Need help with reverse proxy setup

    This site uses cookies. By continuing to browse this site, you are agreeing to our Cookie Policy.

    • Need help with reverse proxy setup

      First let me say that OMV is fantastic! I've been able to move a bunch of things I've had going on an old Pogoplug, Raspberry Pi, and Win7 machine over to OMV with very little effort. This is simplifying my life significantly!

      I'm trying to get reverse proxy going for some of these services (most importantly Home Assistant) and am running into trouble. I have the DuckDNS container running fine. I have the Let's Encrypt container running as well as explained in @TechnoDadLife video:



      Unfortunately I can't get the Home Assistant reverse proxy to work. I do have the Home Assistant container running with the extra '--network my-net' option and the web page is server on port 8123. I'm certain it has everything to do with the conf file but I am uncertain what should be in it. HA does have information on this at:

      home-assistant.io/docs/ecosystem/nginx/

      On that page they offer this conf file:

      Source Code

      1. map $http_upgrade $connection_upgrade {
      2. default upgrade;
      3. '' close;
      4. }
      5. server {
      6. # Update this line to be your domain
      7. server_name example.com;
      8. # These shouldn't need to be changed
      9. listen [::]:80 default_server ipv6only=off;
      10. return 301 https://$host$request_uri;
      11. }
      12. server {
      13. # Update this line to be your domain
      14. server_name example.com;
      15. # Ensure these lines point to your SSL certificate and key
      16. ssl_certificate /etc/letsencrypt/live/example.com/fullchain.pem;
      17. ssl_certificate_key /etc/letsencrypt/live/example.com/privkey.pem;
      18. # Use these lines instead if you created a self-signed certificate
      19. # ssl_certificate /etc/nginx/ssl/cert.pem;
      20. # ssl_certificate_key /etc/nginx/ssl/key.pem;
      21. # Ensure this line points to your dhparams file
      22. ssl_dhparam /etc/nginx/ssl/dhparams.pem;
      23. # These shouldn't need to be changed
      24. listen [::]:443 default_server ipv6only=off; # if your nginx version is >= 1.9.5 you can also add the "http2" flag here
      25. add_header Strict-Transport-Security "max-age=31536000; includeSubdomains";
      26. ssl on;
      27. ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
      28. ssl_ciphers "EECDH+AESGCM:EDH+AESGCM:AES256+EECDH:AES256+EDH:!aNULL:!eNULL:!EXPORT:!DES:!MD5:!PSK:!RC4";
      29. ssl_prefer_server_ciphers on;
      30. ssl_session_cache shared:SSL:10m;
      31. proxy_buffering off;
      32. location / {
      33. proxy_pass http://localhost:8123;
      34. proxy_set_header Host $host;
      35. proxy_redirect http:// https://;
      36. proxy_http_version 1.1;
      37. proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
      38. proxy_set_header Upgrade $http_upgrade;
      39. proxy_set_header Connection $connection_upgrade;
      40. }
      41. }
      Display All
      Other than changing the server_name options to 'mycoolsubdomain.duckdns.org' and pointing to my ssl .pem files, is there anything else I need to do?

      I know you guys are busy, but can someone please help me get this going? This is the final thing I need to do and everything will be in place. Thanks for your time!
    • Digging in further and I'm seeing this in my let's encrypt logs (over and over again):

      Source Code

      1. nginx: [emerg] the size 10485760 of shared memory zone "SSL" conflicts with already declared size 52428800 in /config/nginx/proxy-confs/homeassistant.subdomain.conf:37


      Line 37 from homeassistant.subdomain.conf reads:

      Source Code

      1. ssl_session_cache shared:SSL:10m;
      What does this mean? Do I need it?
    • So I decided to start over and use something that seems supported out of the box. I am already using SABNZB so I decided to give that a try. I ued the predefined site conf for SABNZB. I made sure that Let's Encrypt is running as --network my-network and that SABNZB is also on --network my-network . I edited the conf file and only changed the line:

