Can't get Nginx and SSL to work

[Alfsvag 2]

I've run out of things to try, hopefully I can get some assistance here.

I run OMV5. I have created a dns SSL certificate for my domain and it's subdomains using Swag and Cloudflare.

[cont-init.d] 10-adduser: exited 0.,
[cont-init.d] 20-config: executing... ,
[cont-init.d] 20-config: exited 0.,
[cont-init.d] 30-keygen: executing... ,
using keys found in /config/keys,
[cont-init.d] 30-keygen: exited 0.,
[cont-init.d] 50-config: executing... ,
Variables set:,
PUID=998,
PGID=100,
TZ=Europe/Stockholm,
URL=******.se,
SUBDOMAINS=emby,plex,www,
EXTRA_DOMAINS=,
ONLY_SUBDOMAINS=false,
VALIDATION=dns,
DNSPLUGIN=cloudflare,
EMAIL=******@gmail.com,
STAGING=false,
SUBDOMAINS entered, processing,
SUBDOMAINS entered, processing,
Sub-domains processed are:  -d emby.******.se -d plex.******.se  -d www.******.se,
E-mail address entered: ******@gmail.com,
dns validation via cloudflare plugin is selected,
Certificate exists; parameters unchanged; starting nginx,
Starting 2019/12/30, GeoIP2 databases require personal license key to download. Please retrieve a free license key from MaxMind,,
and add a new env variable "MAXMINDDB_LICENSE_KEY", set to your license key.,
[cont-init.d] 50-config: exited 0.,
[cont-init.d] 60-renew: executing... ,
The cert does not expire within the next day. Letting the cron script handle the renewal attempts overnight (2:08am).,
[cont-init.d] 60-renew: exited 0.,
[cont-init.d] 99-custom-files: executing... ,
[custom-init] no custom files found exiting...,
[cont-init.d] 99-custom-files: exited 0.,
[cont-init.d] done.,
[services.d] starting services,
[services.d] done.,
nginx: [alert] detected a LuaJIT version which is not OpenResty's; many optimizations will be disabled and performance will be compromised (see https://github.com/openresty/luajit2 for OpenResty's LuaJIT or, even better, consider using the OpenResty releases from https://openresty.org/en/download.html),
Server ready,

 

I've setup Nginx with the following configuration: (emby.subdomain.conf)

server {
    listen 443 ssl;
    listen [::]:443 ssl;

    server_name emby.*;

    add_header X-Robots-Tag "noindex, nofollow, nosnippet, noarchive";
    include /config/nginx/ssl.conf;

    client_max_body_size 0;

    location / {
        include /config/nginx/proxy.conf;
        resolver 127.0.0.11 valid=30s;



        proxy_pass http://192.168.0.2:8096;

        proxy_set_header Range $http_range;
        proxy_set_header If-Range $http_if_range;
        proxy_set_header X-Real-IP $remote_addr;
        proxy_set_header Host $host;
        proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
    }
}

Within Emby I have the public https port set to 443. I also have my full external domain listed as well as my certificate. Yet it doesn't work. I get error 522 when I attempt to connect. What am I missing? No port on the router is open besides 80 and 443.

 

Edit: I had forgotten to turn of the proxy on cloudflare when I generated the certificates.

Edited December 9, 2020 by Alfsvag

[Luke 42081]

Hi, glad to see you figured it out. Thanks for following up.