Everything posted by mattie112
-
[Support] Djoss - Nginx Proxy Manager
So the error is clear: Hint: The Certificate Authority failed to download the temporary challenge files created by Certbot. Ensure that the listed domains serve their content from the provided --webroot-path/-w and that files created there can be downloaded from the internet. You have to make sure that port 80 (with no SSL) can be reached from the outside. Please confirm that that is the case.
-
[Support] Djoss - Nginx Proxy Manager
Well without logs your guess is as good as mine. There is "somekind" of error!
-
[Support] Djoss - Nginx Proxy Manager
Yes that should work just fine. On what action do you get the 400 error? Adding the host or enabling SSL? You could try to remove all files in appdata and start fresh if you have nothing on it just to make sure nothing "strange" happend during initial setup. Or go to the console of NPM and try a couple of `certbot` commands to manually get a SSL certificate (I don't know the exact commands) and see if that works or if that possible gives an error that you can search for.
-
[Support] Djoss - Nginx Proxy Manager
Hm that is a strange error, afaik it should not "stop" if it cannot create a SSL certificate. What you can try is to first add a host without SSL and make sure that works. At least you know NPM works then.
-
[Support] Djoss - Nginx Proxy Manager
A fun small experiment would be the following: edit C:\Windows\System32\drivers\etc\hosts (use notepad in administrator mode) add the following INTERNAL.ip.of.nginxdocker your.nextcloud.hostname (so for example 192.168.1.123 nextcloud.foo.bar) Then try to see what happens. You have now "excluded" the entire DNS part as your (and only your) computer now "forces" the specified domain to the specified IP. If it works: you have an issue with your DNS provider. If it doesn't, it is something with NPM
-
[Support] Djoss - Nginx Proxy Manager
I guess if you have multiple external IPs you could enable the forward only for one IP? But you will have to consult your router manual/docs for that. Or just use 0.0.0.0 - 255.255.255.255 to see if that works
-
[Support] Djoss - Nginx Proxy Manager
Can you check the nginx log to see why it crashes? Or is there no log.
-
[Support] Djoss - Nginx Proxy Manager
A few post back someone else also said it took some time. Possible caching or rate limit? Was nginx crashing due to missing certificates? Possible you where restarting while certbot was doing its job? For me I had 0 issues in the last years. As long as you keep port 80 correctly open the Cerificates should be renewed just fine. Ofc always recommend to add an alert on your certs if you rely on them.
-
[Support] Djoss - Nginx Proxy Manager
I think there is also a sqlite database? Or backup the entire folder from app data to be safe.
-
[Support] Djoss - Nginx Proxy Manager
A random online port scan on the IP from the A record of the domain you provided lists port 80 as CLOSED. Letsencrypt needs this port to be open. Please double check this, really the last 10 pages of this topic is not issues with NPM but some issue with connectivity. And also I'm on holiday with only my phone so I don't have any tools to easally check things.
-
[Support] Djoss - Nginx Proxy Manager
Yes correct, but confirm from an external point of view (phone with mobile date) that that works
-
[Support] Djoss - Nginx Proxy Manager
That folder is used by certbot. Somewhere in the nginx config it is defined. But the message is clear: a timeout while trying to connect to unsecured http on port 80. It could be as simple as restarting your modem. Or try to do an external port scan for example to verify / test.
-
[Support] Djoss - Nginx Proxy Manager
Good to hear it is resolved Could be cached at letsencrypt (or rate limited?) not sure about that.
-
[Support] Djoss - Nginx Proxy Manager
Are sure the .well-known folder can be accessed? Through unsecured http over port 80?
-
[Support] Djoss - Nginx Proxy Manager
Did you try to manually run the command? Can you do a 'ps auxf' to see if it is already running? Or find and delete the lock file I think it uses. You are free to use any certificates with NPM. Just add them as a manual cert.
-
[Support] Djoss - Nginx Proxy Manager
Try running cert or manually to get more debug info. Currently on my phone look a bit back in the topic posted the instructions a couple times before.
-
[Support] Djoss - Nginx Proxy Manager
And what if you access your IP directly http(s)://your.external.ip ? What do you see? If you get a not found served by NPM at least that part is working. Or do you think the not found is send to you by nextcloud? Check the nextcloud container for example do you see your connection attempt there? (also: it seems kinda strange that you forward it to https://192.168.0.2:444 usually you forward to a http endpoint because that is where you use NPM for; ssl termination).
-
[Support] Djoss - Nginx Proxy Manager
Open a shell into your NPM docker container and verify the result of your action (the nginx config file). I don't use this feature but perhaps it is already put into a location block?
-
[Support] Djoss - Nginx Proxy Manager
I would post this in a more generic forum. While it could be NPM (are you running the latest version?) it might also be something else. I would suggest to leave NPM offline to see if that solves your problem
-
[Support] Djoss - Nginx Proxy Manager
Sorry, I don't use SWAG so yeah I would ask it there.
-
[Support] Djoss - Nginx Proxy Manager
Your server B is on the same internal network as server A right? Then you don't need to forward any ports. In your example just add a host in NPM for sonarr.domain -> ip.of.server.B:8989
-
[Support] Djoss - Nginx Proxy Manager
I don't really see why you want them to be in the same docker network/interface. If you just want to be able to reverse proxy them then just expose the ports. For example Server A with NPM IP 1.1.1.1 Sonarrr is on server B with IP 2.2.2.2 (map sonar port to host port 12345) Then just add a host sonarr.domain -> 2.2.2.2:12345 And if you run them on a different IP you can use that IP instead of 2.2.2.2 But: you can't really use the same range as that is (by default) only handled internally. You can go to network settings and set a range (or an IP) to go through a different interface but then your router also needs to know where to forward it to as that range will not be 'known' by your local network. (and yes you can either direct attach or do some IPtables solution but I can't really help you with that) Perhaps it will work by adding a range and setting the gateway IP of your server B but I'm not sure.
-
[Support] Djoss - Nginx Proxy Manager
What exactly do you want? containers on B to be able to access containers on A (behind the proxy) -> then why not access them through the proxy? NPM on A to be able to forward traffic to containers on B -> then why not expose a port (and/or IP) on B? But with some iptables magic you should be able to "bridge" networks I think but I can't really help you with that config.
-
[Support] Djoss - Nginx Proxy Manager
Are you sure the port forwarding is correct? A 'start' and 'ends would indicate you are forwarding (allowing) that range to go to your server (or container). I do not see a 443 to 18443 forward for example. You could try NPM on 80/443 (if it has its own IP) to verify this. Or try to access port 18443 remotely then you can be sure.
-
[Support] Djoss - Nginx Proxy Manager
Is it not listed in the UI? Perhaps manually delete `/etc/letsencrypt/renewal/npm-2.conf`