[Support] Djoss - Nginx Proxy Manager


Djoss

Recommended Posts

Hello,

I've a problem with NGINX PROXY MANAGER and Nextcloud.
When I upload something - the files are temporary written in the docker.img.

I saw that we could change this behavoir:

 

Problem is, I don't know where the temp folder of Nginx Proxy Manager is.

 

Any help would be appreciated ^^

Link to comment
1 hour ago, TDA said:

Hello,

I've a problem with NGINX PROXY MANAGER and Nextcloud.
When I upload something - the files are temporary written in the docker.img.

I saw that we could change this behavoir:

 

Problem is, I don't know where the temp folder of Nginx Proxy Manager is.

 

Any help would be appreciated ^^

 

Perhaps this one?

 

root@Tower:~# docker exec -it NginxProxyManager bash
bash-5.0# cat /etc/nginx/nginx.conf | grep temp
        client_body_temp_path         /var/tmp/nginx/body 1 2;
        include /data/nginx/temp/*.conf;
bash-5.0#

 

If not I think the nginx default is used

Link to comment

Anyone have a fix for this?

 

Everything was working great until I recently updated.  I have tried uninstalling and re-installing.  Removing the appdata and starting fresh but still getting the same error.  Nothing will forward when adding a proxy now.  Please help!

 

Things I have doublechecked were my Port Forwards and everything looks good. 

I even forwarded all the below ports with no luck 

4443, 8080, 8181, 18443, 1880, 7818, 80, 443, 81

XV5NVaG.png

Link to comment

Having a real weird issue. After replacing some hardware (and a comedy of error) I had to reinstall NPM from scratch. Removed the docker, cleaned up remaining data, Reinstalled, ports 80/443 are being forwarded to 8080/4443, and I can log in. But the dashboard and proxy pages are blank. I can click on other dropdowns and they open but none of the links inside them are working. Nothing stands out in the logs (below) but I'm a noob. Anyone got any ideas?

 

[s6-init] making user provided files available at /var/run/s6/etc...exited 0.
[s6-init] ensuring user provided files have correct perms...exited 0.
[fix-attrs.d] applying ownership & permissions fixes...
[fix-attrs.d] done.
[cont-init.d] executing container initialization scripts...
[cont-init.d] 00-app-niceness.sh: executing...
[cont-init.d] 00-app-niceness.sh: exited 0.
[cont-init.d] 00-app-script.sh: executing...
[cont-init.d] 00-app-script.sh: exited 0.
[cont-init.d] 00-app-user-map.sh: executing...
[cont-init.d] 00-app-user-map.sh: exited 0.
[cont-init.d] 00-clean-logmonitor-states.sh: executing...
[cont-init.d] 00-clean-logmonitor-states.sh: exited 0.
[cont-init.d] 00-clean-tmp-dir.sh: executing...
[cont-init.d] 00-clean-tmp-dir.sh: exited 0.
[cont-init.d] 00-set-app-deps.sh: executing...
[cont-init.d] 00-set-app-deps.sh: exited 0.
[cont-init.d] 00-set-home.sh: executing...
[cont-init.d] 00-set-home.sh: exited 0.
[cont-init.d] 00-take-config-ownership.sh: executing...
[cont-init.d] 00-take-config-ownership.sh: exited 0.
[cont-init.d] 00-xdg-runtime-dir.sh: executing...
[cont-init.d] 00-xdg-runtime-dir.sh: exited 0.
[cont-init.d] 90-db-upgrade.sh: executing...
[cont-init.d] 90-db-upgrade.sh: exited 0.
[cont-init.d] nginx-proxy-manager.sh: executing...
[1;34m❯ [1;36mEnabling IPV6 in hosts: [1;33m/etc/nginx/conf.d[0m
[1;34m❯ [1;33m/etc/nginx/conf.d/default.conf[0m
[1;34m❯ [1;33m/etc/nginx/conf.d/include/assets.conf[0m
[1;34m❯ [1;33m/etc/nginx/conf.d/include/block-exploits.conf[0m
[1;34m❯ [1;33m/etc/nginx/conf.d/include/force-ssl.conf[0m
[1;34m❯ [1;33m/etc/nginx/conf.d/include/letsencrypt-acme-challenge.conf[0m
[1;34m❯ [1;33m/etc/nginx/conf.d/include/proxy.conf[0m
[1;34m❯ [1;33m/etc/nginx/conf.d/include/ssl-ciphers.conf[0m
[1;34m❯ [1;33m/etc/nginx/conf.d/production.conf[0m
[1;34m❯ [1;36mEnabling IPV6 in hosts: [1;33m/config/nginx[0m
[1;34m❯ [1;33m/config/nginx/ip_ranges.conf[0m
[1;34m❯ [1;33m/config/nginx/resolvers.conf[0m
[cont-init.d] nginx-proxy-manager.sh: exited 0.
[cont-init.d] done.
[services.d] starting services
[services.d] starting s6-fdholderd...
[services.d] starting logmonitor...
[services.d] starting statusmonitor...
[logmonitor] no file to monitor: disabling service...
[statusmonitor] no file to monitor: disabling service...
[services.d] starting cert_cleanup...
[services.d] starting logrotate...
[services.d] starting nginx...
[cert_cleanup] starting...
[services.d] starting app...
[logrotate] starting...
[nginx] starting...
[app] starting Nginx Proxy Manager...
[services.d] done.
[cert_cleanup] ----------------------------------------------------------
[cert_cleanup] Let's Encrypt certificates cleanup - 2021/01/28 22:52:08
[cert_cleanup] ----------------------------------------------------------
[cert_cleanup] 0 file(s) kept.
[cert_cleanup] 0 file(s) deleted.
[1/28/2021] [10:52:09 PM] [Migrate ] › ℹ info Current database version: none
[1/28/2021] [10:52:09 PM] [IP Ranges] › ℹ info Fetching IP Ranges from online services...
[1/28/2021] [10:52:09 PM] [IP Ranges] › ℹ info Fetching https://ip-ranges.amazonaws.com/ip-ranges.json
[1/28/2021] [10:52:10 PM] [IP Ranges] › ℹ info Fetching https://www.cloudflare.com/ips-v4
[1/28/2021] [10:52:10 PM] [IP Ranges] › ℹ info Fetching https://www.cloudflare.com/ips-v6
[1/28/2021] [10:52:10 PM] [SSL ] › ℹ info Let's Encrypt Renewal Timer initialized
[1/28/2021] [10:52:10 PM] [SSL ] › ℹ info Renewing SSL certs close to expiry...
[1/28/2021] [10:52:10 PM] [IP Ranges] › ℹ info IP Ranges Renewal Timer initialized
[1/28/2021] [10:52:10 PM] [Global ] › ℹ info Backend PID 657 listening on port 3000 ...
[1/28/2021] [10:52:11 PM] [Nginx ] › ℹ info Reloading Nginx
[1/28/2021] [10:52:11 PM] [SSL ] › ℹ info Renew Complete
`QueryBuilder#allowEager` method is deprecated. You should use `allowGraph` instead. `allowEager` method will be removed in 3.0
`QueryBuilder#eager` method is deprecated. You should use the `withGraphFetched` method instead. `eager` method will be removed in 3.0
QueryBuilder#omit is deprecated. This method will be removed in version 3.0

