aptalca

Also do a refresh of the browser (perhaps a force refresh with ctrl F5 or shift F5)

?? Check your plugin. 6.7.2 has been supported for about 6 months. Latest 6.8 release candidate is also supported as of yesterday

Cloudflare proxy is an entirely different commercial product with a different purpose, which is beyond the scope of this thread. Please open a new thread to discuss that.

Yup, if you put in your email when you last validated, look out for expiration email, then confirm the expiration date in the browser. If it's expiring in less than 30 days, look for the logs in the config folder to see why it failed.

Cloudflare proxy has a bunch of different settings and depending on how they are set, it can break letsencrypt validation. If yours is working and it validated with the proxy on, then you're fine. But for most people it won't validate as cloudflare will highjack the connections from the letsencrypt server.

Yup

Pfsense has dynamic dns support and can update your A records (I'm using it). Your CNAMEs should be pointing to your main A record (alternatively you can have a wildcard CNAME, just a *, which points them all to the main A record)

It really depends on how complicated your setup on HostGator is. I have a website on HostGator that I never switched over to anything because it was so entrenched in and was setup over a decade ago. Also because there were too many mailers set up and I didn't want to bother with hosting a mail server at home so I just left it there. But if it's a relatively simple site, it shouldn't be a big deal. For updating ip on cloudflare, you can use ddclient, or your router may even have that capability (many routers do).

Openresty errors are harmless.

I don't quite follow the second paragraph there. What is your current setup? Just a website running on HostGator with the domain purchased from GoDaddy? And your contemplating switching that to self hosted at home via letsencrypt? In that scenario cloudflare would only be used for dns, for which it does a great job.

No worries. Glad to hear it works

Glad to hear it is fixed. But keep in mind that we do not support running manual commands like "certbot renew" inside the container unless we ask you to run a specific one. All the necessary info about renewals is in the readme.

You're mixing and matching elements from subdomains and subfolder proxy method. Which are you trying to accomplish?

Turn off cloudflare proxy (click on the orange cloud)

Perhaps nat reflection? Does it happen when you connect from wan? Like on a cell phone with wifi turned off?

You should let limetech know about your issues and concerns. After all, it's really limetech who should be providing you with a solution, not a third party like us. We do what we can (chbmb and bassrock put a lot of work into it) but there is only so much an outsider can do when they only have partial info and have to reverse engineer everything. As an example, qnap worked directly with plex employees to make sure their OS included the necessary drivers and packages to make sure transcoding worked with plex on their devices. We are neither the OS provider (limetech) or the client (plex/emby). We're just folks trying to give back to the community.

Yep, that's the script. Pfsense/opnsense would be ideal. I have my entire internet connection go out through pfsense's ovpn client. Keep in mind that PIA let's you 1 incoming port forwarded per connection/account (can't remember which). So you won't be able to tunnel everything incoming (unless you reverse proxy everything through letsencrypt) I also highly recommend running pfsense on a dedicated machine rather than in a container or vm

Sure, the proxy confs get imported into the default site conf via "include" statements when nginx reads them

Key should be VERSION, value is latest. You didn't set anything to latest there?!?

Inbound and outbound would have to handled by separate containers. This image only does inbound as it is a server. Also, you'd need to request an inbound port forwarding requested via PIA's api and set that as your vpn port

You set the proxy pass to "Nextcloud". It should be "nextcloud" and the container name should also be "nextcloud"

After following @saarg's advice, use this to confirm: https://blog.linuxserver.io/2019/07/10/troubleshooting-letsencrypt-image-port-mapping-and-forwarding/

Define stops working. What exactly happens? Errors? Logs?

Good question @limetech is this issue on the radar? We'd like to be able to use btrfs cache pools but the io issue is a non-starter Thanks

https://github.com/linuxserver/docker-letsencrypt/issues/379#issuecomment-555991614