[Support] Djoss - Nginx Proxy Manager


Djoss

Recommended Posts

On 5/17/2020 at 8:33 AM, bdydrp said:

Thanks - Have left it in bridge for now!

Tho, the other docker im accessing (jellyfin) has an IP assigned, and i can still access it

Cheers

If I remember correctly, a container in bridge mode can't access another container with an assigned IP (unless you use a vlan I think).

 

Just remember that port mappings work only in bridge network mode.  So if you use NPM in another mode, you need to work with ports of the container (i.e. 8080, 4443 and 8181).

Link to comment
On 5/17/2020 at 11:48 PM, VinceB said:

Hi everyone,

 

I am quite a newbie, but found UNRAID solutaion based on dockerized app so powerful ! after several tryouts, came to the conclusion of having "Nginx Proxy Mangager" app that take care of :

 

- reverse proxy set-up

- fetching SSL from let's encrypt

 

I used to work with LE container but the Reverse Proxy side was sometimes quite tough to configure. 

 

Now my question is

 

I am using nginx container from Linux IO guys to power multiple websites. I would like to use the certificates retrieved by "Nginx Rerverse Proxy" in the nginx site conf file :

 

ssl_certificate /config/keys/letsencrypt/fullchain.pem;
ssl_certificate_key /config/keys/letsencrypt/privkey.pem;

 

(this was a template based on LE)

 

So my point is how to get the path from "Nginx Reverse Proxy" inside this Nginx container ?

 

Do i need the add a custom path to the NGINX template ?

 

Thanks for your support !

 

Vince B

 

 

You don't need to transfer certs.  Nginx Proxy Manager will re-generate them.

Link to comment
On 5/17/2020 at 2:33 PM, bdydrp said:

Thanks - Have left it in bridge for now!

Tho, the other docker im accessing (jellyfin) has an IP assigned, and i can still access it

Cheers

Yeah me too. My piHole is in br0 and has an IP address assigned, and I can access it just fine. NPM just can't, to my knowledge, access the other virtual networks for the remapping.

 

Anyone feel free to correct me, of course.

Link to comment

Well - it isn't working again. No idea why since I literally didn't touch any settings. Can't access the webui even.

 

Started complaining about a semicolon in a conf file. Then it had problems with the letsencrypt.pem file. Honestly this is the fourth time it has collapsed without warning, so I don't know what is going on with it. I checked my drives for corruption and they were fine. So something is causing problems, but I think I will go try Caddy.

Link to comment

 

I have moved to Nginx Proxy Manager from LetsEncypt and really like it - Thanks!

 

I am still using my old LetsEncrypt "proxynet" - Is this ok? Seems like it should be and isolates the dockers on my reverse proxy?

 

But this seems to not allow me to expose the Netdata docker as that sits on the "Host" netowrk?

 

Should I keep using "proxynet"?

 

And is it possuble (and wise?) to expose Netdata via a reverse proxy (specifically Nginx Proxy Manager).

 

Thanks!

Link to comment

 

I am exposing ubooquity  via reverse proxy.

 

If my domain name is example.com https://comics.example.com/ubooquity/ works fine....

 

But https://comics.example.com does not work and I get a error 500

 

HTTP ERROR 500

Problem accessing /. Reason:

    Could not find matching provider (wrong URL)

 

Can I fix this in Nginx Proxy Manager or someplace else? Thanks!

Edited by TexasDave
Link to comment
On 5/21/2020 at 2:07 PM, tknx said:

Well - it isn't working again. No idea why since I literally didn't touch any settings. Can't access the webui even.

 

Started complaining about a semicolon in a conf file. Then it had problems with the letsencrypt.pem file. Honestly this is the fourth time it has collapsed without warning, so I don't know what is going on with it. I checked my drives for corruption and they were fine. So something is causing problems, but I think I will go try Caddy.

What is your last issue?  Something in the container log?

Link to comment
On 5/23/2020 at 6:45 AM, TexasDave said:

 

I am exposing ubooquity  via reverse proxy.

 

If my domain name is example.com https://comics.example.com/ubooquity/ works fine....

 

But https://comics.example.com does not work and I get a error 500

 


HTTP ERROR 500

Problem accessing /. Reason:

    Could not find matching provider (wrong URL)

 

Can I fix this in Nginx Proxy Manager or someplace else? Thanks!

