Great video this is exactly what I needed to get unstuck! Could you also have used cloudflared tunnels instead of opening the port in your firewall? Then you could throw access rules in front of it for added security.
@@distrodomain I actually have no clue what's truly wrong as I've tried so many things over the past couple days. I've followed several tutorials and utilized ChatGPT, but still can't figure it out. Essentially I was SSH'ing into the Docker on my NAS to set up a CloudDB data base and ran into issues; to determine if the database was the issue I tried it with Jellyfin and had the same experience. I confirmed my network can find all the associated dockers, I can also ping the Cloudflare server URL, local ips and their open ports, and I've ensured that the firewall on my PC, NAS, and router aren't blocking anything. Both Nginx and Cloudflare were configured as shown in the video. However, the associated domain URL still returns a "failed to connect to host" error.
@@AbyssalSoda are you running docker on bare linux or on something like proxmox, or unraid, are you able to generate a certificate, "failed to connect to host" you get that when you try to navigate to the url?, your firewall rule should be set on your nat connection and forward to the host local ip, from there docker takes over, what do you use for firewall.
@@distrodomain I'm running on UGOS which is a fork of debian used by Ugreen for their NAS lineup. The only difference I could find was the fact I need to use Sudo when pinging jelly.domainname - which could hint at a permissions issue, but I already cleared everything as admin.
@@distrodomain Not sure if you're getting my replies, but to recap again. I am using UGOS a fork of Debian for Ugreen NAS devices, and can generate a certificate just fine. I receive the failed to connect to host when clicking on the url. Firewall/ISP is Verizon.
The process for the proxy sub domain continues to give Internal Error error. However, I was able to get it on another subdomain, I just can't get it for the proxy.
To update you only need to change the tag in the docker compose with the new version and then do a docker compose down, then docker compose up -d, and it will pull the new version, you can get the version tags directly from the npm github, thank you for watching!
@@distrodomain thanks for your reply. As a matter of fact, I was able to update it using Portainer after posting my comment above. However, I still think it would be a great tutorial to have and one that would bring you more views, as I'm sure many people would find it useful. I wasn't able to find much info when I was trying to do this. Even your comment above is not very clear to me, lol, so an actual video guide would be awesome. BTW Awesome channel. Liked and subscribed.
Great video! I've followed all the steps to setup my local home assistant, however I'm getting a 400 error. I can ping successfully my npm but the forwarding part is not working. Any tips?
@@distrodomain thanks for replying to my comment. I was able to figure it out at the end. I needed to add the npm as part of HA config as a trusted proxy, after doing that, it started working.
Месяц назад+1
Thanks for tutorial, in case if we also use pihole as DNS we can add a or cname record right into pihole dns settings right and use that one?
It's just a different way, and it's more secure too. You don't need to keep port 80 open in your firewall. Some ISPs don't allow you to open port 80. Thank you for watching!
@@distrodomain Does that mean all traffic gets tunneled through their connection, or is that something different? I run a Jellyfin server from home and didn't think I could send all that traffic through their connection.
@@MikeDeVincentis Everything gets proxied through them yes, at home I have a dns sever and a dns record that points to my local server to avoid pulling/pushing to cloudflare for home use, on the go and outside of my local netwok it will pull from cloudflare, it even caches some pictures and other things for faster load.
@@distrodomain Gotcha. I do the same thing but without the proxy from Cloudflare. I share my Jellyfin with my family and it's external using NPM because my understanding was proxying that content was not allowed with Cloudflare. It's a lot of data.
you can use your current public ip, if it changes a lot then you can use a setup with something like dynamic dns, or ducky dns, thank you for watching!
I've looked into this but haven't found a concrete solution, you can use custom https ports and still use a cert, tho you will need to specify it on your browser like yoursite.com:8080, thank you for watching!
It's simple solution for home use if you don't want to setup a local dns server, but if you are advanced you can setup something like Pi-Hole at home to resolve those ip, or alteratively you can edit your hosts file but it will only work on that device, thank you for watching! :)
Awesome !! I will do this right away!!! thanks for sharing...
Thank you for watching!
Great video this is exactly what I needed to get unstuck! Could you also have used cloudflared tunnels instead of opening the port in your firewall? Then you could throw access rules in front of it for added security.
Yes exactly that would make the setup even more secure! thank you for watching :)
This was so easy, if only it actually worked
What part is not working for you, I might be able to help, thank you for watching
@@distrodomain I actually have no clue what's truly wrong as I've tried so many things over the past couple days. I've followed several tutorials and utilized ChatGPT, but still can't figure it out.
Essentially I was SSH'ing into the Docker on my NAS to set up a CloudDB data base and ran into issues; to determine if the database was the issue I tried it with Jellyfin and had the same experience. I confirmed my network can find all the associated dockers, I can also ping the Cloudflare server URL, local ips and their open ports, and I've ensured that the firewall on my PC, NAS, and router aren't blocking anything. Both Nginx and Cloudflare were configured as shown in the video. However, the associated domain URL still returns a "failed to connect to host" error.
