need some help to configure Letsencrypt reverse proxy

    This site uses cookies. By continuing to browse this site, you are agreeing to our Cookie Policy.

    • need some help to configure Letsencrypt reverse proxy

      Hello to all, first a little introduction:

      I have several dockers installed on OMV, and my goal is to access it from outside (internet) usingo only port 443 & 80 in the subfoldred way.

      eg:

      mydnsprovidet.com/OMV or mydnsprovidet.com/glances.

      So I installed letsencrypt docker that have 2 good things, 1 a cert for my mydnsprovidet.com and 2 a reverse proxy that if configured in a proper way can solve my needs.

      some previos info:

      I have the next dockers / URL that need to acces:

      1 - pihole : 192.168.1.11:80 <- is in macvlan mode
      2 - glances : omv.local:61208 or 192.168.1.9:61208
      3 - transmission : omv.local:9090/transmission/web or 192.168.1.9:9090/transmission/web
      4 - mldonkey : omv.local:4080 or 192.168.1.9:4080
      5 - hehimdall : omv.local:82 or 192.168.1.9:82

      and finally:

      6 - OMV : http://omv.local or http://192.168.1.9 & https://omv.local or https://192.168.1.9




      in Letsencrypt docker I sucessfully generate a htpasswd and I can reach to default server:



      But I can/ access to subfolder /omv:



      OMV 4.1.11 x64 on a HP T510, 16GB CF as Boot Disk & 32GB SSD 2,5" disk for Data, 4 GB RAM, CPU VIA EDEN X2 U4200 is x64 at 1GHz

      Post: HPT510 SlimNAS ; HOWTO Install Pi-Hole ; HOWTO install MLDonkey ; HOHTO Install ZFS-Plugin ; OMV_OldGUI ; ShellinaBOX ;
      Dockers: MLDonkey ; PiHole ; weTTY
      Videos: @TechnoDadLife

      The post was edited 1 time, last by raulfg3 ().

    • I need to modyfy defaut config file for nginx that reside inside the letsencrypt container and need some help, can enyone can help or guide me to properly configure to show as default web page the heimdall URL = 192.168.1.9:82 and load the omv subfolder module when use https://mydnsprovidet.com/omv

      PD: atached files (default.txt )

      C Source Code

      1. ## Version 2018/04/20 - Changelog: https://github.com/linuxserver/docker-letsencrypt/commits/master/root/defaults/default
      2. # listening on port 80 disabled by default, remove the "#" signs to enable
      3. # redirect all traffic to https
      4. #server {
      5. # listen 80;
      6. # server_name _;
      7. # return 301 https://$host$request_uri;
      8. #}
      9. # main server block
      10. server {
      11. listen 443 ssl default_server;
      12. root /config/www;
      13. index index.html index.htm index.php;
      14. server_name mydnsprovidet.com;
      15. # enable subfolder method reverse proxy confs
      16. include /config/nginx/proxy-confs/*.subfolder.conf;
      17. # all ssl related config moved to ssl.conf
      18. include /config/nginx/ssl.conf;
      19. client_max_body_size 0;
      20. location / {
      21. try_files $uri $uri/ /index.html /index.php?$args =404;
      22. }
      23. location ~ \.php$ {
      24. fastcgi_split_path_info ^(.+\.php)(/.+)$;
      25. # With php7-cgi alone:
      26. fastcgi_pass 127.0.0.1:9000;
      27. # With php7-fpm:
      28. #fastcgi_pass unix:/var/run/php7-fpm.sock;
      29. fastcgi_index index.php;
      30. include /etc/nginx/fastcgi_params;
      31. }
      32. # sample reverse proxy config for password protected OMV running at IP rdns.local port 4443 with base url "omv"
      33. # notice this is within the same server block as the base
      34. # don't forget to generate the .htpasswd file as described on docker hub
      35. # location ^~ /omv {
      36. # auth_basic "Restricted";
      37. # auth_basic_user_file /config/nginx/.htpasswd;
      38. # include /config/nginx/proxy.conf;
      39. # proxy_pass https://192.168.1.9:4443;
      40. # }
      41. #
      42. #}
      43. # sample reverse proxy config without url base, but as a subdomain "cp", ip and port same as above
      44. # notice this is a new server block, you need a new server block for each subdomain
      45. #server {
      46. # listen 443 ssl;
      47. #
      48. # root /config/www;
      49. # index index.html index.htm index.php;
      50. #
      51. # server_name cp.*;
      52. #
      53. # include /config/nginx/ssl.conf;
      54. #
      55. # client_max_body_size 0;
      56. #
      57. # location / {
      58. # auth_basic "Restricted";
      59. # auth_basic_user_file /config/nginx/.htpasswd;
      60. # include /config/nginx/proxy.conf;
      61. # proxy_pass http://192.168.1.50:5050;
      62. # }
      63. #}
      64. # enable subdomain method reverse proxy confs
      65. #include /config/nginx/proxy-confs/*.subdomain.conf;
      66. }
      Display All


