search

linuxserver / docker-swag

Nginx webserver and reverse proxy with php support and a built-in Certbot (Let's Encrypt) client. It also contains fail2ban for intrusion prevention.
https://docs.linuxserver.io/general/swag
GNU General Public License v3.0
2.88k stars 246 forks source link

[warn] protocol options redefined for 0.0.0.0:443 #377

Closed bigbangus closed 1 year ago

bigbangus commented 1 year ago

Is there an existing issue for this?

Current Behavior

Since the latest update 2.6.0-ls214 as of 5/31/2023 I get this in the log:

nginx: [warn] protocol options redefined for 0.0.0.0:443 in /config/nginx/proxy-confs/authelia.subdomain.conf:6
nginx: [warn] protocol options redefined for 0.0.0.0:443 in /config/nginx/site-confs/wordpress.conf:4

this is my authelia.subdomain.conf file:

## Version 2023/04/29
# make sure that your authelia container is named authelia
# make sure that your dns has a cname set for authelia

server {
    listen 443 ssl;
    listen [::]:443 ssl;

    server_name authelia.*;

    include /config/nginx/ssl.conf;

    client_max_body_size 0;

    location / {

        include /config/nginx/proxy.conf;
        include /config/nginx/resolver.conf;
        set $upstream_app authelia;
        set $upstream_port 9091;
        set $upstream_proto http;
        proxy_pass $upstream_proto://$upstream_app:$upstream_port;

    }

    location ~ (/authelia)?/api {
        include /config/nginx/proxy.conf;
        include /config/nginx/resolver.conf;
        set $upstream_app authelia;
        set $upstream_port 9091;
        set $upstream_proto http;
        proxy_pass $upstream_proto://$upstream_app:$upstream_port;

    }
}

Expected Behavior

Not show those messages

Steps To Reproduce

After update

Environment

- OS:Unraid 6.11.6
- How docker service was installed: Unraid Docker Service

CPU architecture

x86-64

Docker creation

docker run
  -d
  --name='swag'
  --net='proxynet'
  --cpuset-cpus='1,2,3,5,13,14,15,17'
  -e TZ="America/New_York"
  -e HOST_OS="Unraid"
  -e HOST_HOSTNAME="UnraidNAS"
  -e HOST_CONTAINERNAME="swag"
  -e 'EMAIL'='xxxxxxxxxxx@gmail.com'
  -e 'URL'='xxxxxx.xxx'
  -e 'SUBDOMAINS'='wildcard'
  -e 'ONLY_SUBDOMAINS'='false'
  -e 'VALIDATION'='dns'
  -e 'DNSPLUGIN'='cloudflare'
  -e 'EXTRA_DOMAINS'='xxxxx.xxx, *.xxxxxxxx.xxx'
  -e 'STAGING'='false'
  -e 'DUCKDNSTOKEN'=''
  -e 'PROPAGATION'=''
  -e 'DOCKER_MODS'='linuxserver/mods:swag-dashboard'
  -e 'CROWDSEC_API_KEY'='xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx'
  -e 'CROWDSEC_LAPI_URL'='http://x.x.x.x:8081'
  -e 'CROWDSEC_F2B_DISABLE'='false'
  -e 'PUID'='99'
  -e 'PGID'='100'
  -l net.unraid.docker.managed=dockerman
  -l net.unraid.docker.webui='http://[IP]:[PORT:81]'
  -l net.unraid.docker.icon='https://raw.githubusercontent.com/linuxserver/docker-templates/master/linuxserver.io/img/linuxserver-ls-logo.png'
  -p '180:80/tcp'
  -p '1443:443/tcp'
  -p '81:81/tcp'
  -v '/mnt/user/appdata/swag':'/config':'rw'
  --cap-add=NET_ADMIN
  --memory=8g 'linuxserver/swag'
4c0c0cac04152d13a21fd06a593fd553f71d85b36fd842a920375442f96b2364

