blaine07
-
Posts
754 -
Joined
-
Last visited
Content Type
Profiles
Forums
Downloads
Store
Gallery
Bug Reports
Documentation
Landing
Posts posted by blaine07
-
-
Pardon my ignorance, but what do I need to do to be able to access this container on Unraid server directly once I assign container a static IP with BR0? If I leave it as default Unraid IP I can access it "locally" but once I give Krusader a static IP I can remotely access it but not "locally" on unraid server? Suggestions or tips would be very appreciated; pardon my ignorance. 😞(Should also note I am assigning Krusader a IP in same range as Unraid box)
-
But also not sure what you have going on because I think you should have 80/443 forwarded to letsencrypt container? I just have those two forwarded. Maybe your doing something I'm oblivious too though.
Sent from my SM-G975U using Tapatalk -
Try changing that nat proxy option to default or one of the others. May require pfsense to reboot. I'd bet still that's related to your problem as far as locally being able to access itThanks for the tip [mention=88940]blaine07[/mention].
I have no problems reaching nextcloud externally, which leads to me to think that my port forwarding rules are okay. It's only internally that the connection times out.
Heres a screen of my rules:
Sent from my SM-G975U using Tapatalk
-
In pfsense firewall tab then Nat tab. How are your port forwards setup?Thanks for your correction. I previously used mydomain.duckdns.org to reach nextcloud directly. I now made the change in the nextcloud and letsencrypt config to have nextcloud at nextcloud.mydomain.duckdns.org. I can reach nextcloud remotely, but still not locally (timeout)
. Here is my Host override in the DNS resolver:
Below is how my 443 is setup. Until I got the forwarding stuff I was having issues externally or internally until I got it right.
Sent from my SM-G975U using Tapatalk
-
You should remove the domain and email from your previous post.
The docker run command is in my signature and also in the docker FAQ that is pinned. Also not so hard to search for it [emoji6]
As for why it didn't renew your certificate, the letsencrypt logs are needed. Not sure where they are, but probably in your appdata somewhere. But it's working now, so no point checking out.
The renew is not done on container start anymore. It's a cron job running once a day checking the certs.
Yes sir, I had just redacted info. [emoji106]
Sorry on run command; not seeing signature on mobile will have to pull up PC.
Yeah no idea why it didnt renew either. I guess this would've been 90 days from when I set it all up and it felt the need to remind me of initial frustrations I had LOL. I was NOT aware it didnt update them on startup any longer; great info to have! [emoji106] When is cron set to run; a certain time daily or?
Also, any idea on this mate? On another note how can I edit conf files for sites so that http forwards to appropriate https place as well? It isn't a biggy bug currently have to navigate to https for each of them [emoji2373]
Sent from my SM-G975U using Tapatalk
Edit: how rude, forgot to say THANK you man!
-
So apparently adding a dummy site to letsencrypt and restarting letsencrypt and letting it error, then removing and restarting again finally got it to renew certs. No idea why or how that fixed it if when its restarted in general it is supposed to fix certs [emoji2373]You did not post you docker run command. The issue is with the config of letsencrypt and not nextcloud. Don't run any commands to renew certificates inside the container unless told to do so.To trigger a renewal of certificates, you can modify your config (add a subdomain), and see what the error is. And post it here along with the docker run command.
Sent from my SM-G975U using Tapatalk
Edit: on another note how can I edit conf files for sites so that http forwards to appropriate https place as well? It isn't a biggy bug currently have to navigate to https for each of them [emoji848]
-
You did not post you docker run command. The issue is with the config of letsencrypt and not nextcloud. Don't run any commands to renew certificates inside the container unless told to do so.
To trigger a renewal of certificates, you can modify your config (add a subdomain), and see what the error is. And post it here along with the docker run command.
-------------------------------------
_ ()
| | ___ _ __
| | / __| | | / \
| | \__ \ | | | () |
|_| |___/ |_| \__/
Brought to you by linuxserver.io
We gratefully accept donations at:
https://www.linuxserver.io/donate/
-------------------------------------
GID/UID
-------------------------------------
User uid: 99
User gid: 100
-------------------------------------
[cont-init.d] 10-adduser: exited 0.
[cont-init.d] 15-urllib: executing...
Collecting urllib3==1.24.3
Downloading https://files.pythonhosted.org/packages/01/11/525b02e4acc0c747de8b6ccdab376331597c569c42ea66ab0a1dbd36eca2/urllib3-1.24.3-py2.py3-none-any.whl (118kB)
Installing collected packages: urllib3
Found existing installation: urllib3 1.25.3
Uninstalling urllib3-1.25.3:
Successfully uninstalled urllib3-1.25.3
Successfully installed urllib3-1.24.3
[cont-init.d] 15-urllib: exited 0.
