Djoss Posted January 21, 2020 Author Share Posted January 21, 2020 On 1/18/2020 at 11:49 PM, Iceman24 said: Is there a way to add a proxy host, but not allow remote access from outside the network, just internal? You can try to play with the following nginx settings: https://docs.nginx.com/nginx/admin-guide/security-controls/controlling-access-proxied-tcp/#restrict Quote Link to comment
Iceman24 Posted January 21, 2020 Share Posted January 21, 2020 This is the expected behaviour. Since your are reaching an unknown domain, it's not possible to present a valid cert. Thus, a dummy one is used.Okay, thanks. Does this mean the redirect will only work on the non-SSL port? I would've figured the cert issue wouldn't have been an issue if it redirected to where I told it to go. Quote Link to comment
Djoss Posted January 21, 2020 Author Share Posted January 21, 2020 53 minutes ago, Iceman24 said: 1 hour ago, Djoss said: This is the expected behaviour. Since your are reaching an unknown domain, it's not possible to present a valid cert. Thus, a dummy one is used. Okay, thanks. Does this mean the redirect will only work on the non-SSL port? I would've figured the cert issue wouldn't have been an issue if it redirected to where I told it to go. Yes, the way the default page is configured in nginx makes it apply to non-SSL port only. 1 Quote Link to comment
Karatekid Posted January 21, 2020 Share Posted January 21, 2020 (edited) On 1/13/2020 at 4:15 AM, lewispm said: Both of the headers I have listed in my advanced tab are NOT set according to https://securityheaders.com Can you look in the nextcloud nginx config if the following file looks like mine? I know that there is a ticket in the nextcloud docker image related to this. nextcloud/nginx/site-confs/default default Edited January 21, 2020 by Karatekid Code to long Quote Link to comment
Galileo Posted January 21, 2020 Share Posted January 21, 2020 (edited) On 1/20/2020 at 8:10 PM, Djoss said: Do you remember which email you used? If yes, you can reset the password: https://github.com/jlesage/docker-nginx-proxy-manager#password-reset There was no email used. When I set it up the account was just "admin". RESOLVED: Modified the database directly to change the username. Edited January 24, 2020 by Galileo RESOLVED Quote Link to comment
lurkio Posted January 23, 2020 Share Posted January 23, 2020 I did a fresh install and the [email protected] account doesnt appear to exist in the database. Quote Link to comment
lewispm Posted January 23, 2020 Share Posted January 23, 2020 On 1/21/2020 at 4:49 AM, Karatekid said: Can you look in the nextcloud nginx config if the following file looks like mine? I know that there is a ticket in the nextcloud docker image related to this. nextcloud/nginx/site-confs/default default 3.5 kB · 1 download I changed mine to look like yours. I can't restart nextcloud right now, but I'm sure that will fix me up. Thanks for the help! Quote Link to comment
toolmanz Posted January 23, 2020 Share Posted January 23, 2020 All, I have to admit that it didn't take long to get this set up and working for http: sites. Excellent docker that suits me right down to the ground. Djoss you da man....👍 I struggled with this nginx reverse proxy thing for weeks and weeks....tried about 4 different methods and none of them worked. This worked on first try and is working for sonarr, radarr and nzbget and netdata. I am using duckdns and subdomains. I have a problem with Nextcloud though. No matter what I try it doesn't work. I have received and an interesting message around internal server error: Internal Server Error The server encountered an internal error and was unable to complete your request. Please contact the server administrator if this error reappears multiple times, please include the technical details below in your report. More details can be found in the webserver log. Anyway I suspect it is something I did with the various config files while trying the other methods to get this working....default, config.php etc. I can't even access it locally!!! Not to mention it is the only https:// site. Would it be better if I "blew away" my nextcloud docker and re-installed? I'm thinking yes. But do I risk my nextcloud data? Or anything else? Thoughts? Has anyone had any luck getting the https:// nextcloud reverse proxy to work? Did you have to change any config files? I would appreciate it if someone could help out or give me a nudge in the right direction. Thanks in Advance 😊 Quote Link to comment
