Skip to content
View in the app

A better way to browse. Learn more.

Unraid

A full-screen app on your home screen with push notifications, badges and more.

To install this app on iOS and iPadOS
  1. Tap the Share icon in Safari
  2. Scroll the menu and tap Add to Home Screen.
  3. Tap Add in the top-right corner.
To install this app on Android
  1. Tap the 3-dot menu (⋮) in the top-right corner of the browser.
  2. Tap Add to Home screen or Install app.
  3. Confirm by tapping Install.

[Support] Djoss - Nginx Proxy Manager

Featured Replies

  • Author
1 hour ago, Brydezen said:

I only have one user named lol and the password is also lol. Does it only work if the username is admin?

EDIT: I just tried doing the auth in a new browser (firefox) and it worked flawlessly. But chrome seems to mess me up.

Ok, you may need to clear chrome's cache...

  • 2 weeks later...
  • Replies 2k
  • Views 516.4k
  • Created
  • Last Reply

Top Posters In This Topic

Most Popular Posts

  • You can use my fork for now: https://hub.docker.com/r/mattie112/docker-nginx-proxy-manager (which I will delete if/when this gets implemented by Djoss)   My fork is 100% the same c

  • sdchoni
    sdchoni

    To temporarily resolve this issue, you can use the previous release of Nginx Proxy Manager. Edit the app and change the repository to: jlesage/nginx-proxy-manager:v25.09.1 Once this is resolved, you

  • Please verify that the problem is fixed with the latest version.

Posted Images

Is anyone using this with the home assistant docker? I can't get access to HA when going through this proxy. I get a bad gateway error.

 

Is there a way to implement fail2ban?

  • Author
On 10/21/2019 at 4:04 AM, jj_uk said:

Is anyone using this with the home assistant docker? I can't get access to HA when going through this proxy. I get a bad gateway error.

This error is usually caused by an incorrect configuration of your proxy host.  Make sure the forward host is properly set with the correct http scheme and port.

According to https://www.home-assistant.io/docs/ecosystem/nginx/, it seems that you need to enable WebSocket support.  You may also have to adjust the config of HA.

  • Author
14 hours ago, TDA said:

Is there a way to implement fail2ban?

If you have an instance already running (in another container for examle), you can configure it to point to NginxProxyManager's log files and it should work.

This error is usually caused by an incorrect configuration of your proxy host.  Make sure the forward host is properly set with the correct http scheme and port.
According to https://www.home-assistant.io/docs/ecosystem/nginx/, it seems that you need to enable WebSocket support.  You may also have to adjust the config of HA.
Within the link posted, there is a nginx setup configuration. Is nginx already configured like this or do I need to change something?
  • Author
4 hours ago, jj_uk said:
6 hours ago, Djoss said:
This error is usually caused by an incorrect configuration of your proxy host.  Make sure the forward host is properly set with the correct http scheme and port.
According to https://www.home-assistant.io/docs/ecosystem/nginx/, it seems that you need to enable WebSocket support.  You may also have to adjust the config of HA.

Within the link posted, there is a nginx setup configuration. Is nginx already configured like this or do I need to change something?

I think you don't need any advanced config.  Make sure to enable WebSocket.

3 hours ago, Djoss said:

I think you don't need any advanced config.  Make sure to enable WebSocket.

I can't get this to work. I've tried all sorts of configuration in HA. 

23 hours ago, Djoss said:

If you have an instance already running (in another container for examle), you can configure it to point to NginxProxyManager's log files and it should work.

Unfortunately I haven't one, and apparently there isn't any standalone docker in UNRAID for fail2ban.

Why is fail2ban not already implemented into NginxProxyManager?
How would you suggest to protect against brute-force-attacks and so on?

thx

I've got NPM up and running, and I've got it working with a host (jellyfin), however, when I enable/force SSL, it breaks. As soon as I disable SSL, it works again. I made sure to request a letsencrypt cert, and it seems to have been successful. It's behind a pfsense firewall, and any time port 80 appears, ports 443 and 81 appear with it (alias for web ports). Any suggestions/troubleshooting?

 

EDIT: Nevermind. Working flawlessly now. Not sure if it was that particular computer I was using, dns cache or what. Thanks for this program, it's saved me a lot of headache.

Edited by duskofdawn

I recently started having issues with Bookstack container and NginxProxyManager giving "502 Bad Gateway" when accessing from the domain pointed at it. The Bookstack container is accessible for it IP on local network, restarting the NginxProxyManager fixes the issue for a few minutes then back to 502

  • Author
On 10/22/2019 at 4:18 PM, jj_uk said:

I can't get this to work. I've tried all sorts of configuration in HA. 

I have installed Home Assistant from scratch and created an account.  No other setting changed.

 

I have the following proxy host that works:

 

Scheme : http
Forward host: unRAID IP address
Port: 8123
WebSocket support : Enabled

 

  • Author
On 10/23/2019 at 6:15 AM, TDA said:

Unfortunately I haven't one, and apparently there isn't any standalone docker in UNRAID for fail2ban.

