Having problems setting up NGINX Home Assistant SSL proxy add-on

nginx
Tags: #<Tag:0x00007fd076472e28>

#1

Hi,

I really hope thaqt you guys can help.

I have been following these guides to configure the NGINX SSL proxy add-on.



and I have even tried using this one

I have a new installation (doesn’t have the latest update) running on a Ubuntu 18.10 Server and the add-on is v2.1.

The error I am getting is shown in the add-in’s log as
INFO] Running nginx… nginx: [emerg] BIKO_new_file("/ssl/cert.pem") failed (SSL: error02001002:system library:fopen:No such file or directory:fopen(’/ssl/cert.pem’,‘r’) error:2006D080:BIO routines:BIO_new_file:no such file)

I have followed the guides and it is really frustrating that it is not working.

I have attached screenshots of my config files and of the error in the add-in’s log.

Any help would be gratefully received.

Thanks Paul


#2

I wrote this guide and it works. Take a look in shared projects

Nginx Reverse Proxy Set Up Guide – Docker


#3

Hi Juan,

I will take a look at your guide tonight.

Thank you

Paul


#4

Hi @juan11perez

I have been following your guide and ran into a problem. I am sure it is something I have done wrong and would really appreciate your help to fix it.

I used your updated docker-compose file for the wildcard subdomains and the docker-compose seems to work, but the server runs is running in the terminal window. If I close the terminal it shuts letsencrypt down.

Also the folder home/user/docker-projects/letsencrypt/config/nginx/site-confs/default folder is empty, in your guide NGINX should be in there ?

If I run docker ps it doesn’t show letsencrypt so I have definitely done something wrong.

I have attached my docker compose file and a screenshot of the terminal.


#5

That’s definitely incorrect. If you’re running a docker via docker-compose it will not shut down when you leave the terminal.

I presume it has to do with your next comment about the folder.

You must definitely have a folder where letsencrypt stores its configuration.

you mention /home/user/docker-projects/letsencrypt/config. I presume you have changed the “user” part to your actual ubuntu user?


#6

@juan11perez :weary: :face_with_symbols_over_mouth: school boy error, missed that. Thank you.

I changed it from user to pj (which is my user) and it has now created the folders and files.

I should be able to close the terminal window without it terminating letsencrypt, as it does now show a running container when I type docker ps?


#7

yes, no terminal required


#8

I used your default configuration file, and changed the bits you advised. But what is the purpose of the fastcgi_pass hostip:9000 line? I have portainer running on port 9000, so should I change this and if so what to?

Should I also configure one of the subdomains to point to portainer?

Also, I use configurator, so I used subdomain 1 and changed the server_name to conf.***.duckdns.org and then proxy_pass to 127.0.0.1:3218 is that right?

Sorry for all the questions, learning as I go.


#9

dont know what fastcgi_pass hostip exactly does. but leave it as is.

Change portainer ports to something else i.e. 9100:9000

you should configure the domains you want to expose externally, as per my write up.

for the proxy pass the ip needs to be your server ip with the correct port. xxxx:3218 I pressume you’re example should work. I just use the ip i see on my router for the server.


#10

@juan11perez as far as I can tell I have followed your guide to the letter and used your configs to ensure it is right substituting my details for yours. But it refuses to work.

If I type https://hass.*****.duckdns.org on the local server, I get a time out error and if I try it from the local network or externally I also get a time out issue.

I am forwarding ports 80 & 443 from my router to my server.

Also, I can still connect to my local server by its IP and port (8123, 3128, 9001) the letsencrypt container is running, and I don’t know how to troubleshoot it further. I have rebooted the server several times and also restarted the letsencrypt container after every config change.

I would really appreciate any help you could offer.

Paul