why?

Thanks!

if you take a look here it seems radarr needs some special parameters in subfolder

 

https://github.com/linuxserver/reverse-proxy-confs/blob/master/radarr.subfolder.conf.sample

 

may try inserting some of those parts ... i dont use radarr so cant tell for sure

Link to comment
21 hours ago, WannabeMKII said:

Stupid question, but how would I test I can read it?

 

Krusader is reporting the file as 0 bytes in size?

 

Also, if I go into the webgui and try to edit one of the hosts and hit save, it comes back with a 'Internal Error'? 

 

Does any of that help?

Alternatively, is there a way I can create a new one?

Link to comment
On 11/5/2019 at 8:50 PM, Djoss said:

If the certificate is not from Letsencrypt, then you are probably not reaching the container... or are you using a DNS service that could interfer?

Certificate was created in Letsencrypt through NPM, DNS isn't proxied, just Google domains DNS, wildcard record pointing to IP, updated through dynamic DNS (different server, same network). I know that it works because I've got a second proxy host set to route unsecure to the same server, and that one works. It's just when adding the SSL.

Link to comment

Hi All Sorry to sound like complete numpty however there are a couple of things I need to ask.

 Firstly I clicked on the Docker kindly created and put in Community Apps it down loaded. However every guide I read appears to say I have to create a MySQL database but when check I checked my app data folder it appears to have created one

 

Secondly is there a numpty guide to how to use GUI in Unraid .  I would like to use this to run a reverse proxy for my Nextcloud setup.

 

Sorry for stupid sounding questions 

 

Martintheshred

Link to comment
On 11/6/2019 at 2:21 PM, swingline said:

I have issues from all networks when accessing from domain. I have NAT refection turned on my firewall and all other domains I have are working. The container is accessible from its IP address. Below is a log excerpt from when it stops working. It never recovers unless I restart the NginxProxyManger container then fails after i close my session with the bookstack.

 


[02/Nov/2019:21:11:22 +0400] - 502 502 - GET https wiki.domain.pw "/" [Client 10.0.0.1] [Length 166] [Gzip -] [Sent-to 10.0.0.64] "Mozilla/5.0 (X11; Fedora; Linux x86_64; rv:70.0) Gecko/20100101 Firefox/70.0" "http://10.0.0.77:8181/nginx/proxy"

 


[06/Nov/2019:23:10:18 +0400] - 502 502 - GET https wiki.domain.pw "/" [Client 10.0.0.1] [Length 166] [Gzip -] [Sent-to 10.0.0.64] "Mozilla/5.0 (X11; Fedora; Linux x86_64; rv:70.0) Gecko/20100101 Firefox/70.0" "-"

 

I guess you set the proxy url in the container settings?  Also, since it seems to be an issue with bootstack not running properly behind a reverse proxy, maybe you could have better luck by seeking help from the app's support thread?

Link to comment
22 hours ago, duskofdawn said:

Certificate was created in Letsencrypt through NPM, DNS isn't proxied, just Google domains DNS, wildcard record pointing to IP, updated through dynamic DNS (different server, same network). I know that it works because I've got a second proxy host set to route unsecure to the same server, and that one works. It's just when adding the SSL.

To confirm that you get the right certificates, run the following command:

docker exec NginxProxyManager sh -c 'openssl s_client -connect <DNS NAME>:443 -showcerts </dev/null'

 

And to verify the container resolves to the correct IP:

docker exec NginxProxyManager nslookup <DNS NAME>

 

Link to comment
16 hours ago, Martintheshred said:

Hi All Sorry to sound like complete numpty however there are a couple of things I need to ask.

 Firstly I clicked on the Docker kindly created and put in Community Apps it down loaded. However every guide I read appears to say I have to create a MySQL database but when check I checked my app data folder it appears to have created one

 

Secondly is there a numpty guide to how to use GUI in Unraid .  I would like to use this to run a reverse proxy for my Nextcloud setup.

 

Sorry for stupid sounding questions 

 

Martintheshred

The guide you read is probably not for this container, as like you said, you don't need an external database.

 

Which GUI you are talking about?  The GUI of unRAID itself or NginxProxyManager?

Link to comment
4 hours ago, Djoss said:

The guide you read is probably not for this container, as like you said, you don't need an external database.

