[Support] Djoss - Nginx Proxy Manager

[mattie112]

On 12/27/2021 at 6:25 PM, whitesoxwc said:

 

Sorry I was trying to get this done before heading out of town for Christmas just got back into town and tried this but this is what I am getting after running the manual route. If I try to curl the page it executes in bash but nothing happens it just loads the next line if I "nc IP" it goes to the next line and asks leaves it open to type another command. Any help would be greatly appreciated, I'm pretty sure its something small and dumb that I am overlooking. Thanks.

 

 

Well that looks like certbot does not see any certificates that might be due for renew. So I guess it never created a certificate. Perhaps you can try to manually request a certificate and see if that works? https://www.digitalocean.com/community/tutorials/how-to-use-certbot-standalone-mode-to-retrieve-let-s-encrypt-ssl-certificates-on-ubuntu-16-04

 

Also make sure you can access unsecured port 80 (for the .well-known directory) from the public internet as that is requried.

[mattie112]

18 hours ago, GCS said:

Anyone else getting a "Internal Error" when trying to manually renew a cert?

 

My logs show this when trying manually renew.

[12/28/2021] [9:10:34 AM] [SSL ] › ℹ info Renewing Let'sEncrypt certificates for Cert #12: tautulli.xxx.com
[12/28/2021] [9:10:34 AM] [SSL ] › ℹ info Command: certbot renew --force-renewal --config "/etc/letsencrypt.ini" --cert-name "npm-12" --preferred-challenges "dns,http" --no-random-sleep-on-renew --disable-hook-validation
[12/28/2021] [9:10:34 AM] [Express ] › ⚠ warning Command failed: certbot renew --force-renewal --config "/etc/letsencrypt.ini" --cert-name "npm-12" --preferred-challenges "dns,http" --no-random-sleep-on-renew --disable-hook-validation
An unexpected error occurred:
pkg_resources.ContextualVersionConflict: (cryptography 36.0.1 (/usr/lib/python3.8/site-packages), Requirement.parse('cryptography<4,>=2'), {'dns-lexicon'})
Ask for help or search for solutions at https://community.letsencrypt.org. See the logfile /tmp/tmpy2mllf8d/log or re-run Certbot with -v for more details.

 

 

I am using cloudflare and proxy status is set to DNS only.

And what about "See the logfile /tmp/tmpy2mllf8d/log or re-run Certbot with -v for more details." ? Or perhaps try running it manually please see a couple of posts back.

[mattie112]

On 12/24/2021 at 2:10 PM, lococola said:

I found I couldn't login anymore, no idea why. So I reset my password according to this procedure from github.

But now I lost my entire configuration! Everywhere I go it says "owner is null". Do I have to set it up again from scratch or can this be fixed somehow?

 

edit: and now I can't login anymore... fantastic

Can you still access the (sqlite) database? Are the config files and certs still present?

[mattie112]

On 12/27/2021 at 1:46 PM, plxmediasvr said:

unable to use Custom SSL if you click on SSL Certificates and then choose Custom rather than LetsEncrypt it does absolutely nothing.

app broken on 2 seperate unraid servers. to verify its not on my end and the app backend itself I have done the following:

Restarted.

Uninstalled

Reinstalled

Unsinstalled Again.

Removed the App XML from Flash

Deleted the /appdata installation

Reinstalled 3rd time

Uninstalled

Reinstalled the other guys NGINX PROXY MANAGER by jc21

same thing

pulled out a NUC

created brand new Flash drive.paid another 129 for license

set unraid to use 8008 and 8443. set to Auto, and pulled down LetsEncrypt USB SSL

now that 80/443 not in use, went into router and changed the ip to the new USB.

Rinse and repeat of all the steps above

the Custom was working, and then I did a docker update and it broke.

but different computers, different flash drives, different apps (NGINX REVERSE PROXY MANAGER + NGINX REVERSE PROXY MANAGER OFFICIAL)

I HAVE HSTS ON and set to 1 YEAR for all my domains, meaning I am unable to change back to port 80, and grey the lock out on CFLARE and use LetsEncrypt

I have been using CFLARE with Custom Domain Certs provided from CLFARE using SSL: Full (Strict) until last night

 

So what exactly is the problem? When using custom certificate you need to supply your own certificate/key. Is that cert not working? Are you unable to upload? You can also get a letsencrypt certificate just to get your stuff working again or is there a reason why you cannot do that? 

