search

linuxserver / docker-letsencrypt

DEPRECATED: Please use linuxserver/swag instead
GNU General Public License v3.0
722 stars 172 forks source link

Reverse proxy not working /w subdomains and docker compose. #233

Closed Dulanic closed 5 years ago

Dulanic commented 5 years ago

linuxserver.io

For some reason when running this container with docker-compose, it does not route subdomain traffic as it should. It works fine if I do a docker run.

Ubuntu 18.04

Working /w docker run:

docker create \
  --cap-add=NET_ADMIN \
  --network=opt_default \
  --name=letsencrypt \
  -v /docker/containers/letsencrypt/config:/config \
  -e PGID=1000 -e PUID=1000  \
  -e EMAIL=email \
  -e URL=domain \
  -e SUBDOMAINS=,www,nzbget,radarr,sonarr,transmission \
  -e VALIDATION=http \
  -p 80:80 -p 443:443 \
  -e TZ=America/Chicago \
  linuxserver/letsencrypt

Not working /w compose, it is routing to main website instead.

 letsencrypt:
    image: linuxserver/letsencrypt:latest
    container_name: letsencrypt
    volumes:
      - /docker/containers/letsencrypt/config:/config
    ports:
      - 443:443
      - 80:80
    cap_add:
      - NET_ADMIN
    environment:
      - PGID=1000
      - PUID=1000
      - EMAIL=email
      - URL=domain
      - SUBDOMAINS=,www,nzbget,radarr,sonarr,transmission
      - VALIDATION=http
      - TZ=America/Chicago
      - ONLY_SUBDOMAINS=false
    restart: unless-stopped

image

curl from within the container showing, it would pull radarr if it was routing the proxy correctly.


dulanic@mediaserver:~$ sudo docker exec -it letsencrypt /bin/bash                                                                                                                            root@da5d84a93a0b:/$ ping radarr
PING radarr (172.21.0.8): 56 data bytes
64 bytes from 172.21.0.8: seq=0 ttl=64 time=0.109 ms
64 bytes from 172.21.0.8: seq=1 ttl=64 time=0.089 ms
^C
--- radarr ping statistics ---
2 packets transmitted, 2 packets received, 0% packet loss
round-trip min/avg/max = 0.089/0.099/0.109 ms
root@da5d84a93a0b:/$ curl radarr:7878
<!doctype html>
<html>
<head>
    <meta charset="utf-8">
    <title>Radarr</title>
    <meta name="viewport" content="width=device-width, initial-scale=1.0">
    <meta name="mobile-web-app-capable" content="yes">
    <meta name="apple-mobile-web-app-capable" content="yes">

    <!-- Windows Phone -->
    <meta name="msapplication-navbutton-color" content="#272727">
Both looked identical no errors

No

it seems that all subdomain traffic is routing to the main html page for unknown reason when using docker-compose.

Thanks, team linuxserver.io

aptalca commented 5 years ago

Post your radarr yml and proxy conf

Dulanic commented 5 years ago

Proxy.conf is default.

