[Support] Djoss - Nginx Proxy Manager


Djoss

Recommended Posts

Am I missing something very obvious? I am unable to start the docker after installing it. I get the following error in the log of the docker:

[s6-init] making user provided files available at /var/run/s6/etc...exited 0.
[s6-init] ensuring user provided files have correct perms...exited 0.
[fix-attrs.d] applying ownership & permissions fixes...
[fix-attrs.d] done.
[cont-init.d] executing container initialization scripts...
[cont-init.d] 00-app-niceness.sh: executing...
[cont-init.d] 00-app-niceness.sh: exited 0.
[cont-init.d] 00-app-script.sh: executing...
[cont-init.d] 00-app-script.sh: exited 0.
[cont-init.d] 00-app-user-map.sh: executing...
[cont-init.d] 00-app-user-map.sh: exited 0.
[cont-init.d] 00-clean-logmonitor-states.sh: executing...
[cont-init.d] 00-clean-logmonitor-states.sh: exited 0.
[cont-init.d] 00-clean-tmp-dir.sh: executing...
[cont-init.d] 00-clean-tmp-dir.sh: exited 0.
[cont-init.d] 00-set-app-deps.sh: executing...
[cont-init.d] 00-set-app-deps.sh: exited 0.
[cont-init.d] 00-set-home.sh: executing...
[cont-init.d] 00-set-home.sh: exited 0.
[cont-init.d] 00-take-config-ownership.sh: executing...
[cont-init.d] 00-take-config-ownership.sh: exited 0.
[cont-init.d] 00-xdg-runtime-dir.sh: executing...
[cont-init.d] 00-xdg-runtime-dir.sh: exited 0.
[cont-init.d] nginx-proxy-manager.sh: executing...
[cont-init.d] nginx-proxy-manager.sh: Starting database...
[mysqld] starting...
2019-11-19 0:44:32 0 [Note] /usr/bin/mysqld (mysqld 10.3.17-MariaDB) starting as process 360 ...
2019-11-19 0:44:32 0 [Note] InnoDB: Using Linux native AIO
2019-11-19 0:44:32 0 [Note] InnoDB: Mutexes and rw_locks use GCC atomic builtins
2019-11-19 0:44:32 0 [Note] InnoDB: Uses event mutexes
2019-11-19 0:44:32 0 [Note] InnoDB: Compressed tables use zlib 1.2.11
2019-11-19 0:44:32 0 [Note] InnoDB: Number of pools: 1
2019-11-19 0:44:32 0 [Note] InnoDB: Using SSE2 crc32 instructions
2019-11-19 0:44:32 0 [Note] InnoDB: Initializing buffer pool, total size = 128M, instances = 1, chunk size = 128M
2019-11-19 0:44:32 0 [Note] InnoDB: Completed initialization of buffer pool
2019-11-19 0:44:32 0 [Note] InnoDB: If the mysqld execution user is authorized, page cleaner thread priority can be changed. See the man page of setpriority().
2019-11-19 0:44:32 0 [Note] InnoDB: 128 out of 128 rollback segments are active.
2019-11-19 0:44:32 0 [Note] InnoDB: Creating shared tablespace for temporary tables
2019-11-19 0:44:32 0 [Note] InnoDB: Setting file './ibtmp1' size to 12 MB. Physically writing the file full; Please wait ...
2019-11-19 0:44:32 0 [Note] InnoDB: File './ibtmp1' size is now 12 MB.
2019-11-19 0:44:32 0 [Note] InnoDB: 10.3.17 started; log sequence number 1603986; transaction id 9
2019-11-19 0:44:32 0 [Note] InnoDB: Loading buffer pool(s) from /config/mysql/ib_buffer_pool
2019-11-19 0:44:32 0 [Note] InnoDB: Buffer pool(s) load completed at 191119 0:44:32
2019-11-19 0:44:32 0 [Note] Plugin 'FEEDBACK' is disabled.
2019-11-19 0:44:32 0 [ERROR] Could not open mysql.plugin table. Some plugins may be not loaded

2019-11-19 0:44:32 0 [Note] Recovering after a crash using tc.log
2019-11-19 0:44:32 0 [ERROR] Can't init tc log

2019-11-19 0:44:32 0 [ERROR] Aborting


[cont-init.d] nginx-proxy-manager.sh: ERROR: Failed to start the database.