Iceman24 Posted January 24, 2020 Share Posted January 24, 2020 5 hours ago, toolmanz said: All, I have to admit that it didn't take long to get this set up and working for http: sites. Excellent docker that suits me right down to the ground. Djoss you da man....👍 I struggled with this nginx reverse proxy thing for weeks and weeks....tried about 4 different methods and none of them worked. This worked on first try and is working for sonarr, radarr and nzbget and netdata. I am using duckdns and subdomains. I have a problem with Nextcloud though. No matter what I try it doesn't work. I have received and an interesting message around internal server error: Internal Server Error The server encountered an internal error and was unable to complete your request. Please contact the server administrator if this error reappears multiple times, please include the technical details below in your report. More details can be found in the webserver log. Anyway I suspect it is something I did with the various config files while trying the other methods to get this working....default, config.php etc. I can't even access it locally!!! Not to mention it is the only https:// site. Would it be better if I "blew away" my nextcloud docker and re-installed? I'm thinking yes. But do I risk my nextcloud data? Or anything else? Thoughts? Has anyone had any luck getting the https:// nextcloud reverse proxy to work? Did you have to change any config files? I would appreciate it if someone could help out or give me a nudge in the right direction. Thanks in Advance 😊 So far, my new install works with reverse proxy. I was confused seeing different little ways people were setting it up, but I used this video from SpaceInvaderOne as guide for editing only the config.php file. It worked straight away after that. Quote Link to comment
mihcox Posted January 24, 2020 Share Posted January 24, 2020 I have set this up successfully for a few of my docker containers, but have a question about functionality. Currently i can access my ZoneMinder config by going to ******.*****.com but doing so brings me to the Apache page for ZoneMinder. If i manually add "/zm" to the end of it, such as: *****.*****.com/zm it is able to connect to zoneminder as expected. How can i set this up so that nginx appends this for me? Quote Link to comment
FranciumF Posted January 27, 2020 Share Posted January 27, 2020 (edited) Quote [s6-init] making user provided files available at /var/run/s6/etc...exited 0. [s6-init] ensuring user provided files have correct perms...exited 0. [fix-attrs.d] applying ownership & permissions fixes... [fix-attrs.d] done. [cont-init.d] executing container initialization scripts... [cont-init.d] 00-app-niceness.sh: executing... [cont-init.d] 00-app-niceness.sh: exited 0. [cont-init.d] 00-app-script.sh: executing... [cont-init.d] 00-app-script.sh: exited 0. [cont-init.d] 00-app-user-map.sh: executing... [cont-init.d] 00-app-user-map.sh: exited 0. [cont-init.d] 00-clean-logmonitor-states.sh: executing... [cont-init.d] 00-clean-logmonitor-states.sh: exited 0. [cont-init.d] 00-clean-tmp-dir.sh: executing... [cont-init.d] 00-clean-tmp-dir.sh: exited 0. [cont-init.d] 00-set-app-deps.sh: executing... [cont-init.d] 00-set-app-deps.sh: exited 0. [cont-init.d] 00-set-home.sh: executing... [cont-init.d] 00-set-home.sh: exited 0. [cont-init.d] 00-take-config-ownership.sh: executing... [cont-init.d] 00-take-config-ownership.sh: exited 0. [cont-init.d] 00-xdg-runtime-dir.sh: executing... [cont-init.d] 00-xdg-runtime-dir.sh: exited 0. [cont-init.d] nginx-proxy-manager.sh: executing... [cont-init.d] nginx-proxy-manager.sh: Starting database... [mysqld] starting... 2020-01-27 23:37:44 0 [Note] /usr/bin/mysqld (mysqld 10.3.17-MariaDB) starting as process 362 ... 2020-01-27 23:37:44 0 [Note] InnoDB: Using Linux native AIO 2020-01-27 23:37:44 0 [Note] InnoDB: Mutexes and rw_locks use GCC atomic builtins 2020-01-27 23:37:44 0 [Note] InnoDB: Uses event mutexes 2020-01-27 23:37:44 0 [Note] InnoDB: Compressed tables use zlib 1.2.11 2020-01-27 23:37:44 0 [Note] InnoDB: Number of pools: 1 2020-01-27 23:37:44 0 [Note] InnoDB: Using SSE2 crc32 instructions 2020-01-27 23:37:44 0 [Note] InnoDB: Initializing buffer pool, total size = 128M, instances = 1, chunk size = 128M 2020-01-27 23:37:44 0 [Note] InnoDB: Completed initialization of buffer pool 2020-01-27 23:37:44 0 [Note] InnoDB: If the mysqld execution user is authorized, page cleaner thread priority can be changed. See the man page of setpriority(). 2020-01-27 23:37:44 0 [Note] InnoDB: Starting crash recovery from checkpoint LSN=3146952 2020-01-27 23:37:44 0 [ERROR] InnoDB: Encountered a problem with file './ib_logfile0' 2020-01-27 23:37:44 0 [ERROR] InnoDB: Disk is full. Try to clean the disk to free space. 2020-01-27 23:37:44 0x1470cc4b0b10 InnoDB: Assertion failure in file /home/buildozer/aports/main/mariadb/src/mariadb-10.3.17/storage/innobase/fil/fil0fil.cc line 4434 InnoDB: Failing assertion: err == DB_SUCCESS InnoDB: We intentionally generate a memory trap. InnoDB: Submit a detailed bug report to https://jira.mariadb.org/ InnoDB: If you get repeated assertion failures or crashes, even InnoDB: immediately after the mysqld startup, there may be InnoDB: corruption in the InnoDB tablespace. Please refer to InnoDB: https://mariadb.com/kb/en/library/innodb-recovery-modes/ InnoDB: about forcing recovery. 