Cloudron makes it easy to run web apps like WordPress, Nextcloud, GitLab on your server. Find out more or install now.


    Cloudron Forum

    • Register
    • Login
    • Search
    • Categories
    • Recent
    • Tags
    • Popular

    Nginx in front of cloudron install.

    Support
    proxymanager
    6
    10
    694
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • danielreyes61
      danielreyes61 last edited by girish

      I am trying to get Nginx in front of my cloudron install working and having a hard time.
      Below is my current config /etc/nginx/conf.d/<site>.conf . I've removed my site name. I already have Nginx setup in front and it is successfully running and proxy_passing to my other websites. I need this to work because I plan to run a lot of websites from different virtual machines and containers from my single IP address and if cloudron remains in control in front of my ip address, than I cannot do that. I tried changing the below config to port 443 with no success. The install configures the "my" DNS record in cloudflare successfully and then gives me a blank page when it try's to resolve to https://my.<site>.net/setup.html. If I go to localhost in browser it will show me the setup screen for a brief second before failing. Please advise. If this doesn't work, I'll have to manually install everything I liked about cloudron in portainer myself. In theory this should work. Not sure where to investigate and if this current install sitting at the "setup" screen can even be saved or if I will have to completely reinstall the VM and cloudron and try again each time. Thank you for taking a look!

      • Dan
                                
      
      server {
          listen       80;
          server_name my.<site>.net <site>.net;
      
      location / {
          proxy_pass       https://192.168.1.139:80;
          proxy_http_version         1.1;
          proxy_read_timeout 300;
          proxy_set_header Upgrade $http_upgrade;
          proxy_set_header Connection "upgrade";
          proxy_set_header Host $http_host;
          proxy_set_header X-Real-IP $remote_addr;
          proxy_set_header X-Real-PORT $remote_port;
                 }
      }
      
      
      murgero D nebulon girish 5 Replies Last reply Reply Quote 0
      • murgero
        murgero App Dev @danielreyes61 last edited by

        @danielreyes61 You need to proxy 80 and 443, plus whatever other ports your apps use (Matrix, Mastodon, teamspeak, minecraft to name a couple of examples.)

        --
        https://urgero.org
        ~ Professional Nerd. Freelance Programmer. ~
        Matrix: @murgero:urgero.org

        danielreyes61 1 Reply Last reply Reply Quote 1
        • D
          DigitEgal @danielreyes61 last edited by DigitEgal

          This post is deleted!
          1 Reply Last reply Reply Quote 0
          • danielreyes61
            danielreyes61 @murgero last edited by

            @murgero When I tried to setup 443, Nginx wanted a ssl certificate. Would I export the certificate that cloudron made and saved in firefox? After thinking about this more, I thought if I just had 80 and 443 set up that it would be the end of it and all would work well but now I am thinking I will actually still have to manually configure everything on my front end Nginx to match cloudron app's that I install. Is it not possible to have Cloudron manage all the proxy needed for those apps after I get 443 and 80 working in my Nginx?

            murgero 1 Reply Last reply Reply Quote 0
            • murgero
              murgero App Dev @danielreyes61 last edited by

              @danielreyes61 I don't suppose there is a way for you to just get a second IP from your ISP?

              --
              https://urgero.org
              ~ Professional Nerd. Freelance Programmer. ~
              Matrix: @murgero:urgero.org

              1 Reply Last reply Reply Quote 0
              • nebulon
                nebulon Staff @danielreyes61 last edited by

                @danielreyes61 without answering the full question, the brief second seeing the setup screen is likely because the Cloudron thinks DNS setup was fine and thus will redirect your browser to the my.domain, which then does not work.

                I haven't had such a setup before, but does nginx forward the domain correctly to be picked up by the nginx on Cloudron to match its own server_name directive?

                D 1 Reply Last reply Reply Quote 0
                • scooke
                  scooke last edited by

                  @danielreyes61 said in Nginx in front of cloudron install.:

                  if cloudron remains in control in front of my ip address, than I cannot do that.

                  Cloudron is supposed to be the only one in control. The page where you can install it explicitly says, "a fresh ... server". It seems to me that Portainer is more like what you want to use, and it will be easier to do so without trying to mix and mash systems that need to be on their own. This isn't a weakness of Cloudron.

                  A life lived in fear is a life half-lived

                  1 Reply Last reply Reply Quote 0
                  • D
                    DigitEgal @nebulon last edited by DigitEgal

                    @danielreyes61

                    Just dont....

                    Also if you need more stuff on there just get the pro subscription since they are doing a great job.
                    I wouldnt allow it aswell as dev to make that possible since it would make the free price plan abused.
                    If Cloudron dont offers that App, just get another (small) VPS for that stuff..

                    1 Reply Last reply Reply Quote 0
                    • girish
                      girish Staff @danielreyes61 last edited by

                      @danielreyes61 As an experiment, I set up nginx proxy manager in a separate VM and it worked pretty much instantly.

                      What I did was:

                      • Installed nginx proxy manager
                      • Installed an app on Cloudron. I am using Vultr DNS.
                      • Added a proxy host in nginx proxy manager. I also configured it to use SSL via Vultr (it's a tab in the Add Host UI):

                      63cdc84e-19fb-4ee8-bd34-0828466ba3eb-image.png

                      • Manually edited the Vultr DNS of paste.cloudron.space (the domain above) to point to nginx proxy manager VM instead of the Cloudron. I am able to access the app. I double checked it's going via the proxy VM by checking the certificate.
                      1 Reply Last reply Reply Quote 0
                      • girish
                        girish Staff @danielreyes61 last edited by

                        @danielreyes61 If you want to use nginx directly, you should make it do https proxying and not http. nginxproxymanager seems to have generated something like this:

                        # ------------------------------------------------------------
                        # paste.cloudron.space
                        # ------------------------------------------------------------
                        
                        
                        server {
                          set $forward_scheme https;
                          set $server         "45.63.93.50";
                          set $port           443;
                        
                          listen 80;
                          listen [::]:80;
                        
                          listen 443 ssl http2;
                          listen [::]:443 ssl http2;
                        
                          server_name paste.cloudron.space;
                        
                          # Let's Encrypt SSL
                          include conf.d/include/letsencrypt-acme-challenge.conf;
                          include conf.d/include/ssl-ciphers.conf;
                          ssl_certificate /etc/letsencrypt/live/npm-2/fullchain.pem;
                          ssl_certificate_key /etc/letsencrypt/live/npm-2/privkey.pem;
                        
                          access_log /data/logs/proxy-host-2_access.log proxy;
                          error_log /data/logs/proxy-host-2_error.log warn;
                        
                          location / {
                            # Proxy!
                            include conf.d/include/proxy.conf;
                          }
                        
                          # Custom
                          include /data/nginx/custom/server_proxy[.]conf;
                        }
                        
                        

                        And proxy.conf is like this:

                        set              $upstream $forward_scheme://$server:$port$request_uri;
                        add_header       X-Served-By $host;
                        proxy_set_header Host $host;
                        proxy_set_header X-Forwarded-Scheme $scheme;
                        proxy_set_header X-Forwarded-Proto  $scheme;
                        proxy_set_header X-Forwarded-For    $remote_addr;
                        proxy_set_header X-Real-IP          $remote_addr;
                        proxy_pass       $upstream;
                        

                        Just pasting them to give you some ideas.

                        1 Reply Last reply Reply Quote 2
                        • Referenced by  girish girish 
                        • Referenced by  girish girish 
                        • First post
                          Last post
                        Powered by NodeBB