[cont-init.d] nginx-proxy-manager.sh: exited 1.
[services.d] stopping services
[services.d] stopping s6-fdholderd...
[cont-finish.d] executing container finish scripts...
[cont-finish.d] done.
[s6-finish] syncing disks.
[s6-finish] sending all processes the TERM signal.
[cont-init.d] nginx-proxy-manager.sh: ERROR: Failed to start the database.

[cont-init.d] nginx-proxy-manager.sh: exited 1.
[services.d] stopping services
[services.d] stopping s6-fdholderd...
[cont-finish.d] executing container finish scripts...
[cont-finish.d] done.
[s6-finish] syncing disks.
[s6-finish] sending all processes the TERM signal.
[s6-finish] sending all processes the KILL signal and exiting.

and here is my docker settings:

image.thumb.png.ae3913fa4d3fcfd5935358f983df01ac.png

 

Any help would be appreciated.

Link to comment

Hi there,

 

is this Docker updated with the latest Nginx fixes?

 

See: 

https://nvd.nist.gov/vuln/detail/CVE-2019-11043

https://nextcloud.com/blog/urgent-security-issue-in-nginx-php-fpm/

 

The Linuxserver.io Nextcloud docker has been updated in october, but I cannot find any info about this Docker.

--> https://blog.linuxserver.io/2019/10/26/psa-nextcloud/

 

There are already exploits available so I´m a bit nervous.
(Sorry, article in german: https://www.heise.de/security/meldung/Ransomware-NextCry-greift-Nextcloud-Server-an-4588421.html)

 

Thank you in advance

Edited by Hugo
Link to comment
On 11/18/2019 at 8:16 AM, debit lagos said:

# ------------------------------------------------------------
# uvc.?????.com
# ------------------------------------------------------------

server {
  set $forward_scheme https;
  set $server         "?????";
  set $port           7443;

  listen 8080;
listen 4443 ssl http2;

  server_name uvc.?????.com;

  # Let's Encrypt SSL
  include conf.d/include/letsencrypt-acme-challenge.conf;
  include conf.d/include/ssl-ciphers.conf;
  ssl_certificate /etc/letsencrypt/live/npm-7/fullchain.pem;
  ssl_certificate_key /etc/letsencrypt/live/npm-7/privkey.pem;

  access_log /data/logs/proxy_host-6.log proxy;

  location / {

    # Force SSL
    include conf.d/include/force-ssl.conf;

    proxy_set_header Upgrade $http_upgrade;
    proxy_set_header Connection "upgrade";
    proxy_http_version 1.1;
  
    # Proxy!
    include conf.d/include/proxy.conf;
  }

  # Custom
  include /data/nginx/custom/server_proxy[.]conf;
}

Here is my config file. 


- Scheme = https
- Forward Hostname / IP = 192.168.160.200
- Forward Port = 7443
- Websockets Support = enabled
- SSL Certificate = yes, LE certs
- HTTP/2 Support = enabled

With the information from my last post (above), I think this should hopefully paint the picture.

 

Like I said before, I'm able to get to the site, login in, see all my cameras, but once you go to live view, I get the message, "Unable to load (camera name) live stream.

 

Thanks in advance for your time and assistance.  Let me know if you need more information.

 

You previously said that you saw many Nginx configs that should work.  Can you provide an example of one of these?  We can try to "convert" it to NginxProxyManager.

Link to comment
21 hours ago, Eggman1414 said:

Am I missing something very obvious? I am unable to start the docker after installing it. I get the following error in the log of the docker:


