maybe somebody could help with this...
My setup:
Qnap TS-664
Docker containers (Portainer managed)
Domain at porkbun (lets call it example.com)
Cloudflare DNS:
A Name: example.com
C Name: Name: nginx, Content: example.com, Proxied
C Name: Name: g, Content: example.com, Proxied
C Name: Name: portainer, Content: example.com, Proxied
nginx config:
Source: nginx.example.com Destination: http://192.168.1.210:9081 HTTP only
Source: g.example.com Destination: http://192.168.1.210:32768 HTTP only
Source: portainer.example.com Destination: http://192.168.1.210:9000 HTTP only
Docker config for nginx:
services:
mariadb:
image: jc21/mariadb-aria:latest
container_name: npm_db
environment:
MYSQL_ROOT_PASSWORD: 'npm'
MYSQL_DATABASE: 'npm'
MYSQL_USER: 'npm'
MYSQL_PASSWORD: 'insecure'
volumes:
- /etc/localtime:/etc/localtime:ro
- ./npm_db:/var/lib/mysql
restart: unless-stopped
nginx-proxy-manager:
image: jc21/nginx-proxy-manager:latest
container_name: npm
depends_on:
- mariadb
ports:
- '9080:80'
- '9081:81'
- '9443:443'
environment:
DB_MYSQL_HOST: 'mariadb'
DB_MYSQL_PORT: 3306
DB_MYSQL_USER: 'npm'
DB_MYSQL_PASSWORD: 'insecure'
DB_MYSQL_NAME: 'npm'
volumes:
- /etc/localtime:/etc/localtime:ro
- ./npm_data:/data
- ./npm_letsencrypt:/etc/letsencrypt
restart: unless-stopped
Docker config for guacamole:
version: '2.0'
networks:
guacnetwork_compose:
driver: bridge
services:
guacd:
container_name: guacd_compose
image: guacamole/guacd
networks:
guacnetwork_compose:
restart: always
volumes:
- ./drive:/drive:rw
- ./record:/record:rw
postgres:
container_name: postgres_guacamole_compose
environment:
PGDATA: /var/lib/postgresql/data/guacamole
POSTGRES_DB: guacamole_db
POSTGRES_PASSWORD: insecure
POSTGRES_USER: guacamole_user
image: postgres:15.2-alpine
networks:
guacnetwork_compose:
restart: always
volumes:
- ./init:/docker-entrypoint-initdb.d:z
- ./data:/var/lib/postgresql/data:Z
guacamole:
container_name: guacamole_compose
depends_on:
- guacd
- postgres
environment:
GUACD_HOSTNAME: guacd
POSTGRESQL_DATABASE: guacamole_db
POSTGRESQL_HOSTNAME: postgres
POSTGRESQL_PASSWORD: insecure
POSTGRESQL_USER: guacamole_user
image: guacamole/guacamole
links:
- guacd
networks:
guacnetwork_compose:
ports:
- 32768:8080/tcp
restart: always
docker config for portainer
version: '3'
services:
portainer:
image: portainer/portainer-ee:latest
container_name: portainer
restart: always
security_opt:
- no-new-privileges:true
ports:
- 9001:8000
- 9000:9000
- 9043:9443
volumes:
- /etc/localtime:/etc/localtime:ro
- /var/run/docker.sock:/var/run/docker.sock:ro
- ./portainer-ee/data:/data:rw
environment:
TZ: Europe/Vienna
I also have some other containers (sonarr, radarr, ...) running which I can access via the C Name like-https://example.com/nginx which are all working.
I only have problems with guacamole and portainer (and now with photoprism as well) at the moment.
I also had problems with Heimdall, but I could figure out that it needs some special settings in nginx. --> Added to Custom Nginx Configuration:
location / {
proxy_set_header Host $host;
proxy_set_header X-Forwarded-Scheme $scheme;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_set_header X-Forwarded-For $remote_addr;
proxy_set_header X-Real-IP $remote_addr;
proxy_pass $forward_scheme://$server:$port$request_uri;
}
https://g.example.com and https://portainer.example.com is not reachable. But all my other apps (eg. https://nginx.example.com) are working.
I have tried eg.: https://www.reddit.com/r/selfhosted/comments/tvml0j/guacamole_behind_cloudflared_public_hostname/
So I am quite sure I am missing some custom nginx configs. I have already tried a lot but could not figure it out.
