sickprodigy/home-server
1
0
Fork 0
Code Issues 15 Pull Requests Packages Projects Releases Wiki Activity

adguard nginx proxy link broke #1

New Issue
Closed
opened 2023-10-25 21:50:20 -04:00 by sickprodigy · 8 comments
sickprodigy commented 2023-10-25 21:50:20 -04:00
Owner
Copy Link

Adguard isn't able to connect on port 3k from nginx proxy.
Seems to be something with port 80 and how I'm only using port 443. TLS over https. Don't enforce.

Not a major issue, but rather annoying if I'm not local.

Adguard isn't able to connect on port 3k from nginx proxy. Seems to be something with port 80 and how I'm only using port 443. TLS over https. Don't enforce. Not a major issue, but rather annoying if I'm not local.
sickprodigy commented 2023-11-23 14:13:53 -05:00
Author
Owner
Copy Link

Can't use it outside of home network right now anyways. Having issues with https configuration.

and with tons of other people using the DNS server.

So disabled it for everyone outside of local network until I can figure out the method I want to use for it.
I may have it enabled for a few IP's.

Possibly just wireguard in and use it all the time from locally in that position.

Can't use it outside of home network right now anyways. Having issues with https configuration. and with tons of other people using the DNS server. So disabled it for everyone outside of local network until I can figure out the method I want to use for it. I may have it enabled for a few IP's. Possibly just wireguard in and use it all the time from locally in that position.
sickprodigy commented 2023-12-23 08:25:52 -05:00
Author
Owner
Copy Link

The network adguard is connecting to is called 'adguard_homelab'
It's not joining the right network, instead creating a new one.
Trying to change network name to specify specific network. See how it goes.

https://i.imgur.com/TtgysVy.png

idk, looks like it was in the same network, just had a weird label for it.

The network adguard is connecting to is called 'adguard_homelab' It's not joining the right network, instead creating a new one. Trying to change network name to specify specific network. See how it goes. https://i.imgur.com/TtgysVy.png idk, looks like it was in the same network, just had a weird label for it.
sickprodigy commented 2024-01-13 19:18:11 -05:00
Author
Owner
Copy Link

Just remembered the network thing out of nowhere..

This one is working:

networks:    # specify the network 2x. In service, and in this tag area..
  homelab:
    name: homelab      # Networks can also be given a custom name
    external: true      # This option causes compose to join the above network instead of making a _default one
  mcprodnet:
    #enable_ipv6: true
    name: mcprodnet      # We will name the network instead of letting docker do something random
    driver: macvlan      # Making the above network macvlan
    driver_opts:         # driver options to use
      parent: enp3s0     # usually eth0 or eth1 but not always, used enp3s0 and enp4s0, had to delete /var/lib/docker/network/files/local-kv.db because phantom network
    ipam:
      config:
        - subnet: "192.168.86.0/24"    #Basically copy router range
          gateway: "192.168.86.1"      #host will eventually route to router, or just go direct
#        - subnet: "2605:a601:9132:d100:2::/80" # dual subnet ipv6, has to match router subnet unfortunately for external connections like samsung tv
#          gateway: "2605:a601:9132:d100:2:ffff:ffff:ffff"      #this needs to be router(ish)
#    external: true

Had to add:

external: true

to the homelab network so it would join that network instead of creating it's own. Not sure when that got changed. Need to add a git for the whole docker folder i reckon.

Just remembered the network thing out of nowhere.. This one is working: ``` networks: # specify the network 2x. In service, and in this tag area.. homelab: name: homelab # Networks can also be given a custom name external: true # This option causes compose to join the above network instead of making a _default one mcprodnet: #enable_ipv6: true name: mcprodnet # We will name the network instead of letting docker do something random driver: macvlan # Making the above network macvlan driver_opts: # driver options to use parent: enp3s0 # usually eth0 or eth1 but not always, used enp3s0 and enp4s0, had to delete /var/lib/docker/network/files/local-kv.db because phantom network ipam: config: - subnet: "192.168.86.0/24" #Basically copy router range gateway: "192.168.86.1" #host will eventually route to router, or just go direct # - subnet: "2605:a601:9132:d100:2::/80" # dual subnet ipv6, has to match router subnet unfortunately for external connections like samsung tv # gateway: "2605:a601:9132:d100:2:ffff:ffff:ffff" #this needs to be router(ish) # external: true ``` Had to add: ``` external: true ``` to the homelab network so it would join that network instead of creating it's own. Not sure when that got changed. Need to add a git for the whole docker folder i reckon.
sickprodigy commented 2024-01-13 19:22:09 -05:00
Author
Owner
Copy Link

I can't port adguard to 80 and 443 is my current issue. Nginx is taking up those ports. So now I'm curious if I make nginx it's own macvlan if it will separate somehow. I think I may be mistaken because I'm having both containers join the same network. So they will try to take the same port? no, they should each have their own ip on the network so shouldn't be overlapping. Not sure what's going on.