[s6-init] making user provided files available at /var/run/s6/etc...exited 0.
[s6-init] ensuring user provided files have correct perms...exited 0.
[fix-attrs.d] applying ownership & permissions fixes...
[fix-attrs.d] done.
[cont-init.d] executing container initialization scripts...
[cont-init.d] 00-app-niceness.sh: executing...
[cont-init.d] 00-app-niceness.sh: exited 0.
[cont-init.d] 00-app-script.sh: executing...
[cont-init.d] 00-app-script.sh: exited 0.
[cont-init.d] 00-app-user-map.sh: executing...
[cont-init.d] 00-app-user-map.sh: exited 0.
[cont-init.d] 00-clean-logmonitor-states.sh: executing...
[cont-init.d] 00-clean-logmonitor-states.sh: exited 0.
[cont-init.d] 00-clean-tmp-dir.sh: executing...
[cont-init.d] 00-clean-tmp-dir.sh: exited 0.
[cont-init.d] 00-set-app-deps.sh: executing...
[cont-init.d] 00-set-app-deps.sh: exited 0.
[cont-init.d] 00-set-home.sh: executing...
[cont-init.d] 00-set-home.sh: exited 0.
[cont-init.d] 00-take-config-ownership.sh: executing...
[cont-init.d] 00-take-config-ownership.sh: exited 0.
[cont-init.d] 00-xdg-runtime-dir.sh: executing...
[cont-init.d] 00-xdg-runtime-dir.sh: exited 0.
[cont-init.d] nginx-proxy-manager.sh: executing...
[cont-init.d] nginx-proxy-manager.sh: Starting database...
[mysqld] starting...
2019-11-19 0:44:32 0 [Note] /usr/bin/mysqld (mysqld 10.3.17-MariaDB) starting as process 360 ...
2019-11-19 0:44:32 0 [Note] InnoDB: Using Linux native AIO
2019-11-19 0:44:32 0 [Note] InnoDB: Mutexes and rw_locks use GCC atomic builtins
2019-11-19 0:44:32 0 [Note] InnoDB: Uses event mutexes
2019-11-19 0:44:32 0 [Note] InnoDB: Compressed tables use zlib 1.2.11
2019-11-19 0:44:32 0 [Note] InnoDB: Number of pools: 1
2019-11-19 0:44:32 0 [Note] InnoDB: Using SSE2 crc32 instructions
2019-11-19 0:44:32 0 [Note] InnoDB: Initializing buffer pool, total size = 128M, instances = 1, chunk size = 128M
2019-11-19 0:44:32 0 [Note] InnoDB: Completed initialization of buffer pool
2019-11-19 0:44:32 0 [Note] InnoDB: If the mysqld execution user is authorized, page cleaner thread priority can be changed. See the man page of setpriority().
2019-11-19 0:44:32 0 [Note] InnoDB: 128 out of 128 rollback segments are active.
2019-11-19 0:44:32 0 [Note] InnoDB: Creating shared tablespace for temporary tables
2019-11-19 0:44:32 0 [Note] InnoDB: Setting file './ibtmp1' size to 12 MB. Physically writing the file full; Please wait ...
2019-11-19 0:44:32 0 [Note] InnoDB: File './ibtmp1' size is now 12 MB.
2019-11-19 0:44:32 0 [Note] InnoDB: 10.3.17 started; log sequence number 1603986; transaction id 9
2019-11-19 0:44:32 0 [Note] InnoDB: Loading buffer pool(s) from /config/mysql/ib_buffer_pool
2019-11-19 0:44:32 0 [Note] InnoDB: Buffer pool(s) load completed at 191119 0:44:32
2019-11-19 0:44:32 0 [Note] Plugin 'FEEDBACK' is disabled.
2019-11-19 0:44:32 0 [ERROR] Could not open mysql.plugin table. Some plugins may be not loaded

2019-11-19 0:44:32 0 [Note] Recovering after a crash using tc.log
2019-11-19 0:44:32 0 [ERROR] Can't init tc log

2019-11-19 0:44:32 0 [ERROR] Aborting


[cont-init.d] nginx-proxy-manager.sh: ERROR: Failed to start the database.

[cont-init.d] nginx-proxy-manager.sh: exited 1.
[services.d] stopping services
[services.d] stopping s6-fdholderd...
[cont-finish.d] executing container finish scripts...
[cont-finish.d] done.
[s6-finish] syncing disks.
[s6-finish] sending all processes the TERM signal.
[cont-init.d] nginx-proxy-manager.sh: ERROR: Failed to start the database.