 version: "2"
volumes:
  portainer_data:
services:
  transmission:
    image: haugene/transmission-openvpn:latest
    container_name: transmission
    env_file:
      - /docker/containers/transmission/transmission.env
    volumes:
      - /docker/containers/transmission/OV_mobile.ovpn:/etc/openvpn/custom/default.ovpn
      - /local-media:/local-media
      - /docker/containers/transmission:/config
      - /docker/containers/transmission:/data
      - /etc/localtime:/etc/localtime
      - /downloads:/downloads
    devices:
      - /dev/net/tun
    cap_add:
      - NET_ADMIN
    ports:
      - 9091:9091
      - 8888:8888
    restart: unless-stopped
  jackett:
    image: linuxserver/jackett:latest
    container_name: jackett
    env_file:
      - /docker/containers/jackett/jackett.env
    volumes:
      - /docker/containers/jackett/config:/config
      - /downloads/automated/torrent:/downloads
      - /etc/localtime:/etc/localtime
    depends_on:
      - letsencrypt
    ports:
      - 9117:9117
    restart: unless-stopped
  radarr4K:
    image: linuxserver/radarr:latest
    container_name: Radarr4K
    volumes:
      - /downloads:/downloads
      - /etc/localtime:/etc/localtime
      - /local-media:/local-media
      - /docker/containers/radarr4K:/config
    ports:
      - 7879:7878
    depends_on:
      - jackett
      - transmission
      - letsencrypt
    environment:
      - TZ=America/Chicago
      - PGID=1000
      - PUID=1000
    restart: unless-stopped
  radarr:
    image: linuxserver/radarr:latest
    container_name: Radarr
    volumes:
      - /downloads:/downloads
      - /etc/localtime:/etc/localtime
      - /local-media:/local-media
      - /docker/containers/radarr:/config
    depends_on:
      - jackett
      - transmission
      - letsencrypt
    ports:
      - 7878:7878
    environment:
      - TZ=America/Chicago
      - PGID=1000
      - PUID=1000
    restart: unless-stopped
  sonarr:
    image: lsiodev/sonarr-preview:latest
    container_name: sonarr
    volumes:
      - /downloads:/downloads
      - /etc/localtime:/etc/localtime
      - /local-media:/local-media
      - /docker/containers/sonarr:/config
      - /local-media/Media/Shows:/tv
    depends_on:
      - jackett
      - transmission
      - letsencrypt
    ports:
      - 8989:8989
    environment:
      - TZ=America/Chicago
      - PGID=1000
      - PUID=1000
    restart: unless-stopped
  nzbget:
    image: linuxserver/nzbget:latest
    container_name: nzbget
    volumes:
      - /downloads:/downloads
      - /docker/containers/nzbget:/config
    depends_on:
      - jackett
      - transmission
      - letsencrypt
    ports:
      - 6789:6789
    environment:
      - TZ=America/Chicago
      - PGID=1000
      - PUID=1000
    restart: unless-stopped
  quassel:
    image: linuxserver/quassel-core:latest
    container_name: quassel
    volumes:
      - /etc/localtime:/etc/localtime
      - /docker/containers/quassel-core/config:/config
    ports:
      - 4245:4242
    environment:
      - TZ=America/Chicago
      - PGID=1000
      - PUID=1000
    restart: unless-stopped
  letsencrypt:
    image: linuxserver/letsencrypt:latest
    container_name: letsencrypt
    volumes:
      - /docker/containers/letsencrypt/config:/config
    ports:
      - 443:443
      - 80:80
    cap_add:
      - NET_ADMIN
    environment:
      - PGID=1000
      - PUID=1000
      - EMAIL=email@domain.com
      - URL=domain.com
      - SUBDOMAINS=,www,nzbget,radarr,sonarr,transmission
      - VALIDATION=http
      - TZ=America/Chicago
      - ONLY_SUBDOMAINS=false
    restart: unless-stopped
  hydra:
    image: linuxserver/hydra2:latest
    container_name: hydra
    volumes:
      - /downloads:/downloads
      - /docker/containers/nzbhydra2/config:/config
    depends_on:
      - jackett
      - transmission
      - letsencrypt
    ports:
      - 5076:5076
    environment:
      - TZ=America/Chicago
      - PGID=1000
      - PUID=1000
    restart: unless-stopped
  portainer:
    image: portainer/portainer
    container_name: portainer
    ports:
      - "9000:9000"
    command: -H unix:///var/run/docker.sock
    volumes:
      - /var/run/docker.sock:/var/run/docker.sock
      - portainer_data:/data
    restart: unless-stopped

## Version 2018/05/31 - Changelog: https://github.com/linuxserver/docker-letsencrypt/commits/master/root/defaults/proxy.conf

client_max_body_size 10m;
client_body_buffer_size 128k;

#Timeout if the real server is dead
proxy_next_upstream error timeout invalid_header http_500 http_502 http_503;

# Advanced Proxy Config
send_timeout 5m;
proxy_read_timeout 240;
proxy_send_timeout 240;
proxy_connect_timeout 240;

# Basic Proxy Config
proxy_set_header Host $host:$server_port;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto https;
proxy_set_header X-Forwarded-Host $host;
proxy_set_header X-Forwarded-Ssl on;
proxy_redirect  http://  $scheme://;
proxy_http_version 1.1;
proxy_set_header Connection "";
#proxy_cookie_path / "/; HTTPOnly; Secure"; # enable at your own risk, may break certain apps
proxy_cache_bypass $cookie_session;
proxy_no_cache $cookie_session;
proxy_buffers 32 4k;
aptalca commented 5 years ago

I meant the radarr proxy conf

Dulanic commented 5 years ago

I used default subdomain conf. Also tried hard coding the actual pc ip neither worked.

aptalca commented 5 years ago

You set the container name to Radarr change it to radarr

Don't use uppercase in container names. They don't resolve correctly in dns

Dulanic commented 5 years ago

This is the hard coded version since I'm on my phone and had to ssh to pull it.

cat radarr.subdomain.conf

server {
    listen 443 ssl;

    server_name radarr.*;

    include /config/nginx/ssl.conf;

    client_max_body_size 0;

    # enable for ldap auth, fill in ldap details in ldap.conf
    #include /config/nginx/ldap.conf;

    location / {
        # enable the next two lines for http auth
        auth_basic "Restricted";
        auth_basic_user_file /config/nginx/.htpasswd;

        # enable the next two lines for ldap auth
        #auth_request /auth;
        #error_page 401 =200 /login;

        include /config/nginx/proxy.conf;
        resolver 127.0.0.11 valid=30s;
        proxy_pass http://192.168.2.155:7878;
    }

    location ~ (/radarr)?/api {
        include /config/nginx/proxy.conf;
        resolver 127.0.0.11 valid=30s;
        proxy_pass http://192.168.2.155:7878;
    }
}
Dulanic commented 5 years ago

@aptalca Ok I'll try that tomorrow.

Dulanic commented 5 years ago

That fixed it, that really threw me off since the ping and curl worked but nginx didnt like it. Thank you.