Try to add the following line under the Advanced tab:

location = /{return 301 $scheme://$http_host/ubooquity/;}

 

  • Like 1
Link to comment

hi first thanks great docker nice interface

 

i just setup my first reverse proxy domain and all work great hosted at clouflare, however when i scan my site on securityheaders i get this red warning

 

Headers

Content-Security-Policy

X-Frame-Options

Referrer-Policy

Feature-Policy

 

can someone please tell me how to fix this to get green, thanks in advanced

  • Like 1
Link to comment
8 hours ago, mata7 said:

hi first thanks great docker nice interface

 

i just setup my first reverse proxy domain and all work great hosted at clouflare, however when i scan my site on securityheaders i get this red warning

 

Headers

Content-Security-Policy

X-Frame-Options

Referrer-Policy

Feature-Policy

 

can someone please tell me how to fix this to get green, thanks in advanced

 

Before I used Nginx Proxy Server and used LetsEnncrypt, I reaplced the "ssl.conf" file with "strong-ssl.conf" found here:

 

https://github.com/gilbN/Nostromo/blob/master/Server/nginx/strong-ssl.conf

 

Not sure how one would do that in NPS. But I would also like to get the nice green A+ report from "Security Headers".

Link to comment
2 hours ago, mata7 said:

thanks for you help really apreciated, i add location = /{return 301 $scheme://$http_host/ubooquity/;} to advanced but dont work, i still get same red reports

just to make sure here is where i add it

ngp.thumb.png.db96c1558671ca6959089101244c98d1.png

 

Adding location = /{return 301 $scheme://$http_host/ubooquity/;} is only if you reverse proxy ubooquity.  This has nothing to do with security report results.

 

SSL settings are not (easily) editable with NPM.  Having a nice green report also implies that your site has less compatibility with different devices... So there is no set of settings that will fit everybody needs.

 

Link to comment

Hi,

 

Just come across this docker, ashamed since i use lets encrypt so much.  Very impressed, had nextcloud up running in around 2 minutes.

 

I am now however not able to run airsonic, ive made the cert and proxy config exactly like nextcloud but with a new SSL cert for airsonic.  But im getting 502 bad gateway.

 

Any help would be appreciated

 

EDIT: solved above
How i fixed it: I turned it to http under the proxy settings but forced it to use SSL.

Next question please:
I have to goto https://airsonic.example.com/airsonic to reach the login.  can i change it to reach it via a normal method, ie https://airsonic.example.com

 

Edited by Greygoose
Link to comment
13 hours ago, Greygoose said:

Next question please:

 

I have to goto https://airsonic.example.com/airsonic to reach the login.  can i change it to reach it via a normal method, ie https://airsonic.example.com

 

 

That would be exactly how my own nextcloud container is running. Not sure how you'd get it to do that in the first place.

Maybe it's a nextcloud config issue. i set up sub.tld.dom for mine and it works just fine. :)

Link to comment
1 hour ago, Gdtech said:

Just install Nginx Proxy Manager Docker, not able to login,  using  [email protected]  and password changeme, It comes up with No relevant user found

 

Any help would be appreciated.

Thanks

I would try again with a clean appdata folder:

  • Stop the container.
  • Remove /mnt/user/appdata/NginxProxyManager
  • Start the container.
Link to comment

Hey

 

I got this question/issue

 

I used to run my webserver on baremetal right behind the router. The server (ubuntu 16.x lts) had a the ufw (just iptables wrapper) installed and I had quite a blacklist to prevent known nets and ip-addresses from spamming / hacking the site. Last week I moved the entire website to a vm and all trafic goes through NPM.

 

- apache2 does'nt know where the traffic comes from (yeah, the reverse proxy). When it was not behind the reverse proxy I had this line but that does not work anymore     

LogFormat "%{X-Forwarded-For}i %l %u %t \"%r\" %>s %b \"%{Referer}i\" \"%{User-Agent}i\"" proxy

- ufw does'nt know it either since everything comes from the reverse proxy

 

How can I fix these issues?

 

 

Edited by sjoerd
Link to comment

I am thinking about setting up NextCloud & Bitwardenrs dockers on my unraid system.  I am sure this has been asked before but how safe is it to use a reverse proxy?  I have never used a reverse proxy before and currently use VPN to access my server remotely. 

 

 

Link to comment

Hello,

I've been running this container for a while now. Over a year at least. I've had no issues until today when I setup a new proxy host and attempted to request a new certificate from LetsEncrypt. 

 

I receive this error when attempting to request the certificate.

"Internal Error"

 

I found this in the container logs

 

[6/5/2020] [12:39:21 PM] [Express ] › ⚠ warning Command failed: /usr/bin/certbot certonly --non-interactive --config "/etc/letsencrypt.ini" --cert-name "npm-14" --agree-tos --email "[email protected]" --preferred-challenges "dns,http" --webroot --domains "myhost.mydomain.com"
Another instance of Certbot is already running.

 

How can I troubleshoot this issue? Any other clues I should look for or anyone else who's seen this?

Link to comment

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.

Guest
Reply to this topic...

×   Pasted as rich text.   Restore formatting

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.