      and:


      Source Code

      1. # replace HOSTIP below with the IP address of your omv server
      2. # to enable password access, uncomment the two auth_basic lines
      3. location /omv {
      4. auth_basic "Restricted";
      5. auth_basic_user_file /config/nginx/.htpasswd;
      6. include /config/nginx/proxy.conf;
      7. proxy_pass https://192.168.1.9:4443;
      8. proxy_set_header Range $http_range;
      9. proxy_set_header If-Range $http_if_range;
      10. proxy_set_header Upgrade $http_upgrade;
      11. proxy_set_header Connection $http_connection;
      12. }
      Display All
      Files
      OMV 4.1.11 x64 on a HP T510, 16GB CF as Boot Disk & 32GB SSD 2,5" disk for Data, 4 GB RAM, CPU VIA EDEN X2 U4200 is x64 at 1GHz

      Post: HPT510 SlimNAS ; HOWTO Install Pi-Hole ; HOWTO install MLDonkey ; HOHTO Install ZFS-Plugin ; OMV_OldGUI ; ShellinaBOX ;
      Dockers: MLDonkey ; PiHole ; weTTY
      Videos: @TechnoDadLife

      The post was edited 1 time, last by raulfg3 ().

    • I need to modyfy defaut config file for nginx that reside inside the letsencrypt container and need some help, can enyone can help or guide me to properly configure to show as default web page the heimdall URL = 192.168.1.9:82 and load the omv subfolder module when use https://mydnsprovidet.com/omv

      PD: atached files (default.txt )

      C Source Code

      1. ## Version 2018/04/20 - Changelog: https://github.com/linuxserver/docker-letsencrypt/commits/master/root/defaults/default
      2. # listening on port 80 disabled by default, remove the "#" signs to enable
      3. # redirect all traffic to https
      4. #server {
      5. # listen 80;
      6. # server_name _;
      7. # return 301 https://$host$request_uri;
      8. #}
      9. # main server block
      10. server {
      11. listen 443 ssl default_server;
      12. root /config/www;
      13. index index.html index.htm index.php;
      14. server_name mydnsprovidet.com;
      15. # enable subfolder method reverse proxy confs
      16. include /config/nginx/proxy-confs/*.subfolder.conf;
      17. # all ssl related config moved to ssl.conf
      18. include /config/nginx/ssl.conf;
      19. client_max_body_size 0;
      20. location / {
      21. try_files $uri $uri/ /index.html /index.php?$args =404;
      22. }
      23. location ~ \.php$ {
      24. fastcgi_split_path_info ^(.+\.php)(/.+)$;
      25. # With php7-cgi alone:
      26. fastcgi_pass 127.0.0.1:9000;
      27. # With php7-fpm:
      28. #fastcgi_pass unix:/var/run/php7-fpm.sock;
      29. fastcgi_index index.php;
      30. include /etc/nginx/fastcgi_params;
      31. }
      32. # sample reverse proxy config for password protected OMV running at IP rdns.local port 4443 with base url "omv"
      33. # notice this is within the same server block as the base
      34. # don't forget to generate the .htpasswd file as described on docker hub
      35. # location ^~ /omv {
      36. # auth_basic "Restricted";
      37. # auth_basic_user_file /config/nginx/.htpasswd;
      38. # include /config/nginx/proxy.conf;
      39. # proxy_pass https://192.168.1.9:4443;
      40. # }
      41. #
      42. #}
      43. # sample reverse proxy config without url base, but as a subdomain "cp", ip and port same as above
      44. # notice this is a new server block, you need a new server block for each subdomain
      45. #server {
      46. # listen 443 ssl;
      47. #
      48. # root /config/www;
      49. # index index.html index.htm index.php;
      50. #
      51. # server_name cp.*;
      52. #
      53. # include /config/nginx/ssl.conf;
      54. #
      55. # client_max_body_size 0;
      56. #
      57. # location / {
      58. # auth_basic "Restricted";
      59. # auth_basic_user_file /config/nginx/.htpasswd;
      60. # include /config/nginx/proxy.conf;
      61. # proxy_pass http://192.168.1.50:5050;
      62. # }
      63. #}
      64. # enable subdomain method reverse proxy confs
      65. #include /config/nginx/proxy-confs/*.subdomain.conf;
      66. }
      Display All



