sfnetwork

Hi guys, I'm sorry if this seems repetitive but I'm a little confused trying to link what I'm reading here with my issue. Pretty sure my issue is related to the PIA server changes but can't figure out anything further... Only when I try using the PIA VPN, I get those logs: 2020-09-16 08:57:29,119 DEBG 'start-script' stdout output: [info] PIA endpoint 'ca-toronto.privateinternetaccess.com' is in the list of endpoints that support port forwarding 2020-09-16 08:57:29,119 DEBG 'start-script' stdout output: [info] List of PIA endpoints that support port forwarding:- [info] ca-toronto.privateinternetaccess.com [info] ca-montreal.privateinternetaccess.com [info] ca-vancouver.privateinternetaccess.com [info] de-berlin.privateinternetaccess.com [info] de-frankfurt.privateinternetaccess.com [info] france.privateinternetaccess.com [info] czech.privateinternetaccess.com [info] spain.privateinternetaccess.com [info] ro.privateinternetaccess.com [info] israel.privateinternetaccess.com [info] Attempting to get dynamically assigned port... 2020-09-16 08:57:29,123 DEBG 'start-script' stdout output: [info] Attempting to curl http://209.222.18.222:2000/?client_id=82c6286e81c68d1290dd70c7a466b537ce08a98822f4970c4651a95bca52e3b0... 2020-09-16 08:57:29,150 DEBG 'start-script' stdout output: [warn] Response code 000 from curl != 2xx [warn] Exit code 56 from curl != 0 [info] 12 retries left [info] Retrying in 10 secs... 2020-09-16 08:57:39,234 DEBG 'start-script' stdout output: [warn] Response code 000 from curl != 2xx [warn] Exit code 56 from curl != 0 [info] 11 retries left [info] Retrying in 10 secs... I've read to try changing servers but no clue how to do that (there is the "name server" field but it only seems to take IPs. I already have several in there but not sure what to change it for... When I disable VPN, qbittorrent run fine... My PIA account works fine still... I'm a little lost...

ah ok, I understand, thanks for explaining.

oh... So which one is RAM? /tmp or /TMP?

Update: never mind, I simply had to delete the "transcode" folder in /TMP so it recreated it (with correct permissions I presume) It works fine now

Hi, after all that, the only thing not working anymore is the transcode folder... I had "/transcode" mapped to /TMP (RAM) but now, it always gives me an error when transcoding is needed: I tested changing it to an actual share and it works... Permission issue? I looked at the console and saw those errors: LevelError Thread0x1494699ec700 MessageError configuring transcoder: TPU: Failed to write sub-stream to temporary file TimeApr 17, 2019 08:37:35.243 LevelError Thread0x1494699ec700 MessageError creating directory "/transcode/Transcode/Sessions/plex-transcode-23AA3EAB-F829-4746-8E92-AFA7D48DB98C-c1d708e7-b92e-4595-967a-49ea7e860af4": boost::filesystem::create_directory: Permission denied: "/transcode/Transcode/Sessions/plex-transcode-23AA3EAB-F829-4746-8E92-AFA7D48DB98C-c1d708e7-b92e-4595-967a-49ea7e860af4"

thank you very much it worked! I stopped to container, install this one from CA and set it up the exact same way for the paths , appdata assignment and name. It ran a permission process and it started without error and up to date.

here it is:

Yeah, I tried that already, same error... PS. in case it matters, a while back I changed from official plex to this one by just changing the repository, it was working fine though and updating... Could there be a setting from the other container causing me this issue?

same issue here... Is there a work around to update or should I temporary switch to another source in meantime?

ok I got it, I had to comment the auth_basic lines, it works perfectly now! server { listen 443 ssl http2; listen [::]:443 ssl http2; root /config/www; index index.html index.htm index.php; server_name nvr.*; include /config/nginx/ssl.conf; client_max_body_size 0; location / { # auth_basic "Restricted"; # auth_basic_user_file /config/nginx/.htpasswd; include /config/nginx/proxy.conf; proxy_pass http://192.168.1.149:88; } }

ok, it works when I set the password but if I comment it or delete its content, the https URL still prompts me for credentails... any way to bypass it?

