Pihole + nginx Prefix Multiplexing not working

darkexplosiveqwx · March 26, 2025, 5:23pm

Am am on the development branch which introduced support for reverse proxys.
This is not working for me.
I am using Raspian 12 on RPI 5.
Settings:
nginx:

location /pihole {
        proxy_pass http://localhost:8080/;
        proxy_set_header Host $host;
        proxy_set_header X-Real-IP $remote_addr;
    }

pihole.toml:

    # Sub-directory of the root containing the web interface
    #
    # Possible values are:
    #     <valid subpath>, both slashes are needed!
    webhome = "/admin/"

    # Prefix where the web interface is served
    # This is useful when you are using a reverse proxy serving the web interface, e.g.,
    # at http://<ip>/pihole/admin/ instead of http://<ip>/admin/. In this example, the
    # prefix would be "/pihole". Note that the prefix has to be stripped away by the
    # reverse proxy, e.g., for traefik:
    # - traefik.http.routers.pihole.rule=PathPrefix(`/pihole`)
    # - traefik.http.middlewares.piholehttp.stripprefix.prefixes=/pihole
    # The prefix should start with a slash. If you don't use a prefix, leave this field
    # empty. Setting this field to an incorrect value may result in the web interface not
    # being accessible.
    # Don't use this setting if you are not using a reverse proxy!
    #
    # Possible values are:
    #     valid URL prefix or empty
    prefix = "/pihole" ### CHANGED, default = ""

Actual Behaviour:

I am just seeing the links present on the Page and no other content.

When using:

location /pihole {
        proxy_pass http://localhost:8080/admin/;
        proxy_set_header Host $host;
        proxy_set_header X-Real-IP $remote_addr;
    }

The behavior is:

All the links will be broken and try to point to https://192.168.178.158/pihole/admin/network for example.

rdwebdesign · March 26, 2025, 7:41pm

There are a few posts with answers to similar issues.

Maybe you can adapt one of the solutions:

What's the right way to "expose" v6 beta via swag (nginx reverse proxy)? - #5 by MadaxDeLuXe
Can't get v6 webinterface behind nginx reverse proxy to work - #4 by stefan

Note:
I just added 2 links here, but you can use the search to find more similar issues.

darkexplosiveqwx · March 27, 2025, 4:44pm

These posts are using /admin/ and /api/, I am trying to use prefix multiplexing to place it at /pihole/admin/ instead. Support for this was introduced with FTL#2319 and the corresponding web PR. This PR was opened a month and merged a few days ago. There isnt a recent post on here depicting this. This PR also introduced the config option for prefix (like seen in my pihole.toml)

Bucking_Horn · March 27, 2025, 5:01pm

You're a bit early for support.

As it has been merged to the development branch, that means it is not officially supported yet, and it can be expected to be changed, to break or become otherwise inoperational.

Right at the start, the PR you've linked mentions a self-contained docker compose script for testing a Traefik rev proxy with Pi-hole - perhaps perusing that compose file would give you some thoughts how to adopt that for your nginx.

darkexplosiveqwx · March 27, 2025, 6:11pm

I moved this into the beta category for now.
I am not familiar with docker and dont have it installed.
On my Pi i dont think it would even work that well with my very sensitive network configuration.
I am still open to provide additional information and help for a bare metal install with nginx.

DL6ER · March 27, 2025, 6:31pm

Have you already tried using /pihole/ here?
(mind the trailing slash)

darkexplosiveqwx · March 27, 2025, 6:39pm

Post obsolete due to my confusion

darkexplosiveqwx · March 27, 2025, 7:04pm

I got very confused here just now trying a bunch of different stuff while forgetting what i was actually doing. My real problem was just forgetting the trailing slash /.
Updated conf:

# Reverse proxy for Pi-hole Admin
    location /pihole/ {
        proxy_pass http://localhost:8080/;
        proxy_set_header Host $host;
        proxy_set_header X-Real-IP $remote_addr;
        proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
    }

darkexplosiveqwx · March 27, 2025, 7:12pm

I have another problem now:
API isnt working (specifically padd):

 $ dig +short chaos txt domain.api.ftl @localhost 2>&1; echo $?

"http://pi.hole:8080/pihole/api/"
0

Correct output should either be "http://pi.hole:8080/api/" since thats the port of pihole-FTL itself.(no reverse proxy here)
or something like "https//pi.hole:443/pihole/api/", but pihole doesnt know the port of the reverse proxy.

I would prefer the second solution since i plan on binding FTL to 127.0.0.1:8080 for it to only be localhost and let nginx manage the https instead

system · April 3, 2025, 7:12pm

This topic was automatically closed 7 days after the last reply. New replies are no longer allowed.