Edit: SOLUTION: I had to use 127.0.0.1 and port 81 for the proxy host that points to the NPM admin page
I’m trying to follow this tutorial from Wolfgang’s Channel: https://www.youtube.com/watch?v=qlcVx-k-02E but I’m using Nginx Proxy Manager (NPM) on TrueNAS Scale.
I managed to get the SSL certificate working (the challenge is successful) but after setting up the proxy host for NPM I’m unable to reach the WebUI of NPM like he does in the video after setting that up.
This is the setting for my proxy host.
But when trying to access the WebUI through the domain name all I get is 504 Gateway Time-out. Does anyone know what I did wrong?
Nginx Proxy Manager is also properly setup to use ports 80/443. So when I access the IP address without any port I get sent to the default site of NPM.
Acronyms, initialisms, abbreviations, contractions, and other phrases which expand to something larger, that I’ve seen in this thread:
Fewer Letters More Letters DNS Domain Name Service/System HTTP Hypertext Transfer Protocol, the Web IP Internet Protocol NAT Network Address Translation nginx Popular HTTP server
4 acronyms in this thread; the most compressed thread commented on today has 5 acronyms.
[Thread #271 for this sub, first seen 10th Nov 2023, 10:45] [FAQ] [Full list] [Contact] [Source code]
Here is an alternative Piped link(s):
https://www.piped.video/watch?v=qlcVx-k-02E
Piped is a privacy-respecting open-source alternative frontend to YouTube.
I’m open-source; check me out at GitHub.
@Tywele as in, you get the NPM config site?
On my docker install, that’s on port 81. My router forwards ports 80 and 443 to NPM. You probably shouldn’t be able to get to the config site through a firewall.
For me the config site is configured to port 10582 and I’m trying to access it locally.
@Tywele How are you trying to access it locally? Are you using its fully qualified domain name and does that resolve to your WAN address? If so, you MAY need to locally override the DNS entry with its LAN address. You need to use the FQDN though.
I had this issue when using a VLAN for this server (as in the server I’m writing this on). “Thegoatery.dyndns.org” resolves to my ip address, the router goes, “oh, that’s me”, but won’t route it because the source and destination are on different VLANs and it has no rules to route via the WAN address.
I’ve setup 2 additional proxy hosts now one for syncthing and one for the web UI of TrueNAS to see if they are working and they are working perfectly fine. It seems like only the NPM admin page itself is not working and giving me a gateway time-out.
Is this your internal domain name of the nas box, or are you trying to reach your gw’s ip though NAT?
If you do a lookup of the domain name you try to enter - does that give the same IP as you use when successfully connect?
I also setup a proxy host to connect to the TrueNas WebUI just to try it out and that is working perfectly fine.
I’m not very familiar with nginx, I use haproxy for my reverse proxy or load balancing needs.
Do the 504 get logged on the proxy? From your screen grabs it seems that nginx have a working connection to the upstream server.
Maybe that website needs special settings that nginx can’t handle or is not set up for?
I figured it out and added the solution to the OP.
When I do a nslookup it returns the entered IP address from the proxy host.
And that’s also the same IP I use when I successfully connect as you can see in my 2nd screenshot in the OP.
So this domain resolves to the server you are proxying, not your proxy?
I don’t quite follow? The domain resolves to IP address I want it to resolve. My TrueNAS server has the IP 192.168.178.167 and on it I have NPM installed as an app. The admin page of NPM is accessible via the same IP on port 10582. Syncthing is also installed and accessible via the same IP address and port 8384. I have both of them configured in NPM so that theoretically subdomain.mydomain.com should resolve correctly and that I can access their respective admin pages. For Syncthing and any other app this is working except for the admin page of NPM itself. I’m trying to figure out why that is.
Right - so the upstream server is a docker container on the same machine, and you proxy the connection to the servers up on the port forwarded through the magic docker iptables thingy. It might be here that you get the connection closed - maybe check logs on that. Don’t recall if it’s logged by default or you have to set it up
There’s also the possibility of the web service not being proxy friendly
I figured it out and added the solution to the OP