[cont-init.d] nginx-proxy-manager.sh: exited 1.
[services.d] stopping services
[services.d] stopping s6-fdholderd...
[cont-finish.d] executing container finish scripts...
[cont-finish.d] done.
[s6-finish] syncing disks.
[s6-finish] sending all processes the TERM signal.
[s6-finish] sending all processes the KILL signal and exiting.

and here is my docker settings:

image.thumb.png.ae3913fa4d3fcfd5935358f983df01ac.png

 

Any help would be appreciated.

Is it the first time you run the container?

Link to comment
12 hours ago, Hugo said:

Hi there,

 

is this Docker updated with the latest Nginx fixes?

 

See: 

https://nvd.nist.gov/vuln/detail/CVE-2019-11043

https://nextcloud.com/blog/urgent-security-issue-in-nginx-php-fpm/

 

The Linuxserver.io Nextcloud docker has been updated in october, but I cannot find any info about this Docker.

--> https://blog.linuxserver.io/2019/10/26/psa-nextcloud/

 

There are already exploits available so I´m a bit nervous.
(Sorry, article in german: https://www.heise.de/security/meldung/Ransomware-NextCry-greift-Nextcloud-Server-an-4588421.html)

 

Thank you in advance

This vulnerability is for php, which is not used in this container.

Link to comment
52 minutes ago, Micaiah12 said:

Anyone having luck with Plex?

I have the below settings.

And I am getting 502 bad gateway error.

 

 

 

 

image.png

image.png

image.png

Just tested it and works fine here.  Set up same as yours.  Does redirect eventually to app.plex.tv though so not sure what you're really achieving having it set this way.

Link to comment
On 11/20/2019 at 2:20 PM, Galileo said:

One of the latest updates to the unraid docker won't let me login to the web interface. It says that I must have a username in the format of an email address but the original user I had was "admin". How can I fix this, so that I can login? Thanks!

 

If you kept the default user, you should login with [email protected]

Link to comment
  • 2 weeks later...

Has someone find a solution for these nextcloud error?

 

"The "X-Frame-Options" HTTP header is not set to "SAMEORIGIN". This is a potential security or privacy risk, as it is recommended to adjust this setting accordingly."

 

I found nothing which is working.

 

I added the env variable but this was not fixing my problem.

 

Hopefully someone has managed it :)

Link to comment

First, Thanks for this wonderful application. Its very simple and clean. If i could get it to work I would be very happy :D .

 

I want to start off saying i'm having issues, and i'm not sure what to troubleshoot.

Issue: browsing to domains i get "502 Bad Gateway nginx"

 

Setup:
DuckDNS - Domains, filegardenspeed, spencer-webserver, 

NGINX Proxy Manager - Bridged

 

Containers:

Webserver - spencer-webserver.duckdns.org 

Speedtest - filegardenspeed.duckdns.org

 

Router: Pfsense

Forward Port 443 to 18443 (Nat+Proxy)

Forward Port 80 to 1880 (Nat+Proxy)

 

error.log

https://pastebin.com/raw/qZJRh1AK

 

ProxyManager Settings

https://imgur.com/uV377VS

https://imgur.com/NRw8ES5

 

Any advice is helpful

 

Update: If i change the proxy host from hostname to bridged IP : 172.17.0.7:80 the page loads. Which is fine..

But i'd then have to set it statically?

This seems like a docker issue with DNS resolution?

I have the exact same problem when using letsencrypt container, but idk how to fix..

Edited by mspencerl87
Link to comment
On 12/11/2019 at 10:34 AM, mspencerl87 said:

First, Thanks for this wonderful application. Its very simple and clean. If i could get it to work I would be very happy :D .

 

I want to start off saying i'm having issues, and i'm not sure what to troubleshoot.

Issue: browsing to domains i get "502 Bad Gateway nginx"

 

Setup:
DuckDNS - Domains, filegardenspeed, spencer-webserver, 

NGINX Proxy Manager - Bridged

 

Containers:

Webserver - spencer-webserver.duckdns.org 

Speedtest - filegardenspeed.duckdns.org

 

Router: Pfsense

Forward Port 443 to 18443 (Nat+Proxy)

Forward Port 80 to 1880 (Nat+Proxy)

 

error.log

https://pastebin.com/raw/qZJRh1AK

 

ProxyManager Settings

https://imgur.com/uV377VS

https://imgur.com/NRw8ES5

 

Any advice is helpful

 

Update: If i change the proxy host from hostname to bridged IP : 172.17.0.7:80 the page loads. Which is fine..