Container logs

cp: not replacing '/config/dns-conf/acmedns-registration.json'
cp: not replacing '/config/dns-conf/acmedns.ini'
cp: not replacing '/config/dns-conf/aliyun.ini'
cp: not replacing '/config/dns-conf/azure.ini'
cp: not replacing '/config/dns-conf/cloudflare.ini'
cp: not replacing '/config/dns-conf/cpanel.ini'
cp: not replacing '/config/dns-conf/desec.ini'
cp: not replacing '/config/dns-conf/digitalocean.ini'
cp: not replacing '/config/dns-conf/directadmin.ini'
cp: not replacing '/config/dns-conf/dnsimple.ini'
cp: not replacing '/config/dns-conf/dnsmadeeasy.ini'
cp: not replacing '/config/dns-conf/dnspod.ini'
cp: not replacing '/config/dns-conf/do.ini'
cp: not replacing '/config/dns-conf/domeneshop.ini'
cp: not replacing '/config/dns-conf/duckdns.ini'
cp: not replacing '/config/dns-conf/dynu.ini'
cp: not replacing '/config/dns-conf/gandi.ini'
cp: not replacing '/config/dns-conf/gehirn.ini'
cp: not replacing '/config/dns-conf/godaddy.ini'
cp: not replacing '/config/dns-conf/google-domains.ini'
cp: not replacing '/config/dns-conf/google.json'
cp: not replacing '/config/dns-conf/he.ini'
cp: not replacing '/config/dns-conf/hetzner.ini'
cp: not replacing '/config/dns-conf/infomaniak.ini'
cp: not replacing '/config/dns-conf/inwx.ini'
cp: not replacing '/config/dns-conf/ionos.ini'
cp: not replacing '/config/dns-conf/linode.ini'
cp: not replacing '/config/dns-conf/loopia.ini'
cp: not replacing '/config/dns-conf/luadns.ini'
cp: not replacing '/config/dns-conf/netcup.ini'
cp: not replacing '/config/dns-conf/njalla.ini'
cp: not replacing '/config/dns-conf/nsone.ini'
cp: not replacing '/config/dns-conf/ovh.ini'
cp: not replacing '/config/dns-conf/porkbun.ini'
cp: not replacing '/config/dns-conf/rfc2136.ini'
cp: not replacing '/config/dns-conf/route53.ini'
cp: not replacing '/config/dns-conf/sakuracloud.ini'
cp: not replacing '/config/dns-conf/standalone.ini'
cp: not replacing '/config/dns-conf/transip.ini'
cp: not replacing '/config/dns-conf/vultr.ini'
cp: not replacing '/config/etc/letsencrypt/renewal-hooks/deploy/10-default'
cp: not replacing '/config/etc/letsencrypt/renewal-hooks/post/10-nginx'
cp: not replacing '/config/etc/letsencrypt/renewal-hooks/pre/10-nginx'
nginx: [warn] protocol options redefined for 0.0.0.0:443 in /config/nginx/proxy-confs/authelia.subdomain.conf:6
nginx: [warn] protocol options redefined for 0.0.0.0:443 in /config/nginx/site-confs/wordpress.conf:4
───────────────────────────────────────
GID/UID
───────────────────────────────────────

User UID:    99
User GID:    100
───────────────────────────────────────

using keys found in /config/keys
Variables set:
PUID=99
PGID=100
TZ=America/New_York
URL=xxxx.xxx
SUBDOMAINS=wildcard
EXTRA_DOMAINS=xxxxx.xxx, *.xxxx.xxx
ONLY_SUBDOMAINS=false
VALIDATION=dns
CERTPROVIDER=
DNSPLUGIN=cloudflare
EMAIL=xxxx@xxxx.xxx
STAGING=false