@@AbyssalSoda are you running docker on bare linux or on something like proxmox, or unraid, are you able to generate a certificate, "failed to connect to host" you get that when you try to navigate to the url?, your firewall rule should be set on your nat connection and forward to the host local ip, from there docker takes over, what do you use for firewall.
@@distrodomain I'm running on UGOS which is a fork of debian used by Ugreen for their NAS lineup. The only difference I could find was the fact I need to use Sudo when pinging jelly.domainname - which could hint at a permissions issue, but I already cleared everything as admin.
@@distrodomain Not sure if you're getting my replies, but to recap again. I am using UGOS a fork of Debian for Ugreen NAS devices, and can generate a certificate just fine. I receive the failed to connect to host when clicking on the url. Firewall/ISP is Verizon.
Another helpful video, thanks man!!
No problem, thank you for watching!
The process for the proxy sub domain continues to give Internal Error error. However, I was able to get it on another subdomain, I just can't get it for the proxy.
Great videos as usual
Thank you for watching!
Great video. Can you create a tutorial on how to update Ngnix Proxy Manager to the latest version? Thank you.
To update you only need to change the tag in the docker compose with the new version and then do a docker compose down, then docker compose up -d, and it will pull the new version, you can get the version tags directly from the npm github, thank you for watching!
@@distrodomain thanks for your reply. As a matter of fact, I was able to update it using Portainer after posting my comment above. However, I still think it would be a great tutorial to have and one that would bring you more views, as I'm sure many people would find it useful. I wasn't able to find much info when I was trying to do this. Even your comment above is not very clear to me, lol, so an actual video guide would be awesome. BTW Awesome channel. Liked and subscribed.
Great video! I've followed all the steps to setup my local home assistant, however I'm getting a 400 error. I can ping successfully my npm but the forwarding part is not working. Any tips?
try http on the forwarding rule, what ports and protocol is the home assistant container using, thank you for watching
@@distrodomain thanks for replying to my comment. I was able to figure it out at the end. I needed to add the npm as part of HA config as a trusted proxy, after doing that, it started working.
Thanks for tutorial, in case if we also use pihole as DNS we can add a or cname record right into pihole dns settings right and use that one?
Yes exactly, you setup a canme in piehole that all your local devices will resolve to the local ip, thank you for watching!
thank you
Thank you for watching!
Thanks!
I'm glad it was helpful! thank you for watching!
How does this work if you're using your domain for home assistant public access via the cloudflared add on? Would I need a second domain?
You can create a subdomain like home.yourdomain.com and generate a certificate for it, and point it to your puclic ip, thank you for watching!
Why use the challenge dns with Cloudflare instead of the normal letsencrypt option for SSL? Is that because you're proxying the dns on Cloudflare?
It's just a different way, and it's more secure too. You don't need to keep port 80 open in your firewall. Some ISPs don't allow you to open port 80. Thank you for watching!
@@distrodomain Does that mean all traffic gets tunneled through their connection, or is that something different? I run a Jellyfin server from home and didn't think I could send all that traffic through their connection.
@@MikeDeVincentis Everything gets proxied through them yes, at home I have a dns sever and a dns record that points to my local server to avoid pulling/pushing to cloudflare for home use, on the go and outside of my local netwok it will pull from cloudflare, it even caches some pictures and other things for faster load.
@@distrodomain Gotcha. I do the same thing but without the proxy from Cloudflare. I share my Jellyfin with my family and it's external using NPM because my understanding was proxying that content was not allowed with Cloudflare. It's a lot of data.
so, you also need a PUBLIC STATIC ip? it cost money to have one. Can we use noip?
you can use your current public ip, if it changes a lot then you can use a setup with something like dynamic dns, or ducky dns, thank you for watching!
what about other network like other device that same subnet with host ? how to forward to that.
You can use the ip of that device instead and It will forward the requests, to that ip, Thank You for watching!
can we insert API Token only one time ?
At the moment, you need to input once per proxy host, the certs will renew after that.
Is there a way to secure an exposed streamed tcp port?
I've looked into this but haven't found a concrete solution, you can use custom https ports and still use a cert, tho you will need to specify it on your browser like yoursite.com:8080, thank you for watching!
ice video but why do u need nginx proxy manager if your using cloudflare
Its because nginx proxy manager is the only app that has been opened in the firewall, thus cloudflare can only reach nginx.
Good point, npm will encrypt cloudflare --> you server connections, but yes you could run all of from cloudflare, thank you for watching!
local ip on public dns... why?
It's simple solution for home use if you don't want to setup a local dns server, but if you are advanced you can setup something like Pi-Hole at home to resolve those ip, or alteratively you can edit your hosts file but it will only work on that device, thank you for watching! :)