[zerosk]

I updated to version 2.9.14 today and now I can't log in to my container. To be fair, I haven't tried logging in for a while (about a month), so it's possible it wasn't due to this update.

 

When I click log in after entering my credentials, I get a "Bad Gateway" error just below the password field.

 

I checked the logs and it's a constant stream of

[1/2/2022] [1:03:59 PM] [Global ] › ℹ info Manual db configuration already exists, skipping config creation from environment variables
[1/2/2022] [1:03:59 PM] [Migrate ] › ℹ info Current database version: none
[1/2/2022] [1:03:59 PM] [Global ] › ✖ error certificate.meta.dns_provider_credentials.replaceAll is not a function
[1/2/2022] [1:04:00 PM] [Global ] › ℹ info Manual db configuration already exists, skipping config creation from environment variables
[1/2/2022] [1:04:00 PM] [Migrate ] › ℹ info Current database version: none

 

Over and over again.

 

The container still seems to be working because it's proxying my stuff correctly.

Edited January 2, 2022 by zerosk

[spamalam]

Latest builds seem to be unbootable, and now it refuses to shutdown and is now a hung process. Seems to hang on the second start script.

 

Not even responding to docker stop <containerid>

Edited January 2, 2022 by spamalam

[Djoss]

7 hours ago, zerosk said:

I updated to version 2.9.14 today and now I can't log in to my container. To be fair, I haven't tried logging in for a while (about a month), so it's possible it wasn't due to this update.

 

When I click log in after entering my credentials, I get a "Bad Gateway" error just below the password field.

 

I checked the logs and it's a constant stream of

[1/2/2022] [1:03:59 PM] [Global ] › ℹ info Manual db configuration already exists, skipping config creation from environment variables
[1/2/2022] [1:03:59 PM] [Migrate ] › ℹ info Current database version: none
[1/2/2022] [1:03:59 PM] [Global ] › ✖ error certificate.meta.dns_provider_credentials.replaceAll is not a function
[1/2/2022] [1:04:00 PM] [Global ] › ℹ info Manual db configuration already exists, skipping config creation from environment variables
[1/2/2022] [1:04:00 PM] [Migrate ] › ℹ info Current database version: none

 

Over and over again.

 

The container still seems to be working because it's proxying my stuff correctly.

Update the container again, this should be fixed.

Edited January 3, 2022 by Djoss

[Djoss]

3 hours ago, spamalam said:

Latest builds seem to be unbootable, and now it refuses to shutdown and is now a hung process. Seems to hang on the second start script.

 

Not even responding to docker stop <containerid>

Can you get the container's log ?

Are your other containers responding to docker commands ?

[spamalam]

21 hours ago, Djoss said:

Can you get the container's log ?

Are your other containers responding to docker commands ?

As soon as I get settled in a location and some time, I'll stop, clear my logs, then upgrade and share everything.  It hit the second start script in the web logs then nothing, and it wouldn't respond to shutdown, kill, etc.   Had to do a force kill.

[debit lagos]

Should I (we) squat/hold on installing 2.9.14?  Or, proceed with caution?  

[jeffrey.el]

Since recently me and a friend of mine are also experiencing weird bugs with the container?

For example we have a host which goes through the proxy and it loads fine but then if I click a button on that website it send me to https://<website>:80/page

 

so it adds :80 behind the address? Causing an SSL error... Does anybody maybe know if I can change something to fix this? Downgrading the container failed for me because it gives errors about a migration, so that's not an option..

[tTownTom]

TWO INTANCES OF NGINXPROXYMANAGER RUNNING AT THE SAME TIME?

 

Hi,
I've been using Nginx Proxy Manager for a while, and it's worked great!