No, not at all... Is that to protect the site or if the site has a password itself? Not optional? Looked optional "If you'd like to password protect your sites, you can use htpasswd."

Hi again, I have something different I want to do but not sure how... I'm trying to use Nginx to login to my Hikvision NVR using HTTPS, not a docker so a little different... I created the sub domain name, successfully added it in Letsencrypt and for nginx, what I did (and I'm really not sure this is the correct way) is to create a file named "nvr" and added this in it: server { listen 443 ssl http2; listen [::]:443 ssl http2; root /config/www; index index.html index.htm index.php; server_name nvr.*; include /config/nginx/ssl.conf; client_max_body_size 0; location / { auth_basic "Restricted"; auth_basic_user_file /config/nginx/.htpasswd; include /config/nginx/proxy.conf; proxy_pass http://192.168.1.149:88; } } When I restart everything and test I get : 403 Forbidden nginx/1.14.2 and in logs, I get: 2019/03/16 21:18:10 [error] 358#358: *1 open() "/config/nginx/.htpasswd" failed (2: No such file or directory), client: 192.168.1.254, server: nvr.*, request: "GET / HTTP/2.0", host: "nvr.mydomain.com" 2019/03/16 21:18:10 [error] 358#358: *1 open() "/config/nginx/.htpasswd" failed (2: No such file or directory), client: 192.168.1.254, server: nvr.*, request: "GET /favicon.ico HTTP/2.0", host: "nvr.sfnetwork.ca", referrer: "https://nvr.mydomain.com/" Anything obvious to resolve this? Maybe I'm not doing this the correct way too... Thanks in advanced...

Good. Still wonder why it wasn’t working the way you had it. Did you test from outside your network? Typing the http URL?

Really looks like port 80 is blocked. You could confirm it by forwarding 80 to anything in your LAN (or use a tool that listen on the port you want) and really see. That’s how I confirmed my port 80 was blocked after my ISP also told me it wasn’t. I called them back and they finally confirmed it was. They told me usually, even commercial accounts, if you don’t have a static IP, 80 is blocked. Well for my ISP. But based on the fact your 443 works and seems to be setup the same as 80, would bet it’s blocked.

First confirm your ISP isn't blocking port 80. If so, you can't control this port from WAN. If not, you redirect port 80 in your router NAT settings to the HTTP one in Letsencrypt

ok well I seem to have resolved this one on my own, there were two places to correct the docker name: It works fine now for both Sonarr using https

ok, a little issue specifically with Sonarr when using the NGINX... I run 2 dockers of Sonarr (one in English only and the other in French only). I setup nginx for Sonarr using the sample and this one works perfectly... For the other, I created another one and simply tried matching the docker name: # make sure that your dns has a cname set for sonarr and that your sonarr container is not using a base url server { listen 443 ssl; listen [::]:443 ssl; server_name sonarr-fr.*; include /config/nginx/ssl.conf; client_max_body_size 0; # enable for ldap auth, fill in ldap details in ldap.conf #include /config/nginx/ldap.conf; location / { # enable the next two lines for http auth #auth_basic "Restricted"; #auth_basic_user_file /config/nginx/.htpasswd; # enable the next two lines for ldap auth #auth_request /auth; #error_page 401 =200 /login; include /config/nginx/proxy.conf; resolver 127.0.0.11 valid=30s; set $upstream_sonarr sonarr; proxy_pass http://$upstream_sonarr:8989; } location ~ (/sonarr)?/api { include /config/nginx/proxy.conf; resolver 127.0.0.11 valid=30s; set $upstream_sonarr sonarr-fr; proxy_pass http://$upstream_sonarr:8989; } } Problem (again, specifically with the second one) is when I get in Sonarr using the HTTPS URL, I get this error... Since nginx is causing that, I'm asking here but might be a sonarr matter, not sure at all... Still works fine when using LAN default URL this is my docker withe the issue:

Of course, I would be interested routing through their CDN. Could you describe your setup (using VLAN with Dockers and maybe how to get it working with CNAME going through their CDN)? Thank you BTW, I really appreciate it! a little new to this...

