-
[Support] Linuxserver.io - DuckDNS
Thank you both of you for your answer. I just wanted to be sure that is was not possible for the DuckDNS case according to the description linuxserver guys made. I will set my Unraid IP as static and will assign the DuckDNS to that IP. The reason I am doing this is that I use something similar to the DuckDNS "DNS Validation method" for certificate that you can see in that article : https://github.com/dani-garcia/bitwarden_rs/wiki/Running-a-private-bitwarden_rs-instance-with-Let's-Encrypt-certs A way for me to keep all internally without opening my router's ports. Have a good day !
-
[Support] Linuxserver.io - DuckDNS
Hello, As the container description is : Is there a way to dynamically push the Unraid server private IP to our duckdns subdomain ? For instance, if my RAID server change from 192.168.1.10 to 192.168.1.11, I would like mysub.duckdns.org to point to 192.168.1.11 as of now. Many thanks
-
[support] Vaultwarden (formerly Bitwarden_rs)
Hello, What do you mean by that ? I do provide the concat of server cert + CA cert - my gut tells me that it is more an URL issue than a certificats problem. Do you guys reach your bitwarden instance through the android app thanks to a simple domain or thanks to a domain with port or path like me ? (https://tower:18443/bitwarden)
-
[support] Vaultwarden (formerly Bitwarden_rs)
Hi everybody, Did anyone already try to setup a full local selfhosted bitwarden (without any Let's Encrypt) and make it working with Android ? I have bitwarde docker running on my Unraid, reachable on all web browser through https://tower:18443/bitwarden (including Web browsers on my phone) thanks to a self signed certificate with self CA. The only thing I can't have working is the bitwarden Android App which throw me a "Trust anchor for certification path not found" error even though i've imported the CA certificate. Here is how I generate my stuff : # >>>>> CA Key openssl genrsa -des3 -out towerrootCA.key 4096 # >>>>> CA Cert openssl req -x509 -new -nodes -key towerrootCA.key -sha256 -extensions v3_ca -config conf.file -days 365 -out towerrootCA.crt # >>>>> Server Key openssl genrsa -out tower.key 2048 # >>>>> Server csr openssl req -new -sha256 -key tower.key -subj "/C=FR/ST=FR/O=MyNas/CN=tower" -extensions v3_req -out tower.csr # >>>>> Server cert openssl x509 -req -in tower.csr -CA towerrootCA.crt -CAkey towerrootCA.key -CAcreateserial -out tower.crt -extensions v3_req -days 365 -sha256 -extfile conf.file cat tower.crt towerrootCA.crt > finalcertif.crt With my config.file : [req] distinguished_name = req_distinguished_name x509_extensions = v3_req prompt = no [req_distinguished_name] C = FR ST = FR L = Local O = MyNas OU = MyNas CN = tower [ v3_ca ] subjectKeyIdentifier=hash authorityKeyIdentifier=keyid:always,issuer basicConstraints = critical, CA:TRUE, pathlen:3 keyUsage = critical, cRLSign, keyCertSign nsCertType = sslCA, emailCA [v3_req] keyUsage = nonRepudiation, digitalSignature, keyEncipherment extendedKeyUsage = serverAuth subjectAltName = u/alt_names [alt_names] DNS.1 = tower DNS.2 = tower.local DNS.3 = tower:18443 Thank you for help, have a good day,
Miidnight
Members
-
Joined
-
Last visited