 

Which GUI you are talking about?  The GUI of unRAID itself or NginxProxyManager?

Hi Djoss firstly thanks for setting this container up and getting back to me on this I apologise for not getting to you sooner I have been out all day the GUI I was asking about was for your Great NginxProxyManager

 

cheers 

  Martinteshred (newbi numpty)

Link to comment

Good evening Dev and All -

 

I've been able to get NPM up and running with little to knowledge of nginx or reverse proxy.

 

I do have one question wrt (with reference to) Unifi Video docker.  I spent the last day and a half trying to figure out (reading and experimenting) the missing magical setting to make this work.  And what I mean by working is, getting Live Stream to work.  

 

I've been able to get the main page working, to include LE ssl certificates.  Slightly shocked how easy that was, but when you go to watch a video feed, the Live Stream doesn't work.  Here are the settings that have either been populated or enabled.  Nothing else has been selected or enabled.

 

- Scheme = http

- Forward Hostname / IP = 192.168.160.200

- Forward Port = 7080

- Websockets Support = enabled

- SSL Certificate = yes, LE certs

- HTTP/2 Support = enabled

 

I've seen many nginx configs that say they work, but not familiar enough to adopt or adapt the settings into NPM.

 

Would anyone happen to have any insight into how to get the Live Stream to work?  Thanks in advance.

 

Dev - Thank you for designing something for the somewhat inexperienced user(s).

Link to comment
On 11/8/2019 at 5:33 PM, WannabeMKII said:

Thanks for coming back. I've just deleted one of the SSL certificates and tried to re-create it and it came back with an 'internal error'?

 

What else can I try?

Quick update as I've managed to get it back up and running.

 

Basically, I removed the container along with the appdata folder and started again. On starting again from scratch, everything is now back up and running!


Many thanks for the help offered, appreciated!

Link to comment

Can this implementation of Letsencrypt be used to manage certs for external (outside of the home LAN) websites? 

 

Use case, I have a few domains hosted externally with a webhost who makes it difficult to get letsencrypt going.  They prefer to sell you a cert.  If there was a way to issue and renew the certs for these external sites from this docker it would be great.

 

I did look at https://sslforfree.com for the external sites.  That works fine but there is no auto-renewal facility.

Link to comment
On 11/8/2019 at 7:40 AM, Djoss said:

To confirm that you get the right certificates, run the following command:


docker exec NginxProxyManager sh -c 'openssl s_client -connect <DNS NAME>:443 -showcerts </dev/null'

 

And to verify the container resolves to the correct IP:


docker exec NginxProxyManager nslookup <DNS NAME>

 

First command returns the following:

140695964602432:error:0200206E:system library:connect:COnnection timed out:../crypto/bio/b_sock2.c:108:
140695964602432:error:200BA077:BIO routines:BIO_connect:connect error:../crypto/bio/b_sock2.c:109:

 

Second command returns the following:

OCI runtime exec failed: exec failed: container_linux.go:346: starting container process called "exec: \"nslookup\": executable file not found in $PATH": unknown.

 

I'm using the standard config files from the github.

Link to comment
On 11/8/2019 at 1:27 PM, Martintheshred said:

Hi Djoss firstly thanks for setting this container up and getting back to me on this I apologise for not getting to you sooner I have been out all day the GUI I was asking about was for your Great NginxProxyManager

 

cheers 

  Martinteshred (newbi numpty)

Unfortunately I'm not aware of a guide for NginxProxyManager...

Link to comment
On 11/11/2019 at 3:09 PM, debit lagos said:

Good evening Dev and All -

 

I've been able to get NPM up and running with little to knowledge of nginx or reverse proxy.

 

I do have one question wrt (with reference to) Unifi Video docker.  I spent the last day and a half trying to figure out (reading and experimenting) the missing magical setting to make this work.  And what I mean by working is, getting Live Stream to work.  

 

I've been able to get the main page working, to include LE ssl certificates.  Slightly shocked how easy that was, but when you go to watch a video feed, the Live Stream doesn't work.  Here are the settings that have either been populated or enabled.  Nothing else has been selected or enabled.

 

- Scheme = http

- Forward Hostname / IP = 192.168.160.200

- Forward Port = 7080

- Websockets Support = enabled

- SSL Certificate = yes, LE certs

- HTTP/2 Support = enabled

 

I've seen many nginx configs that say they work, but not familiar enough to adopt or adapt the settings into NPM.