Thanks, I already have OpenVPN setup and it works great. I just wanted to test out. But really good advice, I might leave nextcloud only like that and use the rest through VPN. for mariaDB, no issue, I presume Nextcloud communicates with it behind the scene, directly to the bridge IP and port. No it doesn't work when I enable Cloudflare thing on the CNAME

The 80/ 180 port matter doesn't matter, since I validated my certificates through Cloudflare DNS (I just need to delete the NAT). Anyway, my 80 is blocked from ISP. as for the CNAME records, that's really how it got working... ping was giving their IP, not mine (I get that's the point but didn't work with nGINX)

OMG I finally found the issue!!! It's about CloudFlare CNAME records... I had to disable the traffic going through cloudflare: Now EVERYTHING works perfectly.... Hope this can help someone else and avoid losing so much time lol

OK, I REALLY need help!!! I'm exhausted trying to make this work (Letsencrypt and NGINX) After A LOT of time trying to get my certificates to validate, I finally contacted my ISP who confirmed they are blocking port 80... So I got my domain name to CloudFlare and change the validation to that so FINALLY, I was able to get Letsencrypt get the certificates. So now, my problem is nginx, I just can't get the HTTPS url to work. (trying first with nextcloud and SABNZBD) I read a lot of tutorials, etc... and pretty sure I got everything right... Here is my letsencrypt docker settings: -CNAME created -I can ping the subdomains -Did the custom network for the dockers and assigned letsencrypt, nextcloud and SABNZBD to it -Did my NAT config in my PFSENSE to open 443 (to 443 since that's what i'm using in the docker (UNRAID is using another port than 80 also) I confirmed port 443 is opened when Letsencrypt is running so the port is opened: Renamed the file in /appdata/letsencrypt/nginx/proxy-confs (the one for nextcloud subdomain and sabnzbd for subdomain) Edited the config.php in /appdata/nextcloud/www/nextcloud (change my actual domain name for "mydomain.ca") <?php $CONFIG = array ( 'memcache.local' => '\\OC\\Memcache\\APCu', 'datadirectory' => '/data', 'instanceid' => 'oceazvkmg45k', 'passwordsalt' => 'EaiIqWmh7ARTfOGMcQPjIlPy/ZXcmL', 'secret' => 'UfTMrKdIb3ZmO/CNaFUgZSz2ygB91jt8M4JcyJ5aizsHxGWe', 'trusted_domains' => array ( 0 => '192.168.1.5:444', 1 => 'nextcloud.mydomain.ca', ), 'trusted_proxies' => ['letsencrypt'], 'overwrite.cli.url' => 'https://nextcloud.mydomain.ca/', 'overwritehost' => 'nextcloud.mydomain.ca', 'overwriteprotocol' => 'https', 'dbtype' => 'mysql', 'version' => '15.0.2.0', 'dbname' => 'nextcloud', 'dbhost' => '192.168.1.5:3306', 'dbport' => '', 'dbtableprefix' => 'oc_', 'mysql.utf8mb4' => true, 'dbuser' => 'nextcloud', 'dbpassword' => 'sf-Pass', 'installed' => true, ); Restarted all dockers multiple times but still cannot access using https://nextcloud.mydomain.ca Please help, I'm out of idea (and patience lol) ***I'm on RC version 6.7.0 RC5, god I hope that is not why it's not working...

ok, thanks, I'll try

Could it be because I was still using my array (plex, sabnzbd, radarr, sonarr, qbittorrent, etc...)? I saw the preclear sometimes switching on "pause" and resuming while it ran...