Any help would be appreciated...
thx
no success yet. Now I put everything into one docker-compose.yml Everything works, except gucamole. It is reachable locally under http://192.168.1.210:32768/guacamole but not via nginx :-(
here the docker file:
##############NETWORKS##############
networks:
default:
name: media
external: true
##############NETWORKS##############
services:
readarr:
image: lscr.io/linuxserver/readarr:develop
container_name: readarr
environment:
- PUID=$PUID
- PGID=$PGID
- TZ=$TZ
volumes:
- ./readarr:/config
- $MEDIADIR/books:/books #optional
- $MEDIADIR/usenet/completed:/usenet/completed
ports:
- 8787:8787
restart: unless-stopped
nzbget: #usenet download agent
image: ghcr.io/linuxserver/nzbget
container_name: nzbget
environment:
- PUID=$PUID
- PGID=$PGID
- TZ=$TZ
volumes:
- /etc/localtime:/etc/localtime:ro
- ./nzbget:/config
- $MEDIADIR/usenet/nzb:/usenet/nzb
- $MEDIADIR/usenet/queue:/usenet/queue
- $MEDIADIR/usenet/tmp:/usenet/tmp
- $MEDIADIR/usenet/intermediate:/usenet/intermediate
- $MEDIADIR/usenet/completed:/usenet/completed
ports:
- 6789:6789
restart: unless-stopped
radarr: #movie search agent
image: ghcr.io/linuxserver/radarr
container_name: radarr
environment:
- PUID=$PUID
- PGID=$PGID
- TZ=$TZ
- UMASK=022
volumes:
- /etc/localtime:/etc/localtime:ro
- ./radarr:/config
- /share/2watch/movies:/movies
- $MEDIADIR/usenet/completed:/usenet/completed
ports:
- 7878:7878
restart: unless-stopped
sonarr: #TV show search agent
image: ghcr.io/linuxserver/sonarr:latest
container_name: sonarr
environment:
- PUID=$PUID
- PGID=$PGID
- TZ=$TZ
- UMASK=022
volumes:
- /etc/localtime:/etc/localtime:ro
- ./sonarr:/config
- /share/2watch/tv:/tv
- $MEDIADIR/usenet/completed:/usenet/completed
ports:
- 8989:8989
restart: unless-stopped
tautulli: #plex monitoring
image: ghcr.io/linuxserver/tautulli:latest
container_name: tautulli
environment:
- PUID=$PUID
- PGID=$PGID
- TZ=$TZ
- UMASK=002
- DEBUG=no
volumes:
- /etc/localtime:/etc/localtime:ro
- ./tautulli:/config
ports:
- 8181:8181
restart: unless-stopped
heimdall:
image: lscr.io/linuxserver/heimdall:latest
container_name: heimdall
environment:
- PUID=$PUID
- PGID=$PGID
- TZ=$TZ
volumes:
- ./heimdall:/config
ports:
- 32771:80
- 32772:443
restart: unless-stopped
# Nginx Proxy Manager DB
mariadb:
image: jc21/mariadb-aria:latest
container_name: npm_db
environment:
TZ: $TZ
MYSQL_ROOT_PASSWORD: 'npm'
MYSQL_DATABASE: 'npm'
MYSQL_USER: 'npm'
MYSQL_PASSWORD: 'insecure'
volumes:
- /etc/localtime:/etc/localtime:ro
- ./npm_db:/var/lib/mysql
restart: unless-stopped
ports:
- 3306:3306
expose:
- 3306
# Nginx Proxy Manager
nginx-proxy-manager:
image: jc21/nginx-proxy-manager:latest
container_name: npm
depends_on:
- mariadb
ports:
- '9080:80'
- '9081:81'
- '9443:443'
environment:
TZ: $TZ
DB_MYSQL_HOST: 'mariadb'
DB_MYSQL_PORT: 3306
DB_MYSQL_USER: 'npm'
DB_MYSQL_PASSWORD: 'insecure'
DB_MYSQL_NAME: 'npm'
volumes:
- /etc/localtime:/etc/localtime:ro
- ./npm_data:/data
- ./npm_letsencrypt:/etc/letsencrypt
restart: unless-stopped
# Guacamole
guacd:
container_name: guacd_compose
image: guacamole/guacd
restart: always
volumes:
- ./guacamole/drive:/drive:rw
- ./guacamole/record:/record:rw
postgres:
container_name: postgres_guacamole_compose
environment:
PGDATA: /var/lib/postgresql/data/guacamole
POSTGRES_DB: guacamole_db
POSTGRES_PASSWORD: insecure
POSTGRES_USER: guacamole_user
image: postgres:15.2-alpine
restart: always
volumes:
- ./guacamole/init:/docker-entrypoint-initdb.d:z
- ./guacamole/data:/var/lib/postgresql/data:Z
guacamole:
container_name: guacamole_compose
depends_on:
- guacd
- postgres
environment:
GUACD_HOSTNAME: guacd
POSTGRESQL_DATABASE: guacamole_db
POSTGRESQL_HOSTNAME: postgres
POSTGRESQL_PASSWORD: insecure
POSTGRESQL_USER: guacamole_user
image: guacamole/guacamole
links:
- guacd
ports:
- "32768:8080/tcp"
restart: always