I’m trying to use ssl in a reverse proxy without success, I use the same in my jellyfin docker and it works normally, but for uptime-kuma this error appears:
In the Jellyfin container that is working, the only differences are the server_name, which is ‘media.reloaded.com.br’ and the proxy_pass which only changes the port from 8096 to 3002.
The reverse proxy without SSL is working, the problem is when I enable “Use Let’s Encrypt to obtain SSL certificate”.
You missed to add the required include in status.tpl after location / block:
include %home%/%user%/conf/web/%domain%/nginx.conf_*;
And this in status.stpl
include %home%/%user%/conf/web/%domain%/nginx.ssl.conf_*;
You should modify the templates and rebuild your web domain.
Regarding media.reloaded.com.br you have the same problem, the certificate should have been renewed 15 days ago and it isn’t because the same missing include directives in the templates.
I’m sorry for the error, I thought only these lines would be necessary:
status.tpl
include %home%/%user%/conf/web/%domain%/nginx.forcessl.conf*;
status.stpl
include %home%/%user%/conf/web/%domain%/nginx.hsts.conf*;
Could you tell me the steps or the documentation link so I can rebuild the domain, because generally I just do ‘systemctl restart nginx’
I think I’ll have to wait a while to try again, because the last error presented was 429, this means I’ve reached the Let’s Encrypt attempt limit, am I correct? Can you tell me how long this takes?
Thank you very much, I waited a few hours to try again and I managed to obtain the ssl certificate.
In addition to placing the 2 includes that you mentioned, in the .tpl and stpl, I also added the following as requested by the uptime-kuma documentation: Reverse Proxy · louislam/uptime-kuma Wiki · GitHub
Strange, after SSL is activated correctly, I can no longer replicate the error.
I added the option proxy_set_header Upgrade $http_upgrade;, rebuilt the domain and everything worked, I even tried restarting the nginx service and everything worked normally.
BUT I’m sure that with this option before the certificate was generated, it gave an error, in the web ui it gave the message that nginx cannot be restarted.
So I forced a restart through the server settings in the web ui, but instead of nginx being restarted it just stopped.
I tried to start, it informed me that it was not possible to start Nginx.
So I went to the cli via ssh, gave systemctl status nginx and saw that it couldn’t start because of the invalid http_upgrade command (I don’t remember exactly the msg here).
So I removed the option proxy_set_header Upgrade $http_upgrade; from both .tpl and .stpl, and I started the nginx service normally.
Generated the ssl certificate, and it worked.
Well, as I added the option again, and it’s working, I’ll leave it, if anything happens, I’ll come back here to inform you.
Or if you want me to carry out some tests, just let me know and I can do it.