Using Let's Encrypt as the cert provider
SUBDOMAINS entered, processing
Wildcard cert for xxxxxx.xx will be requested
EXTRA_DOMAINS entered, processing
Extra domains processed are:  -d xxx.xxx -d *.xxx.xxx
E-mail address entered: xxxxxxxx@xxx.xxx
dns validation via cloudflare plugin is selected
Certificate exists; parameters unchanged; starting nginx
The cert does not expire within the next day. Letting the cron script handle the renewal attempts overnight (2:08am).
**** Applying the SWAG dashboard mod... ****
**** Adding goaccess to package install list ****
**** libmaxminddb already installed, skipping ****
**** Applied the SWAG dashboard mod ****
[mod-init] **** Installing all mod packages ****
fetch http://dl-cdn.alpinelinux.org/alpine/v3.18/main/x86_64/APKINDEX.tar.gz
fetch http://dl-cdn.alpinelinux.org/alpine/v3.18/community/x86_64/APKINDEX.tar.gz
(1/1) Installing goaccess (1.7.2-r1)
Executing busybox-1.36.0-r9.trigger
OK: 197 MiB in 210 packages
[custom-init] No custom files found, skipping...
[ls.io-init] done.
Server ready
nemchik commented 1 year ago

The quick fix is to find

    listen 443 ssl;
    listen [::]:443 ssl;

in all of your active conf files and replace it with

    listen 443 ssl http2;
    listen [::]:443 ssl http2;

We will be releasing updated proxy conf templates shortly, but we won't be automatically replacing user confs. The logs will indicate which confs have updated samples though.

bigbangus commented 1 year ago

Is this also causing my SWAG Dashboard to no longer show proxy status despite them working?

image

Also using the fix above, it does not fix all my warnings. Some of the proxy-confs like guac and deluge still show log warnings despite adding http2 to the server listen 443 lines as above.

OnkelBuTscH commented 1 year ago

I also changed it to:

listen 443 ssl http2;
listen [::]:443 ssl http2;

but still see warnings:

nginx: [warn] protocol options redefined for 0.0.0.0:443 in /config/nginx/proxy-confs/emby.subdomain.conf:11 nginx: [warn] protocol options redefined for [::]:443 in /config/nginx/proxy-confs/emby.subdomain.conf:12

bigbangus commented 1 year ago

@OnkelBuTscH same, even after pulling latest version and updating all templates to 5/31/2023 version.

nemchik commented 1 year ago

The quick fix is to find

    listen 443 ssl;
    listen [::]:443 ssl;

in all of your active conf files and replace it with

    listen 443 ssl http2;
    listen [::]:443 ssl http2;

We will be releasing updated proxy conf templates shortly, but we won't be automatically replacing user confs. The logs will indicate which confs have updated samples though.

Additional emphasis:

we won't be automatically replacing user confs

Replacing the confs will have to be a manual process. Updating the container will NOT replace anything for you, but the container logs will tell you which files need to be updated.

OnkelBuTscH commented 1 year ago

Yes, I am aware of that. I have changed the subdomain.conf files mentioned in the log. But still get the warning. Even if I just use the new sample templates without any manual changes I still get this warning.

The applications all work but the warning is still in the container log.

mstarr0928 commented 1 year ago

Wanted to join the conversation. I went through and changed each conf file and I still receive this warning in my logs. I may go through and reinstall the container and redo the conf files and see if that helped.

aptalca commented 1 year ago

post your logs and mentioned confs

mstarr0928 commented 1 year ago

I hope this is appropriate for sending the logs. I am not familiar with what information they contain but I did see an access token so I hesitated.