      and:


      Source Code

      1. # replace HOSTIP below with the IP address of your omv server
      2. # to enable password access, uncomment the two auth_basic lines
      3. location /omv {
      4. auth_basic "Restricted";
      5. auth_basic_user_file /config/nginx/.htpasswd;
      6. include /config/nginx/proxy.conf;
      7. proxy_pass https://192.168.1.9:4443;
      8. proxy_set_header Range $http_range;
      9. proxy_set_header If-Range $http_if_range;
      10. proxy_set_header Upgrade $http_upgrade;
      11. proxy_set_header Connection $http_connection;
      12. }
      Display All




      I suppose that if finally I can configure correctly, I can acces my dockers from internet in this way:

      Source Code

      1. https://mydnsprovidet.com/omv
      2. http://mydnsprovidet.com/pihole
      3. http://mydnsprovidet.com/glances
      4. http://mydnsprovidet.com/transmission/web
      5. http://mydnsprovidet.com/mldonkey
      6. http://mydnsprovidet.com/heimdall
      Display All




      and my next goal can be to configure all dockers to access by https like letsencrytp describe on:
      Images
      • 1.jpg

        196.95 kB, 905×844, viewed 156 times
      OMV 4.1.11 x64 on a HP T510, 16GB CF as Boot Disk & 32GB SSD 2,5" disk for Data, 4 GB RAM, CPU VIA EDEN X2 U4200 is x64 at 1GHz

      Post: HPT510 SlimNAS ; HOWTO Install Pi-Hole ; HOWTO install MLDonkey ; HOHTO Install ZFS-Plugin ; OMV_OldGUI ; ShellinaBOX ;
      Dockers: MLDonkey ; PiHole ; weTTY
      Videos: @TechnoDadLife

      The post was edited 1 time, last by raulfg3 ().

    • I need to modyfy defaut config file for nginx that reside inside the letsencrypt container and need some help, can enyone can help or guide me to properly configure to show as default web page the heimdall URL = 192.168.1.9:82 and load the omv subfolder module when use https://mydnsprovidet.com/omv
      OMV 4.1.11 x64 on a HP T510, 16GB CF as Boot Disk & 32GB SSD 2,5" disk for Data, 4 GB RAM, CPU VIA EDEN X2 U4200 is x64 at 1GHz

      Post: HPT510 SlimNAS ; HOWTO Install Pi-Hole ; HOWTO install MLDonkey ; HOHTO Install ZFS-Plugin ; OMV_OldGUI ; ShellinaBOX ;
      Dockers: MLDonkey ; PiHole ; weTTY
      Videos: @TechnoDadLife
    • Hello you two,

      Firs of all, I try this two videos of @TechnoDadLife and it works very well, Letsencrypt/Nginx(reverse proxy)/Nextcloud.

      Now, I want to work the Letsencrypt container with other containers like @raulfg3 want to do. Did you get it?

