[HOW TO] install Nginx Reverse Proxy in CS with Let's Encrypt Certificate

Post Reply
User avatar
oyvindo
Experience counts
Posts: 1399
Joined: Tue May 19, 2009 2:08 am
Location: Norway, Oslo

Re: [How To] install Nginx Reverse Proxy in CS with Let's Encrypt Certificate

Post by oyvindo »

Your Proxy Host destination is set up to use SSL. That's not according to my guide unless you deliberately wish to disable HTTP access.
Also, why do you forward 49157 to 443 ?
ImageImageImage
SirDarknight
New here
Posts: 2
Joined: Sat Jul 17, 2021 3:59 pm

Re: [How To] install Nginx Reverse Proxy in CS with Let's Encrypt Certificate

Post by SirDarknight »

oyvindo wrote: Mon Jul 19, 2021 10:28 pm Your Proxy Host destination is set up to use SSL. That's not according to my guide unless you deliberately wish to disable HTTP access.
Also, why do you forward 49157 to 443 ?
My bad. Changing it to http solved the problem. As for the port, it was automatically added, I didn't do it.

Thank you so much, man! This was bugging me for a while.
User avatar
oyvindo
Experience counts
Posts: 1399
Joined: Tue May 19, 2009 2:08 am
Location: Norway, Oslo

Re: [How To] install Nginx Reverse Proxy in CS with Let's Encrypt Certificate

Post by oyvindo »

Glad to hear that it worked out for you.
Enjoy and stay safe

Sent fra min SM-G996B via Tapatalk

ImageImageImage
alexkiddd
New here
Posts: 5
Joined: Wed Aug 04, 2021 5:21 am

Re: [How To] install Nginx Reverse Proxy in CS with Let's Encrypt Certificate

Post by alexkiddd »

Hi there oyvindo! I am trying to setup a nginx rp by following your guide but after creating the container when I try to access the admin interface a webpage shows up saying that If you see this page, the nginx web server is successfully installed and working. Further configuration is required. I didn't insert the variables as I don't know what is the code for my country, maybe thats the problem?

EDIT: I have found the problem, if I set the ports you mentioned the web interface doesn't work, don't know why...

Thanks!
sahara101
Starting out
Posts: 13
Joined: Thu Apr 23, 2015 2:15 pm

Re: [How To] install Nginx Reverse Proxy in CS with Let's Encrypt Certificate

Post by sahara101 »

Hello,

I have configured this successfully. But unfortunately I have my domain from my ISP, I cannot use subdomains for it. How could I use mydomain.com/transmission instead of transmission.mydomain.com ?

Thanks!
User avatar
oyvindo
Experience counts
Posts: 1399
Joined: Tue May 19, 2009 2:08 am
Location: Norway, Oslo

Re: [How To] install Nginx Reverse Proxy in CS with Let's Encrypt Certificate

Post by oyvindo »

I find it strange that your domain provider does not "allow" creation of subdomains? I have never heard of that! Perhaps it's time to change to a different provider?
And a service provider (ISP) is not the same as a domain provider. It can be, but doesn't have to be. You can have both.

Having said that - it is of course possible to ti what you ask. You have to modify your custom.conf accordingly.
I have never done that myself, so I cannot give you the exact syntax, but read up on the Apache docs and I'm sure you can find it out.
ImageImageImage
sahara101
Starting out
Posts: 13
Joined: Thu Apr 23, 2015 2:15 pm

Re: [How To] install Nginx Reverse Proxy in CS with Let's Encrypt Certificate

Post by sahara101 »

Hi, was kind of late last night. ISP is offering a free domain for all its users. it is directly a sub domain. xx.go.ro

Thanks
Norcino
Starting out
Posts: 31
Joined: Fri May 20, 2016 1:56 am

Re: [How To] install Nginx Reverse Proxy in CS with Let's Encrypt Certificate

Post by Norcino »

:DD :DD :DD :DD :DD :DD :DD :DD :DD :DD :DD
From me just a HUGE thank you, it worked first try, and I am already using it, I love it!

I struggled hours trying to do the same in my DDWRT, and I ended up giving intermittently up...
User avatar
oyvindo
Experience counts
Posts: 1399
Joined: Tue May 19, 2009 2:08 am
Location: Norway, Oslo

Re: [How To] install Nginx Reverse Proxy in CS with Let's Encrypt Certificate

Post by oyvindo »

Great! 🙂
Have fun 👍
ImageImageImage
t33m3r
First post
Posts: 1
Joined: Sat Oct 23, 2021 6:07 pm

Re: [How To] install Nginx Reverse Proxy in CS with Let's Encrypt Certificate

Post by t33m3r »

Thanks so much for the guide, I was able to get things up and running as a total noob. :geek:

As for cert rotation, I've read somewhere that can be automated with certbot. Or is the container supposed to handle all that on it's own? Based on some of your other posts, the auto cert rotation has varying degrees of success.