Link to comment

My ProxyManager has been unable to launch since I updated the container (for the first time in a while). Has anyone else seen this in their logs, or can anyone help me decode it?
It looks like it's failing to install the database, therefore failing to boot, because it can't fetch a required file. I don't know why. It's also not 'temporary,' it's been doing this for a couple days now.

If I'm on the right track, I don't see why it can't fetch the files. They're at http://dl-cdn.alpinelinux.org/alpine/v3.12/main/x86_64/ and I can download them manually on my personal computer. Why can't the Docker container?

ProxyManagerLog.txt

Edited by Foxglove
Link to comment
1 hour ago, Foxglove said:

My ProxyManager has been unable to launch since I updated the container (for the first time in a while). Has anyone else seen this in their logs, or can anyone help me decode it?
It looks like it's failing to install the database, therefore failing to boot, because it can't fetch a required file. I don't know why. It's also not 'temporary,' it's been doing this for a couple days now.

If I'm on the right track, I don't see why it can't fetch the files. They're at http://dl-cdn.alpinelinux.org/alpine/v3.12/main/x86_64/ and I can download them manually on my personal computer. Why can't the Docker container?

 

It seems to be network-related. I have the Docker container on a different subnet than my main subnet that the host runs its administration off of. Switching it to a bridge seems to fix the problem temporarily. 

There's an error about missing the fullchain.pem file. I don't know if that's expected on first boot or if that's something that will be resolved later.

Update: Looks like it may be a name resolution issue. I don't have DHCP server on this subnet. I probably need to find a way to statically set DNS servers for the docker container.

ProxyManagerLog2.txt

Edited by Foxglove
Link to comment

Tried to renew some SSL certs today, which is with DNS challenge. From gui it just hanged there "please wait"
So i tried to do "certbot renew"
And i got for all my certs the following 

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Processing /etc/letsencrypt/renewal/npm-87.conf
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Renewal configuration file /etc/letsencrypt/renewal/npm-87.conf (cert: npm-87) produced an unexpected error: 'Namespace' object has no attribute 'dns_cloudflare_credentials'. Skipping.