      I have some doubts;

      If I create a domain in duckdns, for example "omvserver.duckdns.org", can I use it (only one domain) in differents docker containers changing the right files? For example, for plex "omvserver.duckdns.org/plex", for nextcloud "omvserver.duckdns.org/nextcloud", for transmission "omvserver.duckdns.org/transmission", and in this way for all containers I want.

      I understand that with opening port 80 for Letsencrypt validation and por 443 for nginx reverse proxy is enough, I´m right?

      I read this how to of Linuxserver.io, but the las steps I don´t understand very well, how can use the /"dockercontainer" to get the different web services of my OMV server.

      Thanks!
      Addicted to OMV
    • I try some configurations with the Letsencrypt/Nginx(reverse proxy)/Nextcloud configurations. As I said in the previous post, this configuration is running find, I can access to Nextcloud by myserver.duckdns.org.

      I want to access by myserver.duckdns.org/nextcloud, so for that I change some files to try it, but it doesn´t run.

      In the file "nextcloud.subdomain.conf" I change this:

      Source Code

      1. location / {
      2. proxy_pass https://$upstream_nextcloud:443;
      to:

      Source Code

      1. location /nextcloud {
      2. proxy_pass https://$upstream_nextcloud:443/nextcloud;

      And already try without 443/nextcloud in the proxy_pass line.



      Also I change the file "config.php" of the Nextcloud container, I change this:


      Source Code

      1. ´overwrite.cli.url´ => ´https://myserver.duckdns.org/nextcloud´,

      And add to the video file, as I see in this link about nextcloud Configuration Parameters:

      Source Code

      1. 'overwritewebroot' => ´/nextcloud´,

      I don´t know, but maybe I have to change another fiels or another parameters.

      Thank you in advance!
      Addicted to OMV

      The post was edited 1 time, last by tzinm ().

    • I see the same videos and still waiting the next that explain how to use heimdall and letsencrypt instead nextcloud & letsencryt

      configure nginx properly is my fault and still I do not know how to do it.
      OMV 4.1.11 x64 on a HP T510, 16GB CF as Boot Disk & 32GB SSD 2,5" disk for Data, 4 GB RAM, CPU VIA EDEN X2 U4200 is x64 at 1GHz

      Post: HPT510 SlimNAS ; HOWTO Install Pi-Hole ; HOWTO install MLDonkey ; HOHTO Install ZFS-Plugin ; OMV_OldGUI ; ShellinaBOX ;
      Dockers: MLDonkey ; PiHole ; weTTY
      Videos: @TechnoDadLife
    • tzinm wrote:

      I read this how to of Linuxserver.io, but the las steps I don´t understand very well, how can use the /"dockercontainer" to get the different web services of my OMV server.

      Thanks!
      This guide is out of date, because the container had to be changed for security reasons, so that guide doesn't work.
      Build, Learn, Create.

      How to Videos for OMV

      Post any questions to the forum, so others can benefit from your curiosity. :thumbsup:
    • tzinm wrote:

      If I create a domain in duckdns, for example "omvserver.duckdns.org", can I use it (only one domain) in differents docker containers changing the right files? For example, for plex "omvserver.duckdns.org/plex", for nextcloud "omvserver.duckdns.org/nextcloud", for transmission "omvserver.duckdns.org/transmission", and in this way for all containers I want.
      Nextcloud needs to be by its self for the best security. For everything else, add another duckdns domain and then you can do /plex or what ever.
      Build, Learn, Create.

      How to Videos for OMV

      Post any questions to the forum, so others can benefit from your curiosity. :thumbsup:
    • raulfg3 wrote:

      I see the same videos and still waiting the next that explain how to use heimdall and letsencrypt instead nextcloud & letsencryt

      configure nginx properly is my fault and still I do not know how to do it.

      TechnoDadLife wrote:

      tzinm wrote:

      If I create a domain in duckdns, for example "omvserver.duckdns.org", can I use it (only one domain) in differents docker containers changing the right files? For example, for plex "omvserver.duckdns.org/plex", for nextcloud "omvserver.duckdns.org/nextcloud", for transmission "omvserver.duckdns.org/transmission", and in this way for all containers I want.
      Nextcloud needs to be by its self for the best security. For everything else, add another duckdns domain and then you can do /plex or what ever.