 

Yesterday, however, I was trying to access Plex and I was presented the Cloudflare 520 Error: "unknown connection issue between Cloudflare and the origin web server."

 

Checking Cloudflare DNS-settings everything looks right.

When I enter my public IP in the browser, I am presented with the Nginx Proxy Manager default page: "

Congratulations! You've successfully started the Nginx Proxy Manager."

 

If I open the WebUI for Nginx Proxy Manager from my Unraid dashboard everything seems fine.

 

If I stop the Nginx Proxy Manager docker and enter my public IP in the browser, however, I am still presented with the Nginx Default Page - as if there are multiple instances of the docker running, and one is not configured..?

 

I've restarted the docker with no change in results, and I've restarted the Unraid server with no change in results.

Any ideas as to what to do before I go ahead and delete the docker and try re-intalling it?

 

Cheers

[mattie112]

Perhaps your "congratulations" page is cached by Cloudflare? I believe it can do that for static websites. You could for example check the port forwarding on your router, disable that and if the page still loads then you are 100% not serving that page.

 

Also in the commandline you can do "docker ps" to see all containers running, this includes all the ports they listen on so perhaps that might give some insight.

[tTownTom]

13 minutes ago, mattie112 said:

Perhaps your "congratulations" page is cached by Cloudflare? I believe it can do that for static websites. You could for example check the port forwarding on your router, disable that and if the page still loads then you are 100% not serving that page.

 

Also in the commandline you can do "docker ps" to see all containers running, this includes all the ports they listen on so perhaps that might give some insight.

Thanks!

I closed the port, and the "Congratulations" page still showed, so it could seem Cloudflare is indeed caching.

I also ran "docker ps" and there is indeed only one instance of Nginx running.

 

I still don't understand why it's suddenly stopped working, though =/ Everything seems fine, it just does not work anymore..

[mattie112]

I would suggest to get cloudflare out of the equation just to see where the problem might be. I personally don't use cloudflare but I would do something in my pc's host file to force it to your external instead of cloudflare.

Assuming windows: C:\Windows\System32\drivers\etc\hosts (or /etc/hosts on linx)

 

Add

your.domain.name.tlc 1.2.3.4

 

where 1.2.3.4 is either your external ip or your internal npm ip (try both)

 

If that works, then cloudflare (connection) is to blame (somehow) if that doesntwork first debug your own setup.

[tTownTom]

Thanks for your reply, @mattie112

I've tried a few things now, including what you suggested.

 

I also made sure to purge the Cloudflare cache and turn on devoloper mode in Cloudflare, which let's one "see changes to your origin server in realtime.", just to be sure 😛 

 

In a incognito window, to also bypass my browser's cache, I first disabled my router's port forwarding to Nginx and then tried to load the IP. I got a connection timed out error - with the error still up I enabled the port forwarding, and the error page changed over to the Nginx default page ("Congratulations..")

In my mind this proves an issue with the Nginx setup. Would you agree?

Edited January 11, 2022 by tTownTom

[Nexius2]

Hello, I have again the "no relevant user found".

every time I install NPM, I configure it, everything is ok, and when I come back a month or 2 later, can't log in with this message.

I can check in the DB and the account is still there, everything is working, I just can't log in.

I can redo the conf, but it will start again just like it did for the last couple of times.

I'm thinking of changing app because I have to remeber all my conf everytime I redo it.

if a solution exists or anybody has same issue....

[julianbr]

On 1/5/2022 at 8:08 PM, debit lagos said:

Should I (we) squat/hold on installing 2.9.14?  Or, proceed with caution?  

 

I still have issues with v2.9.14. Looks like it is fixed in v2.9.15 but the update ain't available yet in unraid?

[tTownTom]

On 1/11/2022 at 4:14 PM, tTownTom said:

Thanks for your reply, @mattie112

I've tried a few things now, including what you suggested.