200127 23:37:44 [ERROR] mysqld got signal 6 ; This could be because you hit a bug. It is also possible that this binary or one of the libraries it was linked against is corrupt, improperly built, or misconfigured. This error can also be caused by malfunctioning hardware. To report this bug, see https://mariadb.com/kb/en/reporting-bugs We will try our best to scrape up some info that will hopefully help diagnose the problem, but since we have already crashed, something is definitely wrong and this may fail. Server version: 10.3.17-MariaDB key_buffer_size=134217728 read_buffer_size=131072 max_used_connections=0 max_threads=153 thread_count=0 It is possible that mysqld could use up to key_buffer_size + (read_buffer_size + sort_buffer_size)*max_threads = 467422 K bytes of memory Hope that's ok; if not, decrease some variables in the equation. Thread pointer: 0x0 Attempting backtrace. You can use the following information to find out where mysqld died. If you see no messages after this, something went terribly wrong... Cannot determine thread, fp=0x49000, backtrace may not be correct. Bogus stack limit or frame pointer, fp=0x49000, stack_bottom=0x1470cc4c0000, thread_stack=299008, aborting backtrace. The manual page at http://dev.mysql.com/doc/mysql/en/crashing.html contains information that should help you find out what is causing the crash. Writing a core file... Working directory at /config/mysql Resource Limits: Fatal signal 11 while backtracing [cont-init.d] nginx-proxy-manager.sh: ERROR: Failed to start the database. [cont-init.d] nginx-proxy-manager.sh: exited 1. [services.d] stopping services [services.d] stopping s6-fdholderd... [cont-finish.d] executing container finish scripts... [cont-finish.d] done. [s6-finish] syncing disks. [s6-finish] sending all processes the TERM signal. [s6-finish] sending all processes the KILL signal and exiting. suddenly stop working after adding a new proxy host at port 8000. Log mentioned its DB problem, disk is full. but how do i go about resolving that issue? (SOLVED) EDIT : turns out my appdata that was running on cache was running now on space, and my settings didnt allow for splitting of directory, so it cannot move the files to another cache disk. simply move the appdata to array, or allow for mover to split directory to cache. Edited January 29, 2020 by FranciumF Quote Link to comment
GreenEyedMonster Posted January 27, 2020 Share Posted January 27, 2020 Hey guys, I love this Docker. I have an issue where some of my sites take a long time to load vs others. For example I have a Ghost Blog going and that can take up to 4 minutes and several reloads for the page to finally load. While others like Ombi are quick to be served. Any ideas? Thanks for this btw... it is amazin! Quote Link to comment
toolmanz Posted January 29, 2020 Share Posted January 29, 2020 Folks, I return with glad tidings - it works! Because I had messed around with the configuration files so much trying to follow the instructions from a couple of different sources, I just blew away my nextcloud and mariadb dockers and started from scratch. It was very painful but I am glad to say it was much easier starting from scratch. As was said earlier there is just one line to add to the appdata/nextcloud/www/nginx/config/config.php file: This is what mine looks like under the trusted proxies section (about line 8 of the file): 'trusted_domains' => array ( 0 => 'your local address 192....', 1 => 'your subdomain on duckdns.org', ), An example of second line could be: 1 => 'mydomain.duckdns.org', Thats it and it worked!!! Don't forget to restart your dockers after the change is made. All good and thanks for the assist. Now on to bitwarden - but not until I have a beer or 2 - code lube! Cheers Quote Link to comment
WEHA Posted January 29, 2020 Share Posted January 29, 2020 Nice interface! Would it be possible to add a listen port configuration? So I can define my own listening port for like Unifi / Emby / etc. I now add a host and manually change the config file but I it would be nice if this was included Thanks! Quote Link to comment
mihcox Posted January 29, 2020 Share Posted January 29, 2020 On 1/24/2020 at 1:51 PM, mihcox said: I have set this up successfully for a few of my docker containers, but have a question about functionality. Currently i can access my ZoneMinder config by going to ******.*****.com but doing so brings me to the Apache page for ZoneMinder. If i manually add "/zm" to the end of it, such as: *****.*****.com/zm it is able to connect to zoneminder as expected. How can i set this up so that nginx appends this for me? Bumping this, is there any way to force NGINX to add the /zm to a domain name so that it goes through properly without having to manually add it? Quote Link to comment
