r/selfhosted

•

5 yr. ago

Running Unifi controller behind a reverse proxy.

I am trying to setup the Unifi controller behind a reverse proxy using nginx-proxy-manager it more or less appears to work but I keep getting 400 errors.

If I try to use the software internally (192.168.1.246:8443) it all works as expected.

I found a similar issue in the Caddy forums which sounds like exactly the same problem, it suggest adding the adding the following to the proxy command (proxy command being a Caddy thing I assume):

header_upstream -Authorization

Based on the issue I believe what this is doing is removing the Authorization header from the proxied requests? If this is right how would I go about doing this with nginx? (I am very very new to reverse proxies and server stuff in general).

nginx-proxy-manager gives the following interface to add custom rules to proxy hosts (not sure if this helps):

If there is a better place to post this please let me know, I couldn't think of where to post it.res

**UPDATE**

Enabling websockets resolved the issue.

zipsecurity

•

Promoted

Securely manage Windows devices without the headaches. (Really.) Stand up Intune pain-free along with Zip’s all-in-one security, IT, & compliance platform.

info.zipsec.com

Get a Quote

Sort by:

Best

Open comment sort options

trvr

•

5y ago

I've never used nginx-proxy-manager, but this is my (working) nginx setup for unifi:

location / {
proxy_pass https://127.0.0.1:8443;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forward-For $proxy_add_x_forwarded_for;
proxy_set_header Upgrade $http_upgrade;
proxy_http_version 1.1;
proxy_set_header Connection "upgrade";
}

Crashyy

•

5y ago

Awesome I will have a play around with this tonight, I am not quite sure how nginx-proxy-manager works internally so I am just going to try pasting that in and then start messing with it :).

Cheers!

More replies

jo3shmoo

•

5y ago

In nginx-proxy-manager do you have the scheme set to https? It defaults to http but needs to be on https as the unifi controller is configured to only accept connections over https.

(I just tested on my config and changing to http causes it to throw 400 errors)

I've been running Unifi controller for several months behind nginx-proxy-manager for with Scheme set to https, Websockets Support enabled, and Block Common Exploits enabled.

Crashyy

•

5y ago

I do have it set to https:// I have not enabled Websockets, or Blocked common exploits though, I will try that tonight!

Cheers!

More replies

[deleted]

•

5y ago

Comment deleted by user

Crashyy

•

5y ago

nginx-proxy-manager runs in docker by default.

I tried setting up Traefik on Unraid for weeks to no avail, not to mention I encountered all manner of issues, furthermore resources on Traefik (excluding it's documentation are scarce at best) using ngix-proxy-manager at least I am essentially using nginx.

Additionally what would be the point in moving my whole setup over to Traefik just so I could run the Unifi controller like that when everything else is working with nginx-proxy-manager?

I like the idea of Traefik, but after a lot of trial an error trying to set it up I was able to get up and running with nginx-proxy-manager very fast, with the added bonus of it having a nice GUI and simply user access management which has been great.

More replies

hpapagaj

•

5y ago

With Caddy it's really easy. Search for Caddy+Unifi

Ebbeliebebbelie

•

5y ago

Why not connect it to https://unifi.ubnt.com/ ?

mind-blender

•

5y ago

What's the point of self hosting if you're depending on someone else's servers?

ilovethosedogs

•

5y ago

Doesn't work on Safari.

More replies

Running Unifi controller behind a reverse proxy.

Comments Section

So whats the best way to run a reverse proxy?

How do most people configure a reverse proxy?

Reverse proxy for ssh?

Is there any reason to not have my self hosted apps on a reverse proxy?

PSA: A reverse proxy does not automatically increase your security

Looking for a Simple Reverse Proxy with 2FA

Can someone explain why a home user should have a reverse proxy & all that sort of stuff?

Reverse proxy without exposing to the open web?

Pros/cons of having a reverse proxy on the same physical server vs separate?

The reverse proxy really is the pain point when self hosting, any suggestions?

Self-hosted ways fo remotely controlling any computer?

I also want to show my PhoneServer

Umbrel in a Docker container

I never saw the benefit of these network maps previously. Now that even my modest setup is growing in complexity, I really get it now. It's very useful to help with troubleshooting.

Security/firewall on internal network?

Start of my selfhosted journey, I created a router

PSA: Make sure your router fully support ipv6 before self hosting

VPS + Local Reverse proxy + Wireguard + PiHole - How to resolve DNS to services both when connecting in local network and remotely with VPN?

Sharing my network configuration

How do you make a webserver accessible to local network only without configuring router settings?

Do others proxy self-hosted services through VPS to their home network?

Why is a VPN safer than a reverse proxy?

What reverse proxy app do you use and why?

Linux Server Setup: A Beginner’s Guide

What's the best non-RDP option for remotely controlling a Windows 11 machine?

Top Posts