 

I also made sure to purge the Cloudflare cache and turn on devoloper mode in Cloudflare, which let's one "see changes to your origin server in realtime.", just to be sure 😛 

 

In a incognito window, to also bypass my browser's cache, I first disabled my router's port forwarding to Nginx and then tried to load the IP. I got a connection timed out error - with the error still up I enabled the port forwarding, and the error page changed over to the Nginx default page ("Congratulations..")

In my mind this proves an issue with the Nginx setup. Would you agree?

UPDATE:
I deleted the docker and installed the Nginx-Proxy-Manager-Official docker instead.

Now everyting works. No idea as to why. But hey..!

[julianbr]

22 hours ago, tTownTom said:

UPDATE:
I deleted the docker and installed the Nginx-Proxy-Manager-Official docker instead.

Now everyting works. No idea as to why. But hey..!

 

I think it's because the official docker is running v2.9.15 and this is still on v2.9.14. @Djoss Do you plan to update this to v2.9.15 in the near future?

Edited January 21, 2022 by julianbr

[mgadbois]

New setup - new \unRAID user...

Running unRAID 6.9.2 Trying to install Nginx docker in unRAID. Installed without issue using default settings.

 

Network is a Ubiquiti UDM Pro SE on current version with these port forwarding rules.

 

When I try and add a SSL cert in Nginx I get this error..

Error: Command failed: certbot certonly --config "/etc/letsencrypt.ini" --cert-name "npm-16" --agree-tos --authenticator webroot --email "[email protected]" --preferred-challenges "dns,http" --domains "XXXXXX.com" Saving debug log to /var/log/letsencrypt/letsencrypt.log Some challenges have failed. Ask for help or search for solutions at https://community.letsencrypt.org. See the logfile /var/log/letsencrypt/letsencrypt.log or re-run Certbot with -v for more details. at ChildProcess.exithandler (node:child_process:397:12) at ChildProcess.emit (node:events:390:28) at maybeClose (node:internal/child_process:1064:16)

 

 

Not sure what is going on here. It is stopping me from finishing the setup on vaultwarden (as I need a cert for that docker) and nextcloud.

 

I am using Cloudflare as my DNS and my domain is registered with them. I also have CNAMES for bitwarden and nextcloud that do resolved to my home IP.

 

Thoughts???

[Tucubanito07]

On 1/23/2022 at 11:41 AM, mgadbois said:

New setup - new \unRAID user...

Running unRAID 6.9.2 Trying to install Nginx docker in unRAID. Installed without issue using default settings.

 

Network is a Ubiquiti UDM Pro SE on current version with these port forwarding rules.

 

When I try and add a SSL cert in Nginx I get this error..

Error: Command failed: certbot certonly --config "/etc/letsencrypt.ini" --cert-name "npm-16" --agree-tos --authenticator webroot --email "[email protected]" --preferred-challenges "dns,http" --domains "XXXXXX.com" Saving debug log to /var/log/letsencrypt/letsencrypt.log Some challenges have failed. Ask for help or search for solutions at https://community.letsencrypt.org. See the logfile /var/log/letsencrypt/letsencrypt.log or re-run Certbot with -v for more details. at ChildProcess.exithandler (node:child_process:397:12) at ChildProcess.emit (node:events:390:28) at maybeClose (node:internal/child_process:1064:16)

 

 

Not sure what is going on here. It is stopping me from finishing the setup on vaultwarden (as I need a cert for that docker) and nextcloud.

 

I am using Cloudflare as my DNS and my domain is registered with them. I also have CNAMES for bitwarden and nextcloud that do resolved to my home IP.

 

Thoughts???

If you are using NginxProxyManager, you don't port forward 444 on the UDM Pro. You port forward the port for NginxProxyManager. That is the reason why you are not getting a certificate. Forward the port for NginxProxyManager and try again.

[johnmick]

Is there any way to upload and auto update ssl certification files from unraid server instead of uploading from my computer?

[mattie112]

Sure, NPM uses a docker volume (/mnt/user/appdata/NginxProxyManager) by default so you can just `cp` files from the Unraid CLI. You need to check the exact folders / locations not 100% sure about that.

[mattie112]

Can you access your domain externally on port 80? (unsecured http)