      This weekend I try different configurations and I read different post of how to nextcloud works with subfolders in nginx proxy reverse, and the conclusion is that I will use one subdomain for nextcloud and other for the rest of services with subfolders.

      By the way, good videos @TechnoDadLife.
      Addicted to OMV
    • Can someone please tell me how to configure the reverse proxy with other docker containers? I'm wanting to do this with Home Assistant, Plex, SabNZB, etc. I've got duckdns and letsencrypt all working as shown on the video but it's the last bit where the open cloud configuration is edited that I think the problem lies. How does that translate to other programs and their configuration files?

      I am running the container I'm trying to connect to with the my-net additional parameters. I have a subdomain like myhomeassistant.duckdns.org set up. When I go to it I get a welcome message saying that the website is currently being set up.

      This is the last piece of the puzzle for me and would really appreciate some help.
    • same situation here.

      waiting some help

      I know that must edit files on letsencrypt/nginx/proxy-confs and delete .sample, so it end at .conf, but still need some help to edit this files because is not as easy as rename at all.

      eg: file: transmission.subfolder.conf


      inside it is:

      Source Code

      1. # transmission does not require a base url setting
      2. location /transmission {
      3. # enable the next two lines for http auth
      4. #auth_basic "Restricted";
      5. #auth_basic_user_file /config/nginx/.htpasswd;
      6. # enable the next two lines for ldap auth, also customize and enable ldap.conf in the default conf
      7. #auth_request /auth;
      8. #error_page 401 =200 /login;
      9. include /config/nginx/proxy.conf;
      10. resolver 127.0.0.1 valid=30s;
      11. set $upstream_transmission transmission;
      12. proxy_pass http://$upstream_transmission:9091;
      Display All
      OMV 4.1.11 x64 on a HP T510, 16GB CF as Boot Disk & 32GB SSD 2,5" disk for Data, 4 GB RAM, CPU VIA EDEN X2 U4200 is x64 at 1GHz

      Post: HPT510 SlimNAS ; HOWTO Install Pi-Hole ; HOWTO install MLDonkey ; HOHTO Install ZFS-Plugin ; OMV_OldGUI ; ShellinaBOX ;
      Dockers: MLDonkey ; PiHole ; weTTY
      Videos: @TechnoDadLife
    • some updates, finally i modify /home/letsencrypt/nginx/proxy-confs/*.conf files to make work 2 services,

      wetty & transmission

      so I can access from outside to this sevices typing:

      mysubdomain.duckdns.org/wetty and mysubdomain.duckdns.org/transmission

      I atach my conf files to be revised for other users.

      PD: delete the last .txt in file, is only usefull to upload to this post.
      Files
      OMV 4.1.11 x64 on a HP T510, 16GB CF as Boot Disk & 32GB SSD 2,5" disk for Data, 4 GB RAM, CPU VIA EDEN X2 U4200 is x64 at 1GHz

      Post: HPT510 SlimNAS ; HOWTO Install Pi-Hole ; HOWTO install MLDonkey ; HOHTO Install ZFS-Plugin ; OMV_OldGUI ; ShellinaBOX ;
      Dockers: MLDonkey ; PiHole ; weTTY
      Videos: @TechnoDadLife
    • no.

      As I say I do not manage nginx so only can share my experience, and my steps are to use mydomain.duckdns.org/transmission and not transmission.mywebsite.com sorry.
      OMV 4.1.11 x64 on a HP T510, 16GB CF as Boot Disk & 32GB SSD 2,5" disk for Data, 4 GB RAM, CPU VIA EDEN X2 U4200 is x64 at 1GHz

      Post: HPT510 SlimNAS ; HOWTO Install Pi-Hole ; HOWTO install MLDonkey ; HOHTO Install ZFS-Plugin ; OMV_OldGUI ; ShellinaBOX ;
      Dockers: MLDonkey ; PiHole ; weTTY
      Videos: @TechnoDadLife