Why is fail2ban not already implemented into NginxProxyManager?
How would you suggest to protect against brute-force-attacks and so on?

thx

Because fail2ban play with iptables rules on the host, one cannot have multiple instances of iptables running.  Thus, I feel that implementing fail2ban in this Docker container is not the right way to go, since fail2ban is potentially wanted by other containers as well.

 

Nginx as some built-in protections.  Maybe this is something you can look at: https://www.nginx.com/blog/mitigating-ddos-attacks-with-nginx-and-nginx-plus/

  • Author
9 hours ago, swingline said:

I recently started having issues with Bookstack container and NginxProxyManager giving "502 Bad Gateway" when accessing from the domain pointed at it. The Bookstack container is accessible for it IP on local network, restarting the NginxProxyManager fixes the issue for a few minutes then back to 502

Do you have more details/log from the Bookstack container when the problem happens?

Has anyone got Organizr Server Authentication working with NPM?

 

https://docs.organizr.app/books/setup-features/page/serverauth

 

Also, I'm coming from using the Letsencrypt container. For my wordpress site, I just dropped it's folder into the "www" directory to get it going. How does that work with NPM? Thanks.

18 hours ago, Djoss said:

I have installed Home Assistant from scratch and created an account.  No other setting changed.

 

I have the following proxy host that works:

 


Scheme : http
Forward host: unRAID IP address
Port: 8123
WebSocket support : Enabled

 

 

"Scheme http" 

 

This fixed it for me, i was using "https" for the scheme as it connects with ssl. Clearly I don't understand the difference. Thanks for your help!

Edited by jj_uk

On 10/28/2019 at 4:22 AM, Djoss said:

Do you have more details/log from the Bookstack container when the problem happens?

Thanks for the reply. Here is everything in the bookstack logs.

 

[s6-init] making user provided files available at /var/run/s6/etc...exited 0.
[s6-init] ensuring user provided files have correct perms...exited 0.
[fix-attrs.d] applying ownership & permissions fixes...
[fix-attrs.d] done.
[cont-init.d] executing container initialization scripts...
[cont-init.d] 10-adduser: executing...

-------------------------------------
_ ()
| | ___ _ __
| | / __| | | / \
| | \__ \ | | | () |
|_| |___/ |_| \__/


Brought to you by linuxserver.io
We gratefully accept donations at:
https://www.linuxserver.io/donate/
-------------------------------------
GID/UID
-------------------------------------

User uid: 99
User gid: 100
-------------------------------------

[cont-init.d] 10-adduser: exited 0.
[cont-init.d] 20-config: executing...
[cont-init.d] 20-config: exited 0.
[cont-init.d] 30-keygen: executing...
using keys found in /config/keys
[cont-init.d] 30-keygen: exited 0.
[cont-init.d] 50-config: executing...
App Key found - setting variable for seds
Running config - db_user set
/var/run/s6/etc/cont-init.d/50-config: line 63: warning: command substitution: ignored null byte in input
/var/run/s6/etc/cont-init.d/50-config: line 63: warning: command substitution: ignored null byte in input
Nothing to migrate.
[cont-init.d] 50-config: exited 0.
[cont-init.d] 99-custom-files: executing...
[custom-init] no custom files found exiting...
[cont-init.d] 99-custom-files: exited 0.
[cont-init.d] done.
[services.d] starting services
[services.d] done.

 

SSL worked for about a day before breaking again. I'm not sure what I was doing that got it to work vs not work. I spun up a new VM, downloaded the example config, and after initial setup, created two hosts. They both point to the same server, one has SSL enabled with a letsencrypt certificate generated by NPM. The other is HTTP only. When I go to the SSL one (in CHrome), it throws up "Your connection is not private NTT::ERR_CERT_AUTHORITY_INVALID. The cert itself is from BMS. If I click advanced, and then proceed, I get ERR_EMPTY_RESPONSE.

I had an issue with another Docker image, so carried out a restore and I'm now seeing the following error in the logs;

 

[nginx] starting...
nginx: [emerg] PEM_read_bio_X509_AUX("/etc/letsencrypt/live/npm-1/fullchain.pem") failed (SSL: error:0909006C:PEM routines:get_name:no start line:Expecting: TRUSTED CERTIFICATE)

 

Any ideas?

  • Author
On 10/30/2019 at 1:12 PM, swingline said:

Thanks for the reply. Here is everything in the bookstack logs.

 


[s6-init] making user provided files available at /var/run/s6/etc...exited 0.
[s6-init] ensuring user provided files have correct perms...exited 0.
[fix-attrs.d] applying ownership & permissions fixes...
[fix-attrs.d] done.
[cont-init.d] executing container initialization scripts...
[cont-init.d] 10-adduser: executing...