I can't port adguard to 80 and 443 is my current issue. Nginx is taking up those ports. So now I'm curious if I make nginx it's own macvlan if it will separate somehow. I think I may be mistaken because I'm having both containers join the same network. So they will try to take the same port? no, they should each have their own ip on the network so shouldn't be overlapping. Not sure what's going on.
sickprodigy commented 2024-01-13 20:01:42 -05:00
Author
Owner
Copy Link

just can't get the https link to work now. 443 works better than 80, but it still throws an error each new site I visit using it through firefox. Kind of annoying.

just can't get the https link to work now. 443 works better than 80, but it still throws an error each new site I visit using it through firefox. Kind of annoying.
sickprodigy commented 2024-03-03 11:15:42 -05:00
Author
Owner
Copy Link

Alright, for some reason, website rcs1.xyz is showing google trust certificate. Is it cloudflare or my local dns showing this?

Everything appears right in adguard. but that would be more of an nginx issue i think, is it because nginx isn't setup properly?
na gotta be because cloudflare is doing something that looks like it being manipulated. Maybe need some further testing with nginx and open an issue there for it.

Alright, for some reason, website rcs1.xyz is showing google trust certificate. Is it cloudflare or my local dns showing this? Everything appears right in adguard. but that would be more of an nginx issue i think, is it because nginx isn't setup properly? na gotta be because cloudflare is doing something that looks like it being manipulated. Maybe need some further testing with nginx and open an issue there for it.
sickprodigy commented 2024-03-03 17:13:57 -05:00
Author
Owner
Copy Link

Alright, so using cloudflare, you don't quite have your full encryption only. It's your encryption through a tunnel of their encryption. So it looks like a different certificate at the end. Will i need to input this certificate on adguard to get it to work properly? I don't like that idea honestly. then cloudflare can read all my adguard data basically.

With tthat in mind when you have issues locally with encryption it may not show up bc cloudflare is forcing it to work. And then everything appears working when it gets to your server.

Alright, so using cloudflare, you don't quite have your full encryption only. It's your encryption through a tunnel of their encryption. So it looks like a different certificate at the end. Will i need to input this certificate on adguard to get it to work properly? I don't like that idea honestly. then cloudflare can read all my adguard data basically. With tthat in mind when you have issues locally with encryption it may not show up bc cloudflare is forcing it to work. And then everything appears working when it gets to your server.
sickprodigy commented 2025-06-04 18:19:14 -04:00
Author
Owner
Copy Link

disabled proxy services with cloudflare, haven't had issues in awhile now. So must be closed.

disabled proxy services with cloudflare, haven't had issues in awhile now. So must be closed.
Sign in to join this conversation.
No Branch/Tag Specified
Branches Tags
Labels
Clear labels
Compat/Breaking
Breaking change that won't be backward compatible
Kind/Bug
Something is not working
Kind/Documentation
Documentation changes
Kind/Enhancement
Improve existing functionality
Kind/Feature
New functionality
Kind/Security
This is security issue
Kind/Testing
Issue or pull request related to testing
Priority
Critical
The priority is critical
Priority
High
The priority is high
Priority
Low
The priority is low
Priority
Medium
The priority is medium
Reviewed
Confirmed
Issue has been confirmed
Reviewed
Duplicate
This issue or pull request already exists
Reviewed
Invalid
Invalid issue
Reviewed
Won't Fix
This issue won't be fixed
Status
Abandoned
Somebody has started to work on this but abandoned work
Status
Blocked
Something is blocking this issue or pull request
Status
Need More Info
Feedback is required to reproduce issue or to continue work
No Label
Milestone
No items
No Milestone
Projects
Clear projects
No project
Assignees
Clear assignees
sickprodigy
No Assignees
1 Participants
Notifications
Due Date
No due date set.
Dependencies

No dependencies set.

Reference: sickprodigy/home-server#1
No description provided.
Delete Branch "%!s()"

Deleting a branch is permanent. Although the deleted branch may continue to exist for a short time before it actually gets removed, it CANNOT be undone in most cases. Continue?