jasonz940

I pulled out an old router and started testing. I tried all six available network ports on the server and different network cables. It really does look like the router I used was causing the unresponsive web interface and the spontaneous loss of network shares.

The server has two onboard ethernet ports and and additional four ports in a PCIE card. I have tried different cables in different ports and it still happens. I have tested with bound ports and unbound ports. Still happens. Though I agree that the router could be a problem I would prefer having a more definitive test to confirm that. One of the things I wanted to do with the server was run PFSense on it but I'm not going to do that if I am not certain the server isn't having some kind of problem. I can't think of any other tests or logs to look at on the server though. I may be able to try something with an old router I have laying around to test if the router is causing any trouble.

It seems like the issues is on my server than the router. Other devices on the network don't seem to have problems like these. They and the internet are all reachable. I have tried other ports on the router, other ports on the server, and even different cables.

tower-diagnostics-20190730-0344.zip I have included the zip file. I know it was happening today (the 29th) around 3:15pm and 3:48pm.

My Unraid server had been running for months without these issues until recently. Sometimes when I go to the web interface the response is that there is nothing there at that address. I have tried using both http://tower and the IP address directly. Both had the same results. Sometimes I will just let it sit there and the page will eventually load and other times it will not. I get a connection refused error. On top of the web interface my network shares will also not be reachable. There seems to be no rhyme or reason as to when it happens. I could be actively using the web interface or a network share and the next click will result in a connection error. When I plug in a monitor and look at the server itself it appears to be operating without issue though I haven't looked at any logs. I don't actually know where I would find the relevant logs for this. I use the server very occasionally and I couldn't tell if the upgrade to 6.7.2 had anything to do with these issues or not. I have also had issues with some Docker containers that stopped working correctly but I'm not sure if that's related. What do I need to provide to get a clearer picture of what is going wrong?

When I click on the log icon next to the Docker container there are no errors that show up there. When I look at the log inside appdata/letsencrypt I can see where the issue happens. Letsencrypt can't connect to my server over HTTP for verification. I have verified the firewall/port forwarding settings on my router are correct. HTTPS works as expected and when I go to the root URL over HTTP it gets redirected to HTTPS, so that's correct too. Trying to navigate to the full URL where the acme-challenge is in a browser I get a "connection refused" response. Is something messed up in my NGINX config I wonder? I'm not sure where to look from here but I really appreciate the help. Here's the log: <-------------------------------------------------> cronjob running on Sun Dec 30 02:08:00 EST 2018 Running certbot renew Saving debug log to /var/log/letsencrypt/letsencrypt.log Non-interactive renewal: random delay of 442 seconds - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Processing /etc/letsencrypt/renewal/sub2.duckdns.org.conf - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Cert is due for renewal, auto-renewing... Plugins selected: Authenticator standalone, Installer None Running pre-hook command: if ps aux | grep [n]ginx: > /dev/null; then s6-svc -d /var/run/s6/services/nginx; fi Renewing an existing certificate Performing the following challenges: http-01 challenge for sub2.duckdns.org http-01 challenge for sub1.duckdns.org Waiting for verification... Cleaning up challenges Attempting to renew cert (sub2.duckdns.org) from /etc/letsencrypt/renewal/sub2.duckdns.org.conf produced an unexpected error: Failed authorization procedure. sub1.duckdns.org (http-01): urn:ietf:params:acme:error:connection :: The server could not connect to the client to verify the domain :: Fetching http://sub1.duckdns.org/.well-known/acme-challenge/[HASH1]: Timeout during connect (likely firewall problem), sub2.duckdns.org (http-01): urn:ietf:params:acme:error:connection :: The server could not connect to the client to verify the domain :: Fetching http://sub2.duckdns.org/.well-known/acme-challenge/[HASH2]: Timeout during connect (likely firewall problem). Skipping. All renewal attempts failed. The following certs could not be renewed: /etc/letsencrypt/live/sub2.duckdns.org/fullchain.pem (failure) - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - All renewal attempts failed. The following certs could not be renewed: /etc/letsencrypt/live/sub2.duckdns.org/fullchain.pem (failure) - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Running post-hook command: if ps aux | grep 's6-supervise nginx' | grep -v grep > /dev/null; then s6-svc -u /var/run/s6/services/nginx; fi; cd /config/keys/letsencrypt && openssl pkcs12 -export -out privkey.pfx -inkey privkey.pem -in cert.pem -certfile chain.pem -passout pass: && sleep 1 && cat {privkey,fullchain}.pem > priv-fullchain-bundle.pem Hook command "if ps aux | grep 's6-supervise nginx' | grep -v grep > /dev/null; then s6-svc -u /var/run/s6/services/nginx; fi; cd /config/keys/letsencrypt && openssl pkcs12 -export -out privkey.pfx -inkey privkey.pem -in cert.pem -certfile chain.pem -passout pass: && sleep 1 && cat {privkey,fullchain}.pem > priv-fullchain-bundle.pem" returned error code 1 Error output from if: cat: {privkey,fullchain}.pem: No such file or directory 1 renew failure(s), 0 parse failure(s) IMPORTANT NOTES: - The following errors were reported by the server: Domain: sub1.duckdns.org Type: connection Detail: Fetching http://sub1.duckdns.org/.well-known/acme-challenge/[HASH1]: Timeout during connect (likely firewall problem) Domain: sub2.duckdns.org Type: connection Detail: Fetching http://sub2.duckdns.org/.well-known/acme-challenge/[HASH2]: Timeout during connect (likely firewall problem) To fix these errors, please make sure that your domain name was entered correctly and the DNS A/AAAA record(s) for that domain contain(s) the right IP address. Additionally, please check that your computer has a publicly routable IP address and that no firewalls are preventing the server from communicating with the client. If you're using the webroot plugin, you should also verify that you are serving files from the webroot path you provided. <------------------------------------------------->

Is this a stupid question maybe? I found instructions for commands to run for other containers but I am hesitant to try them here. I'm new to Docker and don't want to mess up my container or have to go through having to configure a new container instance.

I have been having some trouble with my cert not renewing. I followed the instructions in Spaceinvader One's video (https://youtu.be/I0lhZc25Sro) and it worked for a while until the cert expired. All the instructions I found said to restart the container, which I have done several times. Even restarted the entire server after an Unraid update. The logs show no errors. When look at LinuxServer.io's LetsEncrypt GitHub page one of the more recent updates says this: "08.12.18: Had to remove cert renewal during container start due to certbot's new undocumented "feature" of up to 8 minute random delay." If certs don't renew on startup is there a command that can be run to force its renewal?