Also is it possible to remove the “Congratulations” page of Nginx when you go to your https adres?
You can change it in Settings.
I’m trying to renew my Let’s Encrypt Certificate through the proxy manager and I either get an “Internal Error” or timeout. Not sure where to look for logs to see what’s going wrong. Deleting and creating a new one from scratch is also erring.
Any pointers?
Do you have port 80 forwarded to the ip of the machine where NPM is running?
Most of the times when I had issues with certificate renewal it was because I had done some bad stuff elsewhere (pointed port 80 to another ip, installed another docker running on port 80 so that the addon couldn’t start, sent NPM traffic through VPN so that it didn’t accept incoming traffic due to the firewall, etc).
Apparently I had removed port 80 from the Proxy Manager config. Re-added that. Still failed, got “Another instance of Certbot is already running” error, so ran the commands above to delete the .certbot.lock file. Tried creating a certificate again and logs say Challenge failed (was 404ing on the challenge requests). Instead of adding the certificate from the host settings editor, I did it from the Certificates section and that seemed to work. Thanks!
If I do an SSL scan of my site when connected to this add-on, (https://www.ssllabs.com/ssltest/index.html), I get a “B” grade, mostly because the add-on has TLS 1.0 and TLS 1.1 turned on. How can I disable this?
Second part - has anyone considered add mod_security to this add-on?
(Web Application Firewall)
Are you using your own certificate or Let’s Encrypt?
Without Block Common Exploits, HTTP/2 Support, HSTS Enabled and HSTS Subdomains ticked I still get an A (enabling those it goes to A+).
Cloudflare Origin Certificate. I have Block Common Exploits on, others unchecked.
Edit: It turns out I can restrict this via Cloudflare, which brings me to an A but I’d still like to adjust the nginx settings and enable mod_security.
Might be wrong but I think you would need a vanilla Nginx install for that.
Does anyone have this working on a Unifi network, and could you share your settings? Mine doesn’t want to forward port 80 and instead of seeing HASS, I get the Unifi configuration page.
Cheers, Richard
I don’t have Unifi gear but, after correctly forwarding port 80, expectations are to be able to access Nginx greetings page (with the default NPM settings), not Home Assistant.
Basically, after forwarding ports 80 and 443 to the IP of the machine running NPM it should point as following:
- http://192.168.0.1 or http://192.168.0.1:80 (internal ip of the router) => router’s configuration webpage;
- https://192.168.0.1:8443 more likely than https://192.168.0.1:443 (internal ip of the router) => router’s configuration webpage (if enabled in the router’s settings; usually only http access is configured);
- http://192.168.1.1 or http://192.168.1.1:80 (external ip of the router) => Nginx greetings page;
- https://192.168.1.1 or https://192.168.1.1:443 (external ip of the router) => should go to http://192.168.0.x:8123 and should result in an error as the certificate was issued to https://youraddress.duckdns.org (DuckDNS record of http://192.168.0.x:8123)
- http://192.168.0.x:8123 => Home Assistant
Thanks @Petrica
I fixed the problem. It was a Unifi configuration error that prevented it from forwarding port 80. I did a Factory reset and all is good.
Cheers, Richard
It should be http (unless you changed this in configuration.yaml).
What have you checked in SSL tab? Have you issued a new certificate or trying to use an existing one?
If you’re using an older certificate you might check in SSL Certificates page if it expired.
1 Like
@RichardU what version was the issue? what version is the factory reset?
I’ve found my unifi is also blocking port 80, even though I have the port forward set.
Everything was the latest version when it happened - Dream Machine Pro. My suspicion is that it happened because I initially set up my Unifi while connected through another router. After the factory reset, I connected Unifi directly to my fiber connection and it worked.
Did you ever find a solution for this?
If certificate is renewed (not generated) the npm value doesn’t change.
So I use that path in all my addons and it’s working.
1 Like
A life saver… thanks!!!
after update there is an error when try to enter… 
some solution?
[21:57:06] INFO: Starting the Manager…
[10/24/2020] [11:57:10 PM] [Global ] › 
error Cannot find module ‘…/global/certbot-dns-plugins’
Require stack:
- /opt/nginx-proxy-manager/internal/certificate.js
- /opt/nginx-proxy-manager/internal/proxy-host.js
- /opt/nginx-proxy-manager/internal/report.js
- /opt/nginx-proxy-manager/routes/api/reports.js
- /opt/nginx-proxy-manager/routes/api/main.js
- /opt/nginx-proxy-manager/app.js
- /opt/nginx-proxy-manager/index.js Error: Cannot find module ‘…/global/certbot-dns-plugins’
Require stack: - /opt/nginx-proxy-manager/internal/certificate.js
- /opt/nginx-proxy-manager/internal/proxy-host.js
- /opt/nginx-proxy-manager/internal/report.js
- /opt/nginx-proxy-manager/routes/api/reports.js
- /opt/nginx-proxy-manager/routes/api/main.js
- /opt/nginx-proxy-manager/app.js
- /opt/nginx-proxy-manager/index.js
at Function.Module._resolveFilename (internal/modules/cjs/loader.js:965:15)
at Function.Module._load (internal/modules/cjs/loader.js:841:27)
at Module.require (internal/modules/cjs/loader.js:1025:19)
at require (internal/modules/cjs/helpers.js:72:18)
at Object. (/opt/nginx-proxy-manager/internal/certificate.js:16:26)
at Module._compile (internal/modules/cjs/loader.js:1137:30)
at Object.Module._extensions…js (internal/modules/cjs/loader.js:1157:10)
at Module.load (internal/modules/cjs/loader.js:985:32)
at Function.Module._load (internal/modules/cjs/loader.js:878:14)
at Module.require (internal/modules/cjs/loader.js:1025:19) {
code: ‘MODULE_NOT_FOUND’,
requireStack: [
‘/opt/nginx-proxy-manager/internal/certificate.js’,
‘/opt/nginx-proxy-manager/internal/proxy-host.js’,
‘/opt/nginx-proxy-manager/internal/report.js’,
‘/opt/nginx-proxy-manager/routes/api/reports.js’,
‘/opt/nginx-proxy-manager/routes/api/main.js’,
‘/opt/nginx-proxy-manager/app.js’,
‘/opt/nginx-proxy-manager/index.js’
]
}
[21:57:10] INFO: Starting the Manager…
[10/24/2020] [11:57:13 PM] [Global ] › error Cannot find module ‘…/global/certbot-dns-plugins’
Require stack: - /opt/nginx-proxy-manager/internal/certificate.js
- /opt/nginx-proxy-manager/internal/proxy-host.js
- /opt/nginx-proxy-manager/internal/report.js
- /opt/nginx-proxy-manager/routes/api/reports.js
- /opt/nginx-proxy-manager/routes/api/main.js
- /opt/nginx-proxy-manager/app.js
- /opt/nginx-proxy-manager/index.js Error: Cannot find module ‘…/global/certbot-dns-plugins’
Require stack: - /opt/nginx-proxy-manager/internal/certificate.js
- /opt/nginx-proxy-manager/internal/proxy-host.js
- /opt/nginx-proxy-manager/internal/report.js
- /opt/nginx-proxy-manager/routes/api/reports.js
- /opt/nginx-proxy-manager/routes/api/main.js
- /opt/nginx-proxy-manager/app.js
- /opt/nginx-proxy-manager/index.js
at Function.Module._resolveFilename (internal/modules/cjs/loader.js:965:15)
at Function.Module._load (internal/modules/cjs/loader.js:841:27)
at Module.require (internal/modules/cjs/loader.js:1025:19)
at require (internal/modules/cjs/helpers.js:72:18)
at Object. (/opt/nginx-proxy-manager/internal/certificate.js:16:26)
at Module._compile (internal/modules/cjs/loader.js:1137:30)
at Object.Module._extensions…js (internal/modules/cjs/loader.js:1157:10)
at Module.load (internal/modules/cjs/loader.js:985:32)
at Function.Module._load (internal/modules/cjs/loader.js:878:14)
at Module.require (internal/modules/cjs/loader.js:1025:19) {
code: ‘MODULE_NOT_FOUND’,
requireStack: [
‘/opt/nginx-proxy-manager/internal/certificate.js’,
‘/opt/nginx-proxy-manager/internal/proxy-host.js’,
‘/opt/nginx-proxy-manager/internal/report.js’,
‘/opt/nginx-proxy-manager/routes/api/reports.js’,
‘/opt/nginx-proxy-manager/routes/api/main.js’,
‘/opt/nginx-proxy-manager/app.js’,
‘/opt/nginx-proxy-manager/index.js’
]
Same problem after update.
until I stopped the extension, the processor load increased significantly