 

Would anyone happen to have any insight into how to get the Live Stream to work?  Thanks in advance.

 

Dev - Thank you for designing something for the somewhat inexperienced user(s).

Can you provide an example of a working Nginx config?

Link to comment
On 11/12/2019 at 8:14 PM, dalben said:

Can this implementation of Letsencrypt be used to manage certs for external (outside of the home LAN) websites? 

 

Use case, I have a few domains hosted externally with a webhost who makes it difficult to get letsencrypt going.  They prefer to sell you a cert.  If there was a way to issue and renew the certs for these external sites from this docker it would be great.

 

I did look at https://sslforfree.com for the external sites.  That works fine but there is no auto-renewal facility.

The most automatic way to do this would be to create a proxy host and configure the "Forward Hostname/IP" to your external site.

 

Else, NginxProxyManager doesn't have any facility to automatically export or install the generated certificates to a remote server.

Link to comment
On 11/13/2019 at 3:15 AM, Nowjon said:

Hey Djoss, 

 

Is there any plans to add DNS validation like the LetsEncrypt docker has? 

Thanks!

I'm the author if the container, but not the author of NginxProxyManager itself...  However I see that some work has been done for DNS validation (https://github.com/jc21/nginx-proxy-manager/pull/85/files), but the support is incomplete:  it seems that you would need to manually update your DNS provider for the validation to work...

Link to comment
On 11/13/2019 at 4:13 PM, duskofdawn said:

First command returns the following:

140695964602432:error:0200206E:system library:connect:COnnection timed out:../crypto/bio/b_sock2.c:108:
140695964602432:error:200BA077:BIO routines:BIO_connect:connect error:../crypto/bio/b_sock2.c:109:

 

Second command returns the following:

OCI runtime exec failed: exec failed: container_linux.go:346: starting container process called "exec: \"nslookup\": executable file not found in $PATH": unknown.

 

I'm using the standard config files from the github.

Which config files are you talking about?

Link to comment

During the setup of a new proxy host, I created several invalid certificates for the domain, e..g xxxx.domain.com because the DNS entries on my domain had not propagated when I tried to create the certs. (takes 24-48 hrs apparently), so i think this is why cert creation failed.

 

3 days later, I've now sucessfully created my proxy host in proxy manager, selecting "create  a new cert" when adding it.

 

Can the old expired certs be removed from the list of certs? I have quite a few now that are expired from previous failed setups.

 

 

 

Link to comment
On 11/15/2019 at 7:50 PM, Djoss said:

Can you provide an example of a working Nginx config?

# ------------------------------------------------------------
# uvc.?????.com
# ------------------------------------------------------------

server {
  set $forward_scheme https;
  set $server         "?????";
  set $port           7443;

  listen 8080;
listen 4443 ssl http2;

  server_name uvc.?????.com;

  # Let's Encrypt SSL
  include conf.d/include/letsencrypt-acme-challenge.conf;
  include conf.d/include/ssl-ciphers.conf;
  ssl_certificate /etc/letsencrypt/live/npm-7/fullchain.pem;
  ssl_certificate_key /etc/letsencrypt/live/npm-7/privkey.pem;

  access_log /data/logs/proxy_host-6.log proxy;

  location / {

    # Force SSL
    include conf.d/include/force-ssl.conf;

    proxy_set_header Upgrade $http_upgrade;
    proxy_set_header Connection "upgrade";
    proxy_http_version 1.1;
  
    # Proxy!
    include conf.d/include/proxy.conf;
  }

  # Custom
  include /data/nginx/custom/server_proxy[.]conf;
}

Here is my config file. 

- Scheme = https
- Forward Hostname / IP = 192.168.160.200
- Forward Port = 7443
- Websockets Support = enabled
- SSL Certificate = yes, LE certs
- HTTP/2 Support = enabled

With the information from my last post (above), I think this should hopefully paint the picture.

 

Like I said before, I'm able to get to the site, login in, see all my cameras, but once you go to live view, I get the message, "Unable to load (camera name) live stream.

 

Thanks in advance for your time and assistance.  Let me know if you need more information.

Link to comment

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.

Guest
Reply to this topic...

×   Pasted as rich text.   Restore formatting

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.