[cont-init.d] 20-config: executing...
[cont-init.d] 20-config: exited 0.
[cont-init.d] 30-keygen: executing...
using keys found in /config/keys
[cont-init.d] 30-keygen: exited 0.
[cont-init.d] 50-config: executing...
Variables set:
PUID=99
PGID=100
TZ=America/Chicago
URL=blainej.net
SUBDOMAINS=cloud,blwin10,emby,office,bw
EXTRA_DOMAINS=
ONLY_SUBDOMAINS=true
DHLEVEL=2048
VALIDATION=http
DNSPLUGIN=
STAGING=
2048 bit DH parameters present
SUBDOMAINS entered, processing
SUBDOMAINS entered, processing
Only subdomains, no URL in cert
Sub-domains processed are: -d cloud.blaine.net -d blwin10.blaine.net -d emby.blaine.net -d office.blaine.net -d bw.blaine.net
E-mail address entered: [email protected]
http validation is selected
Certificate exists; parameters unchanged; starting nginx
[cont-init.d] 50-config: exited 0.
[cont-init.d] 99-custom-files: executing...
[custom-init] no custom files found exiting...
[cont-init.d] 99-custom-files: exited 0.
[cont-init.d] done.
[services.d] starting services
[services.d] done.
nginx: [alert] detected a LuaJIT version which is not OpenResty's; many optimizations will be disabled and performance will be compromised (see https://github.com/openresty/luajit2 for OpenResty's LuaJIT or, even better, consider using the OpenResty releases from https://openresty.org/en/download.html)
nginx: [error] lua_load_resty_core failed to load the resty.core module from https://github.com/openresty/lua-resty-core; ensure you are using an OpenResty release from https://openresty.org/en/download.html (rc: 2, reason: module 'resty.core' not found:
no field package.preload['resty.core']
no file './resty/core.lua'
no file '/usr/share/luajit-2.1.0-beta3/resty/core.lua'
no file '/usr/local/share/lua/5.1/resty/core.lua'
no file '/usr/local/share/lua/5.1/resty/core/init.lua'
no file '/usr/share/lua/5.1/resty/core.lua'
no file '/usr/share/lua/5.1/resty/core/init.lua'
no file '/usr/share/lua/common/resty/core.lua'
no file '/usr/share/lua/common/resty/core/init.lua'
no file './resty/core.so'
no file '/usr/local/lib/lua/5.1/resty/core.so'
no file '/usr/lib/lua/5.1/resty/core.so'
no file '/usr/local/lib/lua/5.1/loadall.so'
no file './resty.so'
no file '/usr/local/lib/lua/5.1/resty.so'
no file '/usr/lib/lua/5.1/resty.so'
no file '/usr/local/lib/lua/5.1/loadall.so')
nginx: [warn] could not build optimal variables_hash, you should increase either variables_hash_max_size: 1024 or variables_hash_bucket_size: 64; ignoring variables_hash_bucket_size
Server ready
-
You did not post you docker run command. The issue is with the config of letsencrypt and not nextcloud. Don't run any commands to renew certificates inside the container unless told to do so.
To trigger a renewal of certificates, you can modify your config (add a subdomain), and see what the error is. And post it here along with the docker run command.
My apologies, I didn’t know anything about a docker run command where do I find it, how do I access it so I can post it? Add a subdomain on the setup page for letsencrypt in unraid?
I did post error it gives when trying to renew, will that be different error than when I add a subdomain?
At any rate, please provide more information to your request and I’d be happy too; obviously had I known how or that I was supposed to do the above I would’ve. I ain’t hear to inconvenience anyone but everyone starts somewhere. [emoji2373] -
Not sure where to start so hoping someone will be kind enough to lend me some advice...
Went to access my NextCloud server at the usual https and received following error: SEC_ERROR_EXPIRED_CERTIFICATE
I was always under understanding restarting letsencrypt container renewed certificates but evidently it is not. Further investigation led me to see that other pages setup with letsencrypt aren't being renewed either. I looked through letsencrypt log and didn't see anything that appears out of normal. I also tried running command "certbot renew" and received the following:
root@241b9e6c8ef7:/# certbot renew
Saving debug log to /var/log/letsencrypt/letsencrypt.log
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Processing /etc/letsencrypt/renewal/MYNextCLOUDDOMAIN.redacted.net.conf
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Traceback (most recent call last):
File "/usr/lib/python3.6/site-packages/certbot/renewal.py", line 64, in _reconstitute
renewal_candidate = storage.RenewableCert(full_path, config)
File "/usr/lib/python3.6/site-packages/certbot/storage.py", line 446, in __init__
"file reference".format(self.configfile))
certbot.errors.CertStorageError: renewal config file {} is missing a required file reference
Renewal configuration file /etc/letsencrypt/renewal/MYNextCLOUDDOMAIN.redacted.net.conf is broken. Skipping.