Which seems weird. Because the said file contains the following
 

# renew_before_expiry = 30 days
version = 1.4.0
archive_dir = /etc/letsencrypt/archive/npm-75
cert = /etc/letsencrypt/live/npm-75/cert.pem
privkey = /etc/letsencrypt/live/npm-75/privkey.pem
chain = /etc/letsencrypt/live/npm-75/chain.pem
fullchain = /etc/letsencrypt/live/npm-75/fullchain.pem

# Options used in the renewal process
[renewalparams]
account = randomcharacterstring
authenticator = dns-cloudflare
dns_cloudflare_credentials = /etc/letsencrypt/credentials/credentials-75
server = https://acme-v02.api.letsencrypt.org/directory


If i try to delete and add again. it succeeds. It looks like a parsing problem?

Link to comment
On 1/29/2021 at 5:57 PM, Krzaku said:

Why is there no option to add a custom ssl certificate? There is only option to either not use ssl at all or use builtin lets encrypt. Nginx Proxy Manager supposedly supports this.

You can add a custom SSL certificate. I use this feature for Cloudflare origin certificates all the time.

On the SSL page, choose 'add certificate', then choose 'custom'. You'll need to supply the required files. I assume you know how to do this if you're trying to use your own certificate.

image.thumb.png.f379542cf3416c70870fa30b9aea56b1.png

Link to comment

Hey

I have a problem with NginxProxyManager.
I can neither access my server via "Proxy Host" nor can I create an SSL certificate.

If i try to add a SSL certificate via Let's Encrypt i get this error:

 

Error: Command failed: /usr/bin/certbot certonly --non-interactive --config "/etc/letsencrypt.ini" --cert-name "npm-8" --agree-tos --email "[email protected]" --preferred-challenges "dns,http" --domains "my.ddns.com" 
Saving debug log to /var/log/letsencrypt/letsencrypt.log
Plugins selected: Authenticator webroot, Installer None
Obtaining a new certificate
Performing the following challenges:
http-01 challenge for my.ddns.com
Using the webroot path /config/letsencrypt-acme-challenge for all unmatched domains.
Waiting for verification...
Challenge failed for domain my.ddns.com
http-01 challenge for my.ddns.come
Cleaning up challenges
Some challenges have failed.

    at ChildProcess.exithandler (child_process.js:303:12)
    at ChildProcess.emit (events.js:315:20)
    at maybeClose (internal/child_process.js:1021:16)
    at Process.ChildProcess._handle.onexit (internal/child_process.js:286:5)

 

And when I add a proxy host the page just doesn't show up.
The domain works because I can also activate the ports in my router and then access the page via my.ddns.com:myport.

I think I did something wrong with the installation.

Link to comment

When Network Type:  is set to custom ,

the docker do not seem to react to any entry you put in 

  • Web UI Port
  • HTTP Port
  • HTTPs Port

and always come back to his default : 4443,8080 and 8181

 

is it a bug ?
 

this do not happen when use Network Type = bridge

Edited by ZappyZap
Link to comment
1 hour ago, ZappyZap said:

is it a bug ?

No, it's by design. When a container is directly connected to host IP, or has its own unique IP, all ports are exposed and available for the app to use, and you must manage and configure ports directly in the app.

 

Think of the bridge connection like a mini router, by default all ports are closed, and in order to communicate from the outside in, you must open up ports, and you can redirect those ports if you wish.

Link to comment
30 minutes ago, jonathanm said:

No, it's by design. When a container is directly connected to host IP, or has its own unique IP, all ports are exposed and available for the app to use, and you must manage and configure ports directly in the app.

 

Think of the bridge connection like a mini router, by default all ports are closed, and in order to communicate from the outside in, you must open up ports, and you can redirect those ports if you wish.

Got it.... thanks for the clarification
now how to change the port directly on the app ? i am use to compose , but still new on the way unraid do doker ....

Link to comment
2 minutes ago, ZappyZap said:

Got it.... thanks for the clarification
now how to change the port directly on the app ? i am use to compose , but still new on the way unraid do doker ....

You can't (for now).  Work has to be done to make them configurable inside the container.

However, in most scenarios, you don't need to change them.

Link to comment
22 hours ago, Djoss said:

You can't (for now).  Work has to be done to make them configurable inside the container.

However, in most scenarios, you don't need to change them.

I'd love to change my ports too, in order to be able to use split DNS instead of NAT reflection and send internal network requests to "https://nextcloud.mydomain.com", and have them go to the proper port 443, without leaving the network.

Edited by bobo89
Link to comment

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.

Guest
Reply to this topic...

×   Pasted as rich text.   Restore formatting

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.