But i'd then have to set it statically?

This seems like a docker issue with DNS resolution?

I have the exact same problem when using letsencrypt container, but idk how to fix..

Which "Network Type" are you using for your containers?

A quick search on this issue seems to show that people have some success when using a FQDN instead of just the hostname.

Link to comment
On 12/13/2019 at 3:24 AM, Djoss said:

You mean the the HTTP header still has the wrong value?  Did you correctly set the variable ?  It should be X_FRAME_OPTIONS with value sameorigin.

This is my docker compose file  

 

  nginx-proxy-manager_all:
        container_name: Proxy-Manager-All
        image: jlesage/nginx-proxy-manager
        ports:
            - "8181:8181"
            - "8080:8080"
            - "4443:4443"
        environment:
            - X_FRAME_OPTIONS=sameorigin
            - TZ=Europe/Berlin
            - USER_ID=99
            - GROUP_ID=100
        volumes:
            - /mnt/user/XXX/nginx-proxy-manager:/config
        networks:
            internal:
                ipv4_address: 172.X.X.7
            br0:
                ipv4_address: 192.X.X.6
        restart: always

 

Link to comment
9 hours ago, cagemaster said:

I have a domain name with special characters "åäö" and i'm getting redirected to the the default 404 screen. How can i make NPM work with åäö in the domain name? I've tried 


server_name mydomainöäå.se

But i don't think that's it. 

I guess you need to use the encoded form?

http://idna-converter.com

https://en.wikipedia.org/wiki/Internationalized_domain_name

Link to comment
1 hour ago, Karatekid said:

This is my docker compose file  

 

  nginx-proxy-manager_all:
        container_name: Proxy-Manager-All
        image: jlesage/nginx-proxy-manager
        ports:
            - "8181:8181"
            - "8080:8080"
            - "4443:4443"
        environment:
            - X_FRAME_OPTIONS=sameorigin
            - TZ=Europe/Berlin
            - USER_ID=99
            - GROUP_ID=100
        volumes:
            - /mnt/user/XXX/nginx-proxy-manager:/config
        networks:
            internal:
                ipv4_address: 172.X.X.7
            br0:
                ipv4_address: 192.X.X.6
        restart: always

 

I forgot that the X_FRAME_OPTIONS variable if for the web interface if NginxProxyManager itself...

 

Did you try to add the following under the Advanced tab of your proxy host?

 

add_header X-Frame-Options "SAMEORIGIN";

 

Link to comment
On 12/16/2019 at 1:12 AM, Djoss said:

I forgot that the X_FRAME_OPTIONS variable if for the web interface if NginxProxyManager itself...

 

Did you try to add the following under the Advanced tab of your proxy host?

 


add_header X-Frame-Options "SAMEORIGIN";

 

Nextcloud reported that the X-Frame-Option is not configured as "sameorigin".

Is there a way to check debug this? Maybe there is a wrong Nextcloud setting.

Link to comment

Hello,

I've encountered a strange problem suddenly.
Requesting new certificates isn't working anymore.

From what I saw in the Docker log:
"Warning command failed: /user/bin/certbot renew -n --force-renewal -disable-hook-validation --cert-name "npm-21"

No certificate found with name npm-21 (expected /etc/letsencrypt/renewal/npm-21.conf)

 

EDIT:
I've tried it again deleting the failed SSL and now I see following in the log:

Failed authorization procedure. xxx.xxx.yyy (http-01) urn:ietf:params:acme:error:unauthorized :: The Client lacks sufficient authorization :: the key authorization file from the server did not match this challange

 

Yesterday was working without problems.

 

EDIT: Resolved, problem was (strange but true), related to my IPV6 DNS.

I've removed it (since for the moment I don't need it ... but still...) and now it's working again.

Probably there is something wrong in the request when IPV6 is configured on your DNS...

Edited by TDA
Link to comment

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.

Guest
Reply to this topic...

×   Pasted as rich text.   Restore formatting

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.