-------------------------------------
_ ()
| | ___ _ __
| | / __| | | / \
| | \__ \ | | | () |
|_| |___/ |_| \__/


Brought to you by linuxserver.io
We gratefully accept donations at:
https://www.linuxserver.io/donate/
-------------------------------------
GID/UID
-------------------------------------

User uid: 99
User gid: 100
-------------------------------------

[cont-init.d] 10-adduser: exited 0.
[cont-init.d] 20-config: executing...
[cont-init.d] 20-config: exited 0.
[cont-init.d] 30-keygen: executing...
using keys found in /config/keys
[cont-init.d] 30-keygen: exited 0.
[cont-init.d] 50-config: executing...
App Key found - setting variable for seds
Running config - db_user set
/var/run/s6/etc/cont-init.d/50-config: line 63: warning: command substitution: ignored null byte in input
/var/run/s6/etc/cont-init.d/50-config: line 63: warning: command substitution: ignored null byte in input
Nothing to migrate.
[cont-init.d] 50-config: exited 0.
[cont-init.d] 99-custom-files: executing...
[custom-init] no custom files found exiting...
[cont-init.d] 99-custom-files: exited 0.
[cont-init.d] done.
[services.d] starting services
[services.d] done.

 

I would also check the log for your proxy host under /mnt/user/appdata/NginxProxyManager/log/nginx/ to see if you can get more details.

Do you have the issue only when you access the domain name from your own network?

  • Author
On 10/30/2019 at 5:28 PM, duskofdawn said:

SSL worked for about a day before breaking again. I'm not sure what I was doing that got it to work vs not work. I spun up a new VM, downloaded the example config, and after initial setup, created two hosts. They both point to the same server, one has SSL enabled with a letsencrypt certificate generated by NPM. The other is HTTP only. When I go to the SSL one (in CHrome), it throws up "Your connection is not private NTT::ERR_CERT_AUTHORITY_INVALID. The cert itself is from BMS. If I click advanced, and then proceed, I get ERR_EMPTY_RESPONSE.

If the certificate is not from Letsencrypt, then you are probably not reaching the container... or are you using a DNS service that could interfer?

  • Author
16 hours ago, WannabeMKII said:

I had an issue with another Docker image, so carried out a restore and I'm now seeing the following error in the logs;

 

[nginx] starting...
nginx: [emerg] PEM_read_bio_X509_AUX("/etc/letsencrypt/live/npm-1/fullchain.pem") failed (SSL: error:0909006C:PEM routines:get_name:no start line:Expecting: TRUSTED CERTIFICATE)

 

Any ideas?

Looks like a certificate is corrupted.... You can check if you can read the certificate at /mnt/user/appdata/NginxProxyManager/letsencrypt/live/npm-1/fullchain.pem.

9 hours ago, Djoss said:

Looks like a certificate is corrupted.... You can check if you can read the certificate at /mnt/user/appdata/NginxProxyManager/letsencrypt/live/npm-1/fullchain.pem.

Stupid question, but how would I test I can read it?

 

Krusader is reporting the file as 0 bytes in size?

 

Also, if I go into the webgui and try to edit one of the hosts and hit save, it comes back with a 'Internal Error'? 

 

Does any of that help?

16 hours ago, Djoss said:

I would also check the log for your proxy host under /mnt/user/appdata/NginxProxyManager/log/nginx/ to see if you can get more details.

Do you have the issue only when you access the domain name from your own network?

I have issues from all networks when accessing from domain. I have NAT refection turned on my firewall and all other domains I have are working. The container is accessible from its IP address. Below is a log excerpt from when it stops working. It never recovers unless I restart the NginxProxyManger container then fails after i close my session with the bookstack.

 

[02/Nov/2019:21:11:22 +0400] - 502 502 - GET https wiki.domain.pw "/" [Client 10.0.0.1] [Length 166] [Gzip -] [Sent-to 10.0.0.64] "Mozilla/5.0 (X11; Fedora; Linux x86_64; rv:70.0) Gecko/20100101 Firefox/70.0" "http://10.0.0.77:8181/nginx/proxy"

 

[06/Nov/2019:23:10:18 +0400] - 502 502 - GET https wiki.domain.pw "/" [Client 10.0.0.1] [Length 166] [Gzip -] [Sent-to 10.0.0.64] "Mozilla/5.0 (X11; Fedora; Linux x86_64; rv:70.0) Gecko/20100101 Firefox/70.0" "-"

 

Can someone help me getting custom locations to work? I want mydomain.com to link to 192.168.0.118:4001 (which it does). And then i want mydomain.com/radarr to link to 192.168.0.118:7878. So i added a custom location for for mydomain.com like so:

/radarr
http 192.168.0.118 7878

But it doesn't work. Why?

Thanks!

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.

Guest
Reply to this topic...

Account

Navigation

Search

Search

Configure browser push notifications

Chrome (Android)
  1. Tap the lock icon next to the address bar.
  2. Tap Permissions → Notifications.
  3. Adjust your preference.
Chrome (Desktop)
  1. Click the padlock icon in the address bar.
  2. Select Site settings.
  3. Find Notifications and adjust your preference.