Nginx proxy manager - tcp 0.0.0.0:443: bind: address already in use

snelu · March 17, 2021, 6:37pm

Hi fellow HA enthusiasts!

I try to get the nginx proxy manager add-on running. Unfortunately it does not start and pops an error in my logs, which I quite do not understand. Please see the logs below. I read that mariadb must be installed and running, which it does. Checking my add-ons and so far I can not see one of it using port 443. Also 443 is not opened on my router. So I ssh into my pi and executed sudo netstat -tulpn | grep LISTEN.There I saw 127.0.0.1 is using 443.

This result left me a little confused, since I am not a crack on these things. What can I do from here? How do I get nginx proxy manager running?

I am using supervised HA (2021.03.6) on a raspberry 4b. Pretty standard installation, I assume. My router is a AVM Fritzbox 7590.

Any help is much appreciated!
Thx!

21-03-17 18:25:52 ERROR (SyncWorker_3) [supervisor.docker] Can’t start addon_a0d7b954_nginxproxymanager: 500 Server Error for http+docker://localhost/v1.40/containers/b914b7c390096ddc51775fcb0aa904c9bf77dc7065dc46ca6903761e9af74a41/start: Internal Server Error (“driver failed programming external connectivity on endpoint addon_a0d7b954_nginxproxymanager (ccdcf2441fa9133cda330d3bbb1bb4ed6b84505e668060596fc65272847df25e): Error starting userland proxy: listen tcp 0.0.0.0:443: bind: address already in use”)

deluxestyle · March 17, 2021, 9:34pm

Which other Addons do you have?

samnewman86 · March 17, 2021, 9:35pm

Have you got SSL enables in your ha config.

snelu · March 17, 2021, 9:38pm

Do you mean this part in my configuration.yaml?

#homeassistant:
#  external_url: !secret https
#  internal_url: !secret base_url

I commented it out, thinking it would maybe cause issues while starting the nginx proxy manager the first time

snelu · March 17, 2021, 9:40pm

Most of them are installed but not used (yet).

Samba share (9.3.0), Duck DNS (1.12.5), Check Home Assistant configuration (3.6.0), Node-RED (8.1.3), TasmoAdmin (0.14.0), Visual Studio Code (3.1.1), AdGuard Home (4.0.0), File editor (5.2.0), Git pull (7.12), InfluxDB (4.0.3), Grafana (6.1.3), WireGuard (0.5.0), ESPHome (1.16.2), Home Assistant Google Drive Backup (0.103.1), Bitwarden RS (0.8.0), SSH & Web Terminal (8.0.4), Grocy (0.11.1), Matrix (0.10.0), room-assistant (2.15.0), FTP (4.0.1), Let’s Encrypt (4.11.0), ADB - Android Debug Bridge (0.7.0), SQLite Web (3.0.1), Dnsmasq (1.4.4), motionEye (0.11.1), Mosquitto broker (5.1.1), MariaDB (2.2.2), Nginx Proxy Manager (0.10.0)

up and running:

Samba share (9.3.0), Duck DNS (1.12.5), TasmoAdmin (0.14.0), Visual Studio Code (3.1.1), AdGuard Home (4.0.0), ESPHome (1.16.2), Home Assistant Google Drive Backup (0.103.1), SSH & Web Terminal (8.0.4), ADB - Android Debug Bridge (0.7.0), Mosquitto broker (5.1.1), MariaDB (2.2.2)

samnewman86 · March 17, 2021, 10:31pm

What about the http: section?

bug · March 18, 2021, 12:08am

You could track it down by simply browsing to your installation ip in https (https://your.home-assistant.ip) or typing “netstat -lptn” in console (requires root).

deluxestyle · March 18, 2021, 8:16am

seems maybe one of your addons is using 443 already. might be adguard?

bug · March 18, 2021, 8:24am

adguard is a dns server. I’d add my bet on TasmoAdmin https enabled.

deluxestyle · March 18, 2021, 8:27am

that’s true, but even pi hole is listening on 443. so maybe adguard as well

bug · March 18, 2021, 8:30am

pi-hole has admin interface on that port. it could be basicly any addon within external, web-based configuration interface.

deluxestyle · March 18, 2021, 8:35am

true.
maybe stop all addons and start ngnix to see if it will start.
after that start the other addons one by one

snelu · March 18, 2021, 2:30pm

Hi everyone,

thanks for replying to my issue - sorry for the delay - normal work day here.

I did what @deluxestyle suggested and stopped every add on and then restarted piece by piece. And you were also right: it was Adguard causing this trouble.
So now I can get nginx proxy manager up and running. Thanks again.

Hopefully I find a way to use both addons NPM and AG. Anything you guys would point out what I should be looking for/at or take care of to get it running simultaneously or should it be easy after configurating NPM?

Cheers and thx again!

deluxestyle · March 18, 2021, 2:46pm

I don’t use Adguard. but it might be that you can change the port in the config

bug · March 20, 2021, 8:31pm

change the port and proxy it through the proxy manager

snelu · March 24, 2021, 10:47am

Thanks for your suggestion @bug . But how do I change the port of Adguard?

Do I find these under DNS settings or encryption settings? And do I understand you right, that I would e.g. change adguards port to e.g. 5, then register e.g. exampleadguard.org and then redirect exampleadguard.org to the IP and port of Adguard? Then I simply fill this new ip+port into my router settings?

Another thought: I would like to use encryption with Adguard. Normally I just pointed to the location of my ertificate which was /ssl/fullchain.pem but now the nginx proxy manager files the ssl certificate over lets encrypt and force every connection to use https. So where is my key and certificate located now? As I was trying to use my old settings in AdGuard in the encryption settings, it says Status: Certificate chain is invalid so the files must have changed their location

bug · March 24, 2021, 6:33pm

You could move the adguard to some high port (ex 8080). In normal use case, as the nginx and adguard ar running on same host, you don’t necessarily need encryption between (it is also possible but one more configuration step).

Do the following:
once adguard is on another port (let’s say 8080), make proxy manager to proxy the traffic to http://localhost:8080 and configure encryption to proxy manager (so browser to proxy is encrypted, proxy to adguard is not but in most cases it doesn’t matter as the traffic goes in localhost only).

you can use subdomains and possibly path’s to separate different endoints at proxy.