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
No renewals were attempted.
Additionally, the following renewal configurations were invalid:
/etc/letsencrypt/renewal/MYNextCLOUDDOMAIN.redacted.net.conf (parsefail)
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
0 renew failure(s), 1 parse failure(s)
That leads me to believe something is wrong with NextCloud CONF but I haven't changed or done anything to it at all. If I need to post it I can BUT did or is it possible a recent letsencrypt update broke something?
Any and all help would be greatly appreciated. Need my NextCloud DOH [emoji20]
Thanks!
Edit: should add; haven't changed anything with setup other than recently updating letsencrypt container and Unraid to 6.7.0. Don't know exactly when this stopped but nothing has changed about setup recently [emoji20]
Edit 2: Google let me to "cerbot update_symlinks" and that reported:
root@241b9e6c8ef7:/# certbot update_symlinks
Saving debug log to /var/log/letsencrypt/letsencrypt.log
renewal config file {} is missing a required file reference
Anyone? Anything? [emoji26] -
Not sure where to start so hoping someone will be kind enough to lend me some advice...
Went to access my NextCloud server at the usual https and received following error: SEC_ERROR_EXPIRED_CERTIFICATE
I was always under understanding restarting letsencrypt container renewed certificates but evidently it is not. Further investigation led me to see that other pages setup with letsencrypt aren't being renewed either. I looked through letsencrypt log and didn't see anything that appears out of normal. I also tried running command "certbot renew" and received the following:
root@241b9e6c8ef7:/# certbot renew
Saving debug log to /var/log/letsencrypt/letsencrypt.log- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Processing /etc/letsencrypt/renewal/MYNextCLOUDDOMAIN.redacted.net.conf
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -Traceback (most recent call last):
File "/usr/lib/python3.6/site-packages/certbot/renewal.py", line 64, in _reconstitute
renewal_candidate = storage.RenewableCert(full_path, config)
File "/usr/lib/python3.6/site-packages/certbot/storage.py", line 446, in __init__
"file reference".format(self.configfile))
certbot.errors.CertStorageError: renewal config file {} is missing a required file reference
Renewal configuration file /etc/letsencrypt/renewal/MYNextCLOUDDOMAIN.redacted.net.conf is broken. Skipping.- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
No renewals were attempted.
Additionally, the following renewal configurations were invalid:
/etc/letsencrypt/renewal/MYNextCLOUDDOMAIN.redacted.net.conf (parsefail)
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
0 renew failure(s), 1 parse failure(s)That leads me to believe something is wrong with NextCloud CONF but I haven't changed or done anything to it at all. If I need to post it I can BUT did or is it possible a recent letsencrypt update broke something?
Any and all help would be greatly appreciated. Need my NextCloud DOH 😞
Thanks!
Edit: should add; haven't changed anything with setup other than recently updating letsencrypt container and Unraid to 6.7.0. Don't know exactly when this stopped but nothing has changed about setup recently 😞
Edit 2: Google let me to "cerbot update_symlinks" and that reported:
root@241b9e6c8ef7:/# certbot update_symlinks
Saving debug log to /var/log/letsencrypt/letsencrypt.log
renewal config file {} is missing a required file reference -
On 3/16/2019 at 9:34 AM, FestivusOz said:
Hello all,
A quick update on this. Since this I figured out how to get passed the above. This may help others.
1. Skipped 5.7.x tree and went to 5.8.x
2. Rather than just changing the tag and pulling 5.8.30 I had:
a. created a backup via the Unifi controller in 5.6.40
b. created a new 5.8.x docker (with new appdata folder) in the Unraid UI
c. Walk through new docker settings in 5.8.30
d. Once in the Unifi UI reesore the backup created
3. To then move to 5.9.x just edit the docker in Unraid GUI, change the tage to "5.9" then pull updated instance
4. Log in
All just worked.
So would this work for my above question: Is their a easy way to update from LTS/5.6.40 to 5.9?
or is their a easier way to just install new container and point to current config or?
-
I’ve been debating a ConnectX2/3 card for my Unraid server, hence my subscription here, to get a 10gb link to MikroTik switch and reading all this is making me second guess that potential choice lol.
