Open maz1987in opened 1 year ago
BTW, below ID is different from me.
User ID: 0 Group ID: 0
I know but with that same PUID and GUID version 2.9.22 is working as expected. When I try to use PUID and GUID 0 (root) docker-compose says it's not a unique UID and thus nginx-pm does not start correctly.
So if some one has an idea on how to get version 2.10.x working that would be nice. I'm getting a bit frustrated because if this issue will not be resolved I have to think about moving to an other reverse proxy because all future development won't work in my environment.
And when I use the version 2.9.22 for my fresh installed environment it's starting right away without an issue. Very nice such an upgrade.
I've reinstall 2.10.2 to Synology 7.1.1 without PUID/PGID and issue has been solved. Are you using PUID/PGID?
Looking at your config, it seems that you are not using Host Networking? I have 2 instances running, and the one that does not use host networking works fine. When using host networking, i get the same errors.
The only way so far to solve host networking was to allow access to privileged ports to non root users. (as SUggested by nemccarthy earlier)
I've reinstall 2.10.2 to Synology 7.1.1 without PUID/PGID and issue has been solved. Are you using PUID/PGID?
Looking at your config, it seems that you are not using Host Networking? I have 2 instances running, and the one that does not use host networking works fine. When using host networking, i get the same errors.
The only way so far to solve host networking was to allow access to privileged ports to non root users. (as SUggested by nemccarthy earlier)
reinstall NPM 2.10.2 without PGID/PUID worked for me on Docker Synology DSM 7.1.1!
Tried 2.10.2 and got "No Reason Phrase" and rolling back to 2.9.22 doesn't work anymore. Now my system is down.
Edit: Error was due to a 'missing' cert (for a host that was removed long ago). I put a dummy cert in its place and the system came up, but would not let me login (same behavior as before). All my routes were also down. 2.10.2 doesn't seem to fix this, and the installation documentation still isn't updated.
Going to give it another few weeks while I'm busy with school and then migrate if it's not sorted.
I've rolled back to 2.9.22, still left the PGID/PUID and this worked straight away for me.
Will pause my updates until this is resolved
v2.10.2 seems to be working again at least for me when using host network mode.
v2.10.2 is working for me with macvlan network!
Not here. Getting this error:
➜ nginx-proxy-manager sudo docker logs 3df258eb385e
s6-rc: info: service s6rc-oneshot-runner: starting
s6-rc: info: service s6rc-oneshot-runner successfully started
s6-rc: info: service fix-attrs: starting
s6-rc: info: service fix-attrs successfully started
s6-rc: info: service legacy-cont-init: starting
s6-rc: info: service legacy-cont-init successfully started
s6-rc: info: service prepare: starting
❯ Configuring npmuser ...
id: 'npmuser': no such user
❯ Checking paths ...
❯ Setting ownership ...
s6-sudoc: fatal: unable to get exit status from server: Operation timed out
s6-rc: fatal: timed out
/run/s6/basedir/scripts/rc.init: warning: s6-rc failed to properly bring all the services up! Check your logs (in /run/uncaught-logs/current if you have in-container logging) for more information.
➜
To avoid the error s6-sudoc: fatal: unable to get exit status from server: Operation timed out
I added the line
-e S6_CMD_WAIT_FOR_SERVICES_MAXTIME=60000 \
to my docker run command.
With this line and without PUID and PGID it is working fine.
To avoid the error
s6-sudoc: fatal: unable to get exit status from server: Operation timed out
I added the line-e S6_CMD_WAIT_FOR_SERVICES_MAXTIME=60000 \
to my docker run command.
With this line and without PUID and PGID it is working fine.
Same issue. For reference, here's my docker-compose.yml:
version: "3.8"
services:
app:
# image: 'jc21/nginx-proxy-manager:latest'
# c.f.: https://github.com/NginxProxyManager/nginx-proxy-manager/issues/2750#ref-issue-1641490445
#image: 'jc21/nginx-proxy-manager:2.9.22'
image: 'jc21/nginx-proxy-manager:2.10.2'
restart: unless-stopped
ports:
# These ports are in format <host-port>:<container-port>
- '80:80' # Public HTTP Port
- '443:443' # Public HTTPS Port
- '81:81' # Admin Web Port
# Add any other Stream port you want to expose
# - '21:21' # FTP
# Uncomment the next line if you uncomment anything in the section
environment:
- PUID=1000
- PGID=1000
# Uncomment this if you want to change the location of
# the SQLite DB file within the container
# DB_SQLITE_FILE: "/data/database.sqlite"
# Uncomment this if IPv6 is not enabled on your host
# DISABLE_IPV6: 'true'
- S6_CMD_WAIT_FOR_SERVICES_MAXTIME = 60000
volumes:
- /mnt/docker/proxmox-nginx-proxy-manager-date:/data
- /mnt/docker/proxmox-nginx-proxy-manager-letsencrypt:/etc/letsencrypt
To avoid the error
s6-sudoc: fatal: unable to get exit status from server: Operation timed out
I added the line-e S6_CMD_WAIT_FOR_SERVICES_MAXTIME=60000 \
to my docker run command.
