[Request/Done] Let's Encrypt Container


rix

Recommended Posts

edit the nginx site-conf in the Nextcloud docker.  It should be in your appdata folder.  Change this

  # Path to the root of your installation
  root /config/www/nextcloud;

 

to this

  # Path to the root of your installation
  root /config/www/;

 

Then in the nginx conf file for lets encrypt, change this

        location /nextcloud/ {
                proxy_pass https://192.168.0.190:446/nextcloud;
                rewrite ^/nextcloud$ /nextcloud/ permanent;
                rewrite ^/nextcloud/(.*) /$1 break;
                }

 

to this

 

        location /nextcloud {
                proxy_pass https://192.168.0.190:446/nextcloud;
                }

 

This should get you back to the login screen with the css at either www.xxxx.com/nextcloud or 192.168.0.190:446/nextcloud.

Link to comment

Hi @kamhighway  thanks for your work.  I don't know what I've got going wrong, but I'm getting nothing with your edits.  I've edited the letsencrypt docker to just that simple pass to /nextcloud.  I've changed the root installation location to /config/www/ and my config.php is posted below.

 

<?php
$CONFIG = array (
  'memcache.local' => '\\OC\\Memcache\\APCu',
  'datadirectory' => '/data',
  'instanceid' => 'oczmltajpdti',
  'passwordsalt' => 'zzatfiwjAV0CPgMqay8ewbvahBwBj3',
  'secret' => 'Yio64EkchFlzBg4GkKfsyjsktEaLmaSVu+q3LSmtBW/ZEgUu',
  'trusted_domains' => 
  array (
    0 => '172.16.100.5',
1 => 'https://domain.com'
  ),
  'overwrite.cli.url' => 'https://172.16.100.5:8443',
  'dbtype' => 'mysql',
  'version' => '9.0.53.0',
  'dbname' => 'NextCloud',
  'dbhost' => '172.16.100.5:3306',
  'dbtableprefix' => 'oc_',
  'dbuser' => 'xxxx',
  'dbpassword' => 'xxxxx',
  'logtimezone' => 'UTC',
  'installed' => true,
  'trusted_proxies' => ['172.16.100.5']
  'overwritewebroot' => '/nextcloud',
  'overwritehost' => 'https://domain.com',
);

 

So at this point, my local 172.16.100.5:8443 returns a 404 Not Found.  172.16.100.5:8443/nextcloud returns 404 Not Found and finally domain.com/nextcloud gives the same.  I'm certainly at a loss.

Link to comment

@noja,

 

Try Peter_SM's suggestion.  But I see a couple of things that might also be causing you some trouble.

 

<?php
$CONFIG = array (
  'memcache.local' => '\\OC\\Memcache\\APCu',
  'datadirectory' => '/data',
  'instanceid' => 'oczmltajpdti',
  'passwordsalt' => 'zzatfiwjAV0CPgMqay8ewbvahBwBj3',
  'secret' => 'Yio64EkchFlzBg4GkKfsyjsktEaLmaSVu+q3LSmtBW/ZEgUu',
  'trusted_domains' => 
  array (
    0 => '172.16.100.5',
1 => 'https://domain.com'    #<-------------remove https:// and just leave domain.com 
  ),
  'overwrite.cli.url' => 'https://172.16.100.5:8443',
  'dbtype' => 'mysql',
  'version' => '9.0.53.0',
  'dbname' => 'NextCloud',
  'dbhost' => '172.16.100.5:3306',
  'dbtableprefix' => 'oc_',
  'dbuser' => 'xxxx',
  'dbpassword' => 'xxxxx',
  'logtimezone' => 'UTC',
  'installed' => true,
  'trusted_proxies' => ['172.16.100.5']
  'overwritewebroot' => '/nextcloud',
  'overwritehost' => 'https://domain.com',   #<-------------remove https:// and just leave domain.com 
);

Link to comment

Still the same 404 issue after adding the /nextcloud/ and removing the https://.  I'm thinking of nuking the nextcloud instance in a bit and trying again from scratch.

 

Interesting, the log on restart is giving these errors

[cont-init.d] 10-adduser: exited 0.
[cont-init.d] 20-config: executing...
[cont-init.d] 20-config: exited 0.
[cont-init.d] 30-keygen: executing...
using keys found in /config/keys
[cont-init.d] 30-keygen: exited 0.
[cont-init.d] 40-config: executing...
[cont-init.d] 40-config: exited 0.
[cont-init.d] 50-install: executing...
[cont-init.d] 50-install: exited 0.
[cont-init.d] 60-memcache: executing...
[cont-init.d] 60-memcache: exited 0.
[cont-init.d] done.
[services.d] starting services
[services.d] done.
PHP Parse error: syntax error, unexpected ''overwritewebroot'' (T_CONSTANT_ENCAPSED_STRING), expecting ')' in /config/www/nextcloud/config/config.php on line 24

PHP Parse error: syntax error, unexpected ''overwritewebroot'' (T_CONSTANT_ENCAPSED_STRING), expecting ')' in /config/www/nextcloud/config/config.php on line 24

PHP Parse error: syntax error, unexpected ''overwritewebroot'' (T_CONSTANT_ENCAPSED_STRING), expecting ')' in /config/www/nextcloud/config/config.php on line 24

PHP Parse error: syntax error, unexpected ''overwritewebroot'' (T_CONSTANT_ENCAPSED_STRING), expecting ')' in /config/www/nextcloud/config/config.php on line 24

PHP Parse error: syntax error, unexpected ''overwritewebroot'' (T_CONSTANT_ENCAPSED_STRING), expecting ')' in /config/www/nextcloud/config/config.php on line 24

[s6-init] making user provided files available at /var/run/s6/etc...exited 0.
[s6-init] ensuring user provided files have correct perms...exited 0.
[fix-attrs.d] applying ownership & permissions fixes...
[fix-attrs.d] done.
[cont-init.d] executing container initialization scripts...
[cont-init.d] 10-adduser: executing...

 

 

Link to comment

Ok!

 

nginxletsencrypt default.conf

server {
listen 80;

listen 443 ssl default_server;

server_name _;

ssl_certificate /config/keys/fullchain.pem;
ssl_certificate_key /config/keys/privkey.pem;
ssl_dhparam /config/nginx/dhparams.pem;
ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
ssl_ciphers 'ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES256-GCM-SHA384:DHE-RSA-AES128-GCM-SHA256:DHE-DSS-AES128-GCM-SHA256:kEDH+AESGCM:ECDHE-RSA-AES128-SHA256:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA:ECDHE-ECDSA-AES128-SHA:ECDHE-RSA-AES256-SHA384:ECDHE-ECDSA-AES256-SHA384:ECDHE-RSA-AES256-SHA:ECDHE-ECDSA-AES256-SHA:DHE-RSA-AES128-SHA256:DHE-RSA-AES128-SHA:DHE-DSS-AES128-SHA256:DHE-RSA-AES256-SHA256:DHE-DSS-AES256-SHA:DHE-RSