Nginx Proxy Manager 2.12.4 – Multiple Issues and Unresolved DNS Failure (Rollback Required)

[JackDinn]

Im going to lay out all the problems that i have had trying to update to NPM 2.12.4 because i seem to have many bugs that other people don't seem mentioned.

TrueNas Scale ElectricEel-24.10.2.2
NPM 2.12.4

- Cloudflare plugin fails to work because plugin definition is broken
- Cause: The file /app/global/certbot-dns-plugins.json gets rewritten at startup and the cloudflare plugin entry is stripped or malformed
- Fix: Run this command after container start to repair the JSON entry:
- sudo docker exec -it ix-nginx-proxy-manager-npm-1 sh -c “sed -i ‘s/cloudflare==4.0.*/cloudflare/’ /app/global/certbot-dns-plugins.json”

The above resolution seems to be all that is needed for a complete working NMP for most people. However i have several other problems. (possibly because im on Truenas scale using Docker apps).

- Problem 2: Nginx fails to start due to permission denied on nginx.pid
- Cause: Running the container with non-root PUID and PGID (such as 568) prevents it from writing to /run/nginx/nginx.pid
- Fix: Set User ID and Group ID in the app configuration to 0 so the container runs as root

- Problem 3: Cloudflare plugin support breaks due to stripped ownership script
- Cause: The startup script /etc/s6-overlay/s6-rc.d/prepare/30-ownership.sh gets fully stripped of content, removing necessary lines for certbot plugins
- Fix: Set the following environment variable in the app config:
- S6_STAGE2_HOOK = sed -i 2,$d /etc/s6-overlay/s6-rc.d/prepare/30-ownership.sh
- This keeps the shebang line and prevents plugin wipe

- Problem 4: Container marked unhealthy due to DNS failures
- Cause: DNS servers like 217.169.20.21 and 217.169.20.20 are unreachable from inside the container, even though they work fine in older NPM versions
- Fix: Not resolved yet. Rolling back to NPM version 2.11.1 avoids the issue. Possibly caused by new container network behavior in 2.12.4

I post this so i can refer to it each time in need to try a "new fix" and have to redo all this again just to test. Also so that i hope none of these problems are overlooked before the next update.

I shall remain on the previous version of NPM until the next version is pushed to Truenas app's, unless anyone has any other "fix" that i can try.

[andritolion]

I'm also having very similar symptoms to you. While the actual proxy is still working (and hence I didn't notice), it's flooding my DNS query logs and I can't log into the webUI due to a bad gateway error. Probably will also have issues when it comes time to renew certs too on this version.

[JackDinn]

Hi, Yep they made a real "pigs ear" of that one. Others have said they are actually looking for alternatives to NPM specifically because of this mess and the number of times they mess up an update. I have no choice really, I don't have the time or inclination to learn a new reverse proxy.

[jsuelwald]

Same here, i had to rollback to 2.12.3 in my homelab setup

[iandoesallthethings]

Same here, i had to rollback to 2.12.3 in my homelab setup

For anyone using the truenas app, 2.12.3_1.1.14 is stable. It took me a few tries since the rollback option offered several intermediate versions.

[JackDinn]

Yea its been stable ever since I first installed the instance/app, which must have been more than a year ago. So I'm sure any of them from the last year would work. But 2.12.3 is fine (if you have it).

I learned my lesson, I usually just click update all on TrueNAS and it emails me when the update notification is cleared. Usually that's enough to tell me everything went okay but I will have to be much more careful and check everything after updates. My public Nextcloud was down for 3 days without me noticing 🤦

[Hipoglos]

Rolled back to 2.12.3.

[guocn]

Rolled back to 2.12.3 which works perfectly

[chpalex]

Thanks for posting this.
My issue is that I had 2 domains being managed by NPM, one with a public IP and one with a private IP, after the update the private IP no longer resolves but public one still does.

[JackDinn]

Truenas is now showing that the TN version has been updated but that NPM itself is still the same version.

The update is now showing as:-
2.12.4_1.2.5

2.12.4 same NPM version
1.2.5 but now with chart version 1.2.5

Does this mean that Truenas have attempted to fix this ? Im concerned if i should even test it.

[greyluked]

Truenas is now showing that the TN version has been updated but that NPM itself is still the same version.

The update is now showing as:- 2.12.4_1.2.5

2.12.4 same NPM version 1.2.5 but now with chart version 1.2.5

Does this mean that Truenas have attempted to fix this ? Im concerned if i should even test it.

I've tried updating to this version to see if the issue had been fixed but I ran into the same errors. Had to roll back to v.2.12.3 / 1.2.3 again.

[JackDinn]

Looks like we shall be waiting for the actual NPM update then.

Thx for taking a look.

[ratbich]

Thanks... was getting the same thing. Noticed my nodes that both had the update at the same exact time had higher load than normal and running hotter.

Downgraded to 2.12.3 image and issue gone and normal

[mick7451]

How to go back to version 2.12.3 from Truenas I am new

[wilotas]

I did rollback to 2.12.3 but now, I receive a "Invalidd usernanme or password" message...

Strange...

[mick7451]

in roll back there is just 1.2.4