On Thu, Jun 8, 2023 at 2:41 PM aptalca @.***> wrote:

post your logs and mentioned confs

— Reply to this email directly, view it on GitHub https://github.com/linuxserver/docker-swag/issues/377#issuecomment-1583229362, or unsubscribe https://github.com/notifications/unsubscribe-auth/AO2JWJHSTEJ5LLYAZK7H6LLXKITH3ANCNFSM6AAAAAAYVO7TKE . You are receiving this because you commented.Message ID: @.***>

sythesigh commented 1 year ago

Same issue here, all proxies updated, yet I’m still getting the warnings

mada199122 commented 1 year ago

plus 1, all proxies configs updated, but for just one configuration I still get the warning in the log. I think this issue should be reopen

bheikes1 commented 1 year ago

for every proxy conf that is giving an error, change

server { listen 443 ssl; listen [::]:443 ssl;

to

server { listen 443 ssl http2; listen [::]:443 ssl http2;

in the proxy conf

this is caused by the default conf having a different proto than the proxyconf thus the "protocol is being redifined error". addressing the hodgepodge of different proxy confs settings will fix this for folks in the future.

OnkelBuTscH commented 1 year ago

That sounds good, thank you!

YouveGotMeowxy commented 1 year ago

I've updated all proxy.conf's and still get the message as well. Anyone know if these warnings actually affect the server/services? Or can they be ignored?

nemchik commented 1 year ago

It is safe to ignore, but he's the solution to fix the problem correctly https://github.com/linuxserver/docker-swag/issues/377#issuecomment-1570995227

YouveGotMeowxy commented 1 year ago

@nemchik

Thanks, but I still get it. Here (for example) is my adguard .conf:

## Version 2023/05/31
# make sure that your adguard container is named adguard
# make sure that your dns has a cname set for adguard

server {
    listen 443 ssl http2;
    listen [::]:443 ssl http2;

    server_name adguard.*;

    include /config/nginx/ssl.conf;

    client_max_body_size 0;

    # enable for ldap auth (requires ldap-location.conf in the location block)
    #include /config/nginx/ldap-server.conf;

    # enable for Authelia (requires authelia-location.conf in the location block)
    #include /config/nginx/authelia-server.conf;

    # enable for Authentik (requires authentik-location.conf in the location block)
    #include /config/nginx/authentik-server.conf;

    location / {
        # enable the next two lines for http auth
        #auth_basic "Restricted";
        #auth_basic_user_file /config/nginx/.htpasswd;

        # enable for ldap auth (requires ldap-server.conf in the server block)
        #include /config/nginx/ldap-location.conf;

        # enable for Authelia (requires authelia-server.conf in the server block)
        #include /config/nginx/authelia-location.conf;

        # enable for Authentik (requires authentik-server.conf in the server block)
        #include /config/nginx/authentik-location.conf;

        include /config/nginx/proxy.conf;
        include /config/nginx/resolver.conf;
        set $upstream_app adguard;
        set $upstream_port 80;
        set $upstream_proto http;
        proxy_pass $upstream_proto://$upstream_app:$upstream_port;

    }

    location /control {
        include /config/nginx/proxy.conf;
        include /config/nginx/resolver.conf;
        set $upstream_app adguard;
        set $upstream_port 80;
        set $upstream_proto http;
        proxy_pass $upstream_proto://$upstream_app:$upstream_port;

    }

    location /dns-query {
        # to properly use this please set `allow_unencrypted_doh: true` and `force_https: false` in adguard
        # see https://github.com/AdguardTeam/AdGuardHome/wiki/Configuration#configuration-file
        include /config/nginx/proxy.conf;
        include /config/nginx/resolver.conf;
        set $upstream_app adguard;
        set $upstream_port 80;
        set $upstream_proto http;
        proxy_pass $upstream_proto://$upstream_app:$upstream_port;

    }
}

And what swag is showing me in the log:

8/16/2023 8:03:36 PM
nginx: [warn] protocol options redefined for 0.0.0.0:443 in /config/nginx/proxy-confs/subdomain/adguard.subdomain.conf:6
stderr
08/16/2023 8:03:36 PM
nginx: [warn] protocol options redefined for [::]:443 in /config/nginx/proxy-confs/subdomain/adguard.subdomain.conf:7
nemchik commented 1 year ago