Spectral Force Posted February 4, 2020 Share Posted February 4, 2020 (edited) Greetings folks. I feel dumb that I can't figure this out but here I am. I've read the documentation and I'm still confused. I'm trying to setup a docker (CSMM-7DTD) docker to go through https. By default its http. I feel this is pretty straight forward so I don't know what I'm missing or doing wrong. If anyone could dumb this down for me I'd appreciate it. My walls and desk have a bunch of new head shaped dents. Thanks for any and all help. Edited February 4, 2020 by Spectral Force Quote Link to comment
Iceman24 Posted February 4, 2020 Share Posted February 4, 2020 (edited) 10 hours ago, Spectral Force said: Greetings folks. I feel dumb that I can't figure this out but here I am. I've read the documentation and I'm still confused. I'm trying to setup a docker (CSMM-7DTD) docker to go through https. By default its http. I feel this is pretty straight forward so I don't know what I'm missing or doing wrong. If anyone could dumb this down for me I'd appreciate it. This shows the NPM allocations This shows the CSMM-7DTD allocations: I'm not sure if I'm filling the correct information in the right spots: My walls and desk have a bunch of new head shaped dents. Thanks for any and all help. If that Docker is setup to only run on HTTP, the scheme needs to be HTTP. You can still force SSL in the SSL tab, but the scheme must be whatever the Docker is setup to use. Also, I would recommend blocking out your domain. Nobody needs to know that to help anyways. Edited February 4, 2020 by jonathanm Removed quoted info Quote Link to comment
GreenEyedMonster Posted February 4, 2020 Share Posted February 4, 2020 On 1/27/2020 at 11:57 AM, GreenEyedMonster said: Hey guys, I love this Docker. I have an issue where some of my sites take a long time to load vs others. For example I have a Ghost Blog going and that can take up to 4 minutes and several reloads for the page to finally load. While others like Ombi are quick to be served. Any ideas? Thanks for this btw... it is amazin! Anyone else having this issue?? Quote Link to comment
Spectral Force Posted February 4, 2020 Share Posted February 4, 2020 9 hours ago, Iceman24 said: If that Docker is setup to only run on HTTP, the scheme needs to be HTTP. You can still force SSL in the SSL tab, but the scheme must be whatever the Docker is setup to use. Also, I would recommend blocking out your domain. Nobody needs to know that to help anyways. Thanks, I will try that and report back. 1 Quote Link to comment
EC28 Posted February 8, 2020 Share Posted February 8, 2020 Has anyone been able to figure out how to get the URL to forward to the NoVNC server and skip this page? This is what I mean: https://imgur.com/fEceIPi I want to bypass clicking the vnc.html and have it go straight to the password prompt. Quote Link to comment
Nuke Posted February 8, 2020 Share Posted February 8, 2020 How to exclude some folders for authorization? Quote Link to comment
pether Posted February 10, 2020 Share Posted February 10, 2020 I'm having trouble with certificates, visiting my site normally the browser will tell me that the certificate is valid. I've tested with both letsencrypt and with a bought certificate. But when I try to verify it, it will respond with the NPM dummy certificate, and not the proper one. Why is this? Tested with: echo | openssl s_client -connect subdomain.domain.com:443 curl https://subdomain.domain.com Sometimes curl does not give the error for being a self signed certificate, but openssl still retrieves the dummy one. Quote Link to comment
Hartless Posted February 12, 2020 Share Posted February 12, 2020 if there a default for the login? ask for email and password but didnt see anywhere in the docker setup to put this info . Quote Link to comment
CJandDarren Posted February 16, 2020 Share Posted February 16, 2020 Hi, Djoss. Being brutally honest, I have never used any of these things before so when it came to Forward Hostname / IP* I was not exactly sure what it ment. I read the documentation but did not find it or not enough coffee yet. Could you possibly give a example of what it means. D... Quote Link to comment
Djoss Posted February 16, 2020 Author Share Posted February 16, 2020 On 1/29/2020 at 9:05 AM, WEHA said: Nice interface! Would it be possible to add a listen port configuration? So I can define my own listening port for like Unifi / Emby / etc. I now add a host and manually change the config file but I it would be nice if this was included Thanks! When you use the default bridge network type, you can map the ports used by the container to any port on the host. Quote Link to comment
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.