If I wanted to set up DNS challenge so that I could use a wildcard cert. Do you know what the best way of setting that up might be? :mrgreen:
User avatar
oyvindo
Experience counts
Posts: 1399
Joined: Tue May 19, 2009 2:08 am
Location: Norway, Oslo

Re: [How To] install Nginx Reverse Proxy in CS with Let's Encrypt Certificate

Post by oyvindo »

There are several ways to renew the certificates. If you used the built-in QNAP certificate generation feature as described in this guide, it offers an automated update feature. However, for it to work, you internet firewall (router) has to point port 80 and 443 to the NAS. That may not be desirable unless you have the NAS in a DMZ.
An alternative is to use NGINX Proxy Manager to handle the update, or - as you said - some other certbot.
ImageImageImage
nasnoob
Getting the hang of things
Posts: 74
Joined: Sun Jun 21, 2009 4:31 pm

Re: [How To] install Nginx Reverse Proxy in CS with Let's Encrypt Certificate

Post by nasnoob »

I haven’t been able to figure out how to use alias names when creating Let’s Encrypt certificates using Jamie’s Proxy Manager. Maybe you can tell me?
Also, I haven’t successfully been able to verify that the renew procedure actually works – neither automatically nor manually. Maybe you can share your experience?

[Edit] 25.march 2021 - I have renewed my certificates manually several times using Nginx, with varying degree of success. My experience is that it takes time - sometimes several minutes. Often it fails, and you just have to retry. I've even experienceed that the process is completed successfully but without the 'success' notification. Check the folder location where your certificates are stored to see if a new folder has been created. If it has, then you're probably OK.
Hello all

Just through i'd share my experience with this.

1) I'm now using the latest image from jc21/nginx-proxy-manager as this appears to be the latest official image source (https://nginxproxymanager.com/guide/#ho ... me-network). This package has resolved my issues from earlier in this thread btw (no errors at all when starting this container)

2) I've managed to get wildcard certificate working, using Dynu as ddns provider. Simply create a ddns (e.g. myddns.dynu.com). Dynu allows wildcard ddns entries by default. Go into Dynu settings and find your API key. In NPM add a new lets Encrypt certificate using domain *.mydomain.dynu.com (note the wildcard *. at the front) then add your email address, select DNS challenge, select provider as Dynu and paste in your API key. Then you can create any random entries in the proxy hosts section of NPM ( e.g. radarr.myddns.dynu.com , and sonarr.myddns.dynu.com using your new wildcard certificate in the SSL tab)

I have managed to renew this successfully without issue. one point to note is that the Dynu ddns doesnt always work with some ISPs i.e. it simply isnt recognized, mot sure if this an issue specific to me or not.

3) At the beginning of this guide you mentioned you can use any external router port, however Ive found I can ONLY get NPM to work if

FIRST - Create a Proxy host and forward port 80 and 443 from my router to the NPM Container ports. This somehow lets NPM recognise the host

THEN and ONLY THEN can I change the router ports to something else

I have to repeat this step for every new Proxy Host

Is port 80 and 443 hardcoded into the package somehow?


4) Some of you may be aware that QNAP have released an inbuilt reverse proxy in QTS, its very basic and only allows subdomain reverse proxy (not suburl). Please raise a ticket with QNAP with requests so they can improve this further.
tiagondelgado
Starting out
Posts: 19
Joined: Wed Oct 12, 2016 8:03 pm

Re: [How To] install Nginx Reverse Proxy in CS with Let's Encrypt Certificate

Post by tiagondelgado »

in some apps, like Multimedia console, i get this erros: "Mixed Content: The page at 'https://XXXXX.XXXXX.com/cgi-bin/' was loaded over HTTPS, but requested an insecure frame 'http://XXXXX.XXXXX.com/apps/Qmediacs/?v ... nsole-1355'. This request has been blocked; the content must be served over HTTPS."

How can resolve that?
ROLLINS
Know my way around
Posts: 136
Joined: Tue Oct 14, 2014 10:42 pm

Re: [HOW TO] install Nginx Reverse Proxy in CS with Let's Encrypt Certificate

Post by ROLLINS »

Can this be installed on one qnap it covers the other qnap ?
VikingOy
New here
Posts: 7
Joined: Tue Feb 08, 2022 8:24 pm

Re: [HOW TO] install Nginx Reverse Proxy in CS with Let's Encrypt Certificate

Post by VikingOy »

Of course.
You install it on one QNAP and you can use it for any http-exposed service anywhere in your network.
Post Reply

Return to “Container Station”