      Source Code

      1. server_name mycoolsubdomain.*;
      I restarted Lets Encrypt and went to mycoolsubdomain.duckdns.org and I'm still getting the welcome message. I really can't understand what I could be doing wrong. I tried to simplify things by moving OMV to port 90 and forwarding both 80 and 443 to the OMV server from my router. I also made those port changes in LetsEncrypt. My LetsEncrypt logs look like I think they should:

      Brainfuck Source Code

      1. -------------------------------------
      2. _ ()
      3. | | ___ _ __
      4. | | / __| | | / \
      5. | | \__ \ | | | () |
      6. |_| |___/ |_| \__/
      7. Brought to you by linuxserver.io
      8. We gratefully accept donations at:
      9. https://www.linuxserver.io/donate/
      10. -------------------------------------
      11. GID/UID
      12. -------------------------------------
      13. User uid: 1000
      14. User gid: 100
      15. -------------------------------------
      16. [cont-init.d] 10-adduser: exited 0.
      17. [cont-init.d] 20-config: executing...
      18. [cont-init.d] 20-config: exited 0.
      19. [cont-init.d] 30-keygen: executing...
      20. using keys found in /config/keys
      21. [cont-init.d] 30-keygen: exited 0.
      22. [cont-init.d] 50-config: executing...
      23. Variables set:
      24. PUID=1000
      25. PGID=100
      26. TZ=America/Chicago
      27. URL=duckdns.org
      28. SUBDOMAINS=mycoolsubdomain
      29. EXTRA_DOMAINS=
      30. ONLY_SUBDOMAINS=true
      31. DHLEVEL=2048
      32. VALIDATION=http
      33. DNSPLUGIN=
      34. EMAIL=mycoolsubdomain@gmail.com
      35. STAGING=
      36. 2048 bit DH parameters present
      37. SUBDOMAINS entered, processing
      38. SUBDOMAINS entered, processing
      39. Only subdomains, no URL in cert
      40. Sub-domains processed are: -d mycoolsubdomain.duckdns.org
      41. E-mail address entered: mycoolsubdomain@gmail.com
      42. http validation is selected
      43. Certificate exists; parameters unchanged; attempting renewal
      44. <------------------------------------------------->
      45. <------------------------------------------------->
      46. cronjob running on Sun Sep 9 14:33:17 CDT 2018
      47. Running certbot renew
      48. Saving debug log to /var/log/letsencrypt/letsencrypt.log
      49. - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
      50. Processing /etc/letsencrypt/renewal/mycoolsubdomain.duckdns.org.conf
      51. - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
      52. Cert not yet due for renewal
      53. - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
      54. The following certs are not due for renewal yet:
      55. /etc/letsencrypt/live/mycoolsubdomain.duckdns.org/fullchain.pem expires on 2018-12-07 (skipped)
      56. No renewals were attempted.
      57. No hooks were run.
      58. - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
      59. [cont-init.d] 50-config: exited 0.
      60. [cont-init.d] done.
      61. [services.d] starting services
      62. [services.d] done.
      63. Server ready
      Display All
      I'm hoping it's something obvious and one of you guys can spot it. I'm scratching my head on this. Thanks for your time.
    • Went ahead and installed Mariadb and Next Cloud as instructed by @TechnoDadLife video and got that up and running no problem. Went through the steps to set up reverse proxy in the next video and followed every step. Still getting the Welcome screen instead of Next Cloud. Wow. I cannot figure out what I might be doing wrong.

      I'm willing to buy someone a couple beers via Paypal if they can just give me a hand with this.
    • Pretty disappointed that no one could offer any suggestions.

      I took a different path and used Caddy Server in case someone stumbles on this post in the future with the same problems. Caddy is much much easier to set up and has a very active,friendly, and helpful community.
    • OMV 4.1.11 x64 on a HP T510, 16GB CF as Boot Disk & 32GB SSD 2,5" disk for Data, 4 GB RAM, CPU VIA EDEN X2 U4200 is x64 at 1GHz

      Post: HPT510 SlimNAS ; HOWTO Install Pi-Hole ; HOWTO install MLDonkey ; HOHTO Install ZFS-Plugin ; OMV_OldGUI ; ShellinaBOX ;
      Dockers: MLDonkey ; PiHole ; weTTY
      Videos: @TechnoDadLife