-
Thanks for the input. Will reach out to the seller and see what he has to say.
I have a feeling it's the Mellanox card.
Sorry I can’t be of more help.
I have noticed a oddity maybe related... ordered a SFP+ above I linked to and first go I ordered a 1 meter. Decided that was too long and ordered a 0.5 meter of same. I switched out the longer for short when it came as I am using them to link two of these switches at 10gb. I plugged second one in fiddling around and everything crashes. I can’t have both DACs plugged in on both switches or network goes down. No idea why. I unplug either end of either of two and normalcy resumes to network. If I have both DACs hooked up linking both switches it crashes. [emoji848] Id try ONLY one SFP+ port at a time and see if you get different results.
I think I still have an issue though because no matter what on one of the switches the ACT/LINK light refuses to illuminate.
-
I was afraid of this. swOS sees the transceiver just fine. Reports the correct brand, part number, serial, tx bias, power and rx power.
Unfortunately no idea. They do sell them in 7m lengths though I see -
10G SFP+ DAC Cable – for Mikrotik... https://www.amazon.com/dp/B01M073OJU?ref=ppx_pop_mob_ap_share
FWIW I am using one of these exact brands to link two Mikrotik switches together. -
Does it have a raid card already installed I assume? What make/model?
-
Is their a easy way to update from LTS/5.6.40 to 5.9?
-
Replaced my r8000 router with a 1u re-purposed server running pfSense. I have a lot of stuff to still do / configure but right now I have lost access to my unRaid GUI and I can't figure out how to fix it. The tower can be pinged by hostname (tower), all my shares are accessible, my wireless controller is still accessible (Unfi docker on unraid), but I cannot access the GUI. I get "this site can't be reached" with an error DNS_PROBE_FINISHED_NXDOMAIN.
I'm sure im doing something stupid. Can anybody point me in the right direction?
I think he covers that in one of his videos; maybe this one:-
2
-
-
@1812 weird, I did some switch research as I’m re-doing home network and have a few of these on the way, even before I seen your post. Well see if I run into same issues you did getting switches a few months later 🤔😬
-
2
-
-
here is mine that is working
upstream backend {server 192.168.1.105:19999;keepalive 64;}server { listen 443 ssl http2; server_name grocy.mydomain.com; ssl_certificate /config/keys/letsencrypt/fullchain.pem;ssl_certificate_key /config/keys/letsencrypt/privkey.pem;ssl_dhparam /config/nginx/dhparams.pem;ssl_ciphers 'MY CIPHER HERE';ssl_prefer_server_ciphers on; client_max_body_size 0; location / { proxy_pass http://192.168.1.105:9283; proxy_set_header Host $host; proxy_set_header X-Real-IP $remote_addr; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; proxy_set_header X-Forwarded-Proto $scheme; }}
Thanks!
Does it matter what the CONF is named exactly? Obviously needs to be CONF and changed to IP/PORT of my Unraid box, and domain changed to mine. -
Hello,
I wanted to follow up on this for anyone having similar issues. I reinstalled following this guide and never was able to get around it until I found a Nvidia GT720 from ebay for $20. I popped it in and it worked right away with no problems. I get the booting everything and it works great. I strongly recommend this route.
One issue I am having is that audio works great when pass through on the Nvidia card over the HDMI cable. But when I try to use a USB speaker the audio is really choppy. Has anyone else ran into this? Does anyone else know of a fix? I'm using the onboard USB ports. I also lose the keyboard and mouse from time to time and have to detach/reattach them from unRAID. I'm thinking it might be a Clover setting I'm missing.
All these things work fine in other VMs.
Thanks!
-Jason
Do you have a monitor hooked to it? Which port? -
Nothing special, I just passed http://unraidip:9283 to grocy.mycustomdomain.com.
No rewrite rules or anything.
Please do, explain more? I keep trying to figure out how to make the CONF files myself, and wondered if possible do to something as easy as you describe.
Need to install and pass this through Letsencrypt myself. What did you name Conf file? -
Maybe some sort of IOMMU passthrough is necessary? :-(
-
System devices shows 730 as :
IOMMU group 17:[10de:0f02] 06:00.0 VGA compatible controller: NVIDIA Corporation GF108 [GeForce GT 730] (rev a1)
[10de:0bea] 06:00.1 Audio device: NVIDIA Corporation GF108 High Definition Audio Controller (rev a1)
[Support] Linuxserver.io - SWAG - Secure Web Application Gateway (Nginx/PHP/Certbot/Fail2ban)
in Docker Containers
Posted
Sent from my SM-G975U using Tapatalk