With this line and without PUID and PGID it is working fine.
Thanks this fix works for me on latest version with PUID and PGID.
Nevermind - fix didn't work.
v2.10.3 adds an unlimited S6_CMD_WAIT_FOR_SERVICES_MAXTIME
value so it should not timeout anymore.
That said, the reason for the startup taking a long time is probably because certbot doesn't cleanup old certs and there will be thousands upon thousands of files in your letsencrypt
folder that are no longer required. The startup tries to change the ownership of that folder.
I'd recommend running cert-prune
from within the docker container to clean them up.
v2.10.3 adds an unlimited
S6_CMD_WAIT_FOR_SERVICES_MAXTIME
value so it should not timeout anymore.That said, the reason for the startup taking a long time is probably because certbot doesn't cleanup old certs and there will be thousands upon thousands of files in your
letsencrypt
folder that are no longer required. The startup tries to change the ownership of that folder.I'd recommend running
cert-prune
from within the docker container to clean them up.
Does cert-prune work correctly now mate? At one point it didn’t/needed amended on owners end or something??
For those still struggling with the I have managed to resolve with the brilliant Marius help. I followed these steps:
Its likely not all those steps are needed and you can bypass the folder rename, but just saying what I did do with it confirmed working.
Note there is no GUID and PUID in the new version of the install. So anyone having issues with this container on synology can follow the above and you should be back up and running. Absolutely no errors on the log.
With v2.10.3, npm is now working perfectly again on my Synology. 🎉 I removed
- PUID=0
- PGID=0
from my env vars and that's it.
I tested a fresh install and several server reboots and npm didn't have any issues starting up anymore.
Thanks for the work on this @jc21 !
With v2.10.3, npm is now working perfectly again on my Synology. 🎉 I removed
- PUID=0 - PGID=0
from my env vars and that's it.
I tested a fresh install and several server reboots and npm didn't have any issues starting up anymore.
Thanks for the work on this @jc21 !
Can confirm this, updated to 2.10.3 from 2.9.22. At first, it again failed to bind to 0.0.0.0:80 (permission denied), but after commenting out the PUID and PGID env vars for NPM in my Portainer stack and redeploying it, NPM started up no problem. Thanks!
@maz1987in Hi, If it's corrected. Can you close the issue?
Problem still exists. Tried it with latest release on Ubuntu Server 18.04 LTS.
Problem still exists only when commenting out the PUID and PGID env vars it works!
Problem still exists. Tried it with latest release on RouterOS 7.10.1. I have tried the following scenarios:
Problem still exists only when commenting out the PUID and PGID env vars it works!
Never used PUID or PGID env
app:
image: 'jc21/nginx-proxy-manager:latest'
depends_on:
- db
ports:
- '80:80'
- '81:81'
- '443:443'
environment:
DB_MYSQL_HOST: "db"
DB_MYSQL_PORT: 3306
DB_MYSQL_USER: "**"
DB_MYSQL_PASSWORD: "******"
DB_MYSQL_NAME: "***"
volumes:
- npm-data:/data
- npm-letsencrypt:/etc/letsencrypt
restart: always
links:
- "db:db"
For people still experiencing this, here's how I got to the latest container without having to do a clean install or anything from version 2.9.22
.
docker-compose up
with this image: jc21/nginx-proxy-manager:github-uidgid
docker-compose up
with the latest image: jc21/nginx-proxy-manager:latest
+1. have some issue
Still not working with latest, any update on this?
For those suggesting to comment out PUID and PGID, isn't this unwise since NPM will be running as root and if it gets compromised it spells trouble for the rest of the system? I thought it was safer to have PUID and PGID as a regular user. I get the same permission denied on port 80 when I have those variables set though.
If this is intended behavior, is it possible to run NPM on 8080 and 8443 to circumvent this issue? I don't know how exactly to do this. I've already tried specifying 8080:80
and 8443:443
in my docker compose but I still get permission denied.
For anyone still dealing with this, this works in rootless podman, as of today. latest
does not and returns the error in the first post. The solution is to pin the version to 2.9.22
podman run --interactive --tty --rm --user '0:0' --userns 'keep-id' --env PUID=1000 --env PGID=1000 -p 8080:80 -p 8181:81 -p 8443:443 --name nginx-manager --volume ./letsencrypt:/etc/letsencrypt:z 'docker.io/jc21/nginx-proxy-manager:2.9.22'
Hi, I found the possible issue. I had a container with the bind() to 0.0.0.0:80 failed (13: Permission denied) issue.
After that I made an new npm contaier wich runs without problems. After copying the old proxy and stream configuration teh new container also broke
After deleting the config files, the new container works again. If I make a new configuration, everything works.
Checklist
jc21/nginx-proxy-manager:latest
docker image?Describe the bug
when I upgrade to the latest "2.10.0" I got
Nginx Proxy Manager Version
To Reproduce Run docker with option "network_mode: host"
Expected behavior
Screenshots
Operating System QNAP NAS
Additional context