Then there is another file causing the issue. Check your container logs for a message about outdated configs.

shad-lp commented 1 year ago

I have the same problem :

Complete SWAG logs at container startup :

[mod-init] Adding linuxserver/mods:swag-dashboard to container
[mod-init] Downloading linuxserver/mods:swag-dashboard from lscr.io
[mod-init] Installing linuxserver/mods:swag-dashboard
[mod-init] linuxserver/mods:swag-dashboard applied to container
[mod-init] Adding gilbn/theme.park:swag to container
[mod-init] Downloading gilbn/theme.park:swag from ghcr.io
[mod-init] Installing gilbn/theme.park:swag
[mod-init] gilbn/theme.park:swag applied to container
[mod-init] Adding linuxserver/mods:swag-auto-reload to container
[mod-init] Downloading linuxserver/mods:swag-auto-reload from lscr.io
[mod-init] Installing linuxserver/mods:swag-auto-reload
[mod-init] linuxserver/mods:swag-auto-reload applied to container
[mod-init] Adding linuxserver/mods:swag-crowdsec to container
[mod-init] Downloading linuxserver/mods:swag-crowdsec from lscr.io
[mod-init] Installing linuxserver/mods:swag-crowdsec
[mod-init] linuxserver/mods:swag-crowdsec applied to container
[mod-init] Adding linuxserver/mods:swag-maxmind to container
[mod-init] Downloading linuxserver/mods:swag-maxmind from lscr.io
[mod-init] Installing linuxserver/mods:swag-maxmind
[mod-init] linuxserver/mods:swag-maxmind applied to container
[migrations] started
[migrations] 01-nginx-site-confs-default: skipped
[migrations] done
───────────────────────────────────────

      ██╗     ███████╗██╗ ██████╗ 
      ██║     ██╔════╝██║██╔═══██╗
      ██║     ███████╗██║██║   ██║
      ██║     ╚════██║██║██║   ██║
      ███████╗███████║██║╚██████╔╝
      ╚══════╝╚══════╝╚═╝ ╚═════╝ 

   Brought to you by linuxserver.io
───────────────────────────────────────

To support the app dev(s) visit:
Certbot: https://supporters.eff.org/donate/support-work-on-certbot

To support LSIO projects visit:
https://www.linuxserver.io/donate/

───────────────────────────────────────
GID/UID
───────────────────────────────────────

User UID:    1000
User GID:    1000
───────────────────────────────────────

using keys found in /config/keys
Variables set:
PUID=1000
PGID=1000
TZ=Europe/Brussels
URL=ndd.tld
SUBDOMAINS=wildcard
EXTRA_DOMAINS=
ONLY_SUBDOMAINS=false
VALIDATION=dns
CERTPROVIDER=zerossl
DNSPLUGIN=ovh
EMAIL=mail@ndd.tld
STAGING=false

ZeroSSL is selected as the cert provider, registering cert with mail@ndd.tld
SUBDOMAINS entered, processing
Wildcard cert for ndd.tld will be requested
E-mail address entered: mail@ndd.tld
dns validation via ovh plugin is selected
Certificate exists; parameters unchanged; starting nginx
The cert does not expire within the next day. Letting the cron script handle the renewal attempts overnight (2:08am).
**** The following active confs have different version dates than the samples that are shipped. ****
**** This may be due to user customization or an update to the samples. ****
**** You should compare the following files to the samples in the same folder and update them. ****
**** Use the link at the top of the file to view the changelog. ****
┌────────────┬────────────┬────────────────────────────────────────────────────────────────────────┐
│  old date  │  new date  │ path                                                                   │
├────────────┼────────────┼────────────────────────────────────────────────────────────────────────┤
│            │ 2023-05-31 │ /config/nginx/proxy-confs/themepark.subdomain.conf                     │
└────────────┴────────────┴────────────────────────────────────────────────────────────────────────┘
**** Applying the SWAG dashboard mod... ****
**** Configuring CrowdSec nginx Bouncer ****
**** adding libmaxminddb to package install list ****
**** Adding goaccess to package install list ****
**** Adding swag-auto-reload deps to package install list ****
**** libmaxminddb already installed, skipping ****
**** Applied the SWAG dashboard mod ****
**** Successfully configured CrowdSec nginx Bouncer v1.0.5 ****
[mod-init] **** Installing all mod packages ****
fetch http://dl-cdn.alpinelinux.org/alpine/v3.18/main/x86_64/APKINDEX.tar.gz
fetch http://dl-cdn.alpinelinux.org/alpine/v3.18/community/x86_64/APKINDEX.tar.gz
(1/22) Installing gettext-envsubst (0.21.1-r7)
(2/22) Installing libgomp (12.2.1_git20220924-r10)
(3/22) Installing gettext-libs (0.21.1-r7)
(4/22) Installing gettext (0.21.1-r7)
(5/22) Installing goaccess (1.7.2-r1)
(6/22) Installing inotify-tools-libs (3.22.6.0-r2)
(7/22) Installing inotify-tools (3.22.6.0-r2)
(8/22) Installing libmaxminddb (1.7.1-r1)
(9/22) Installing lua5.1-libs (5.1.5-r12)
(10/22) Installing lua5.1 (5.1.5-r12)
(11/22) Installing lua-resty-http (0.17.1-r0)
(12/22) Installing lua-sec (1.3.1-r1)
(13/22) Installing lua5.1-socket (3.1.0-r1)
(14/22) Installing lua5.1-sec (1.3.1-r1)
(15/22) Installing lua5.1-cjson (2.1.0-r11)
(16/22) Installing luajit (2.1_p20230410-r1)
(17/22) Installing lua-resty-lrucache (0.13-r1)
(18/22) Installing lua-resty-core (0.1.26-r0)
(19/22) Installing nginx-mod-http-lua (1.24.0-r6)
(20/22) Installing serf (1.3.10-r0)
(21/22) Installing subversion-libs (1.14.2-r10)
(22/22) Installing subversion (1.14.2-r10)
Executing subversion-1.14.2-r10.pre-install
Executing busybox-1.36.1-r2.trigger
OK: 208 MiB in 231 packages
-------------------------
|  SWAG theme.park Mod  |
-------------------------
Applying the maxmind mod...
Variables set:
'TP_BRANCH'=

No branch set, defaulting to live
Applied the maxmind mod
[custom-init] No custom files found, skipping...
MOD Auto-reload: Watching the following files/folders for changes (excluding .sample and .md files):
/config/nginx
[ls.io-init] done.
**** Disabling fail2ban Service ****
nginx: [warn] protocol options redefined for 0.0.0.0:443 in /config/nginx/proxy-confs/apprise-api.subdomain.conf:6
nginx: [warn] protocol options redefined for [::]:443 in /config/nginx/proxy-confs/apprise-api.subdomain.conf:7
nginx: [warn] protocol options redefined for 0.0.0.0:443 in /config/nginx/proxy-confs/baikal.subdomain.conf:4
nginx: [warn] protocol options redefined for [::]:443 in /config/nginx/proxy-confs/baikal.subdomain.conf:5
nginx: [warn] protocol options redefined for 0.0.0.0:443 in /config/nginx/proxy-confs/bitwarden.subdomain.conf:7
nginx: [warn] protocol options redefined for [::]:443 in /config/nginx/proxy-confs/bitwarden.subdomain.conf:8
nginx: [warn] protocol options redefined for 0.0.0.0:443 in /config/nginx/proxy-confs/borgwarehouse.subdomain.conf:5
nginx: [warn] protocol options redefined for [::]:443 in /config/nginx/proxy-confs/borgwarehouse.subdomain.conf:6
nginx: [warn] protocol options redefined for 0.0.0.0:443 in /config/nginx/proxy-confs/calibre-web.subdomain.conf:6
nginx: [warn] protocol options redefined for [::]:443 in /config/nginx/proxy-confs/calibre-web.subdomain.conf:7
nginx: [warn] protocol options redefined for 0.0.0.0:443 in /config/nginx/proxy-confs/drive.subdomain.conf:6
nginx: [warn] protocol options redefined for [::]:443 in /config/nginx/proxy-confs/drive.subdomain.conf:7
nginx: [warn] protocol options redefined for 0.0.0.0:443 in /config/nginx/proxy-confs/grafana.subdomain.conf:6
nginx: [warn] protocol options redefined for [::]:443 in /config/nginx/proxy-confs/grafana.subdomain.conf:7
nginx: [warn] protocol options redefined for 0.0.0.0:443 in /config/nginx/proxy-confs/iris.subdomain.conf:4
nginx: [warn] protocol options redefined for [::]:443 in /config/nginx/proxy-confs/iris.subdomain.conf:5
nginx: [warn] protocol options redefined for 0.0.0.0:443 in /config/nginx/proxy-confs/jellyseerr.subdomain.conf:6
nginx: [warn] protocol options redefined for [::]:443 in /config/nginx/proxy-confs/jellyseerr.subdomain.conf:7
nginx: [warn] protocol options redefined for 0.0.0.0:443 in /config/nginx/proxy-confs/pfsense.subdomain.conf:5
nginx: [warn] protocol options redefined for [::]:443 in /config/nginx/proxy-confs/pfsense.subdomain.conf:6
nginx: [warn] protocol options redefined for 0.0.0.0:443 in /config/nginx/proxy-confs/portainer.subdomain.conf:6
nginx: [warn] protocol options redefined for [::]:443 in /config/nginx/proxy-confs/portainer.subdomain.conf:7
nginx: [warn] protocol options redefined for 0.0.0.0:443 in /config/nginx/proxy-confs/snapcast.subdomain.conf:4
nginx: [warn] protocol options redefined for [::]:443 in /config/nginx/proxy-confs/snapcast.subdomain.conf:5
nginx: [warn] protocol options redefined for 0.0.0.0:443 in /config/nginx/proxy-confs/unifi-controller.subdomain.conf:8
nginx: [warn] protocol options redefined for [::]:443 in /config/nginx/proxy-confs/unifi-controller.subdomain.conf:9
nginx: [warn] protocol options redefined for 0.0.0.0:443 in /config/nginx/proxy-confs/valheim-supervisor.subdomain.conf:4
nginx: [warn] protocol options redefined for [::]:443 in /config/nginx/proxy-confs/valheim-supervisor.subdomain.conf:5
nginx: [warn] protocol options redefined for 0.0.0.0:443 in /config/nginx/proxy-confs/zigbee2mqtt.subdomain.conf:6
nginx: [warn] protocol options redefined for [::]:443 in /config/nginx/proxy-confs/zigbee2mqtt.subdomain.conf:7
nginx: [alert] [lua] crowdsec_nginx.conf:4):8: [Crowdsec] Initialisation done

All thoses files have the http2 directive. If I diff these files :

image

and same for all other files, nothing related to the http2 missing or whatever.

Diff is empty if I try to compare default.conf to default.conf.sample

I'm using SWAG version 2.6.0-ls232 (latest as of now)

nemchik commented 1 year ago

Bash into the container (ex: docker exec -it swag bash) then run

grep -rnw '/config/nginx/' -e ':443 ssl;'

It should tell you which file is missing the http2 directive (assuming it follows the format of the other confs)

YouveGotMeowxy commented 1 year ago

Thanks @nemchik , I think that might've helped me solve it. :)

I think it was my dashboard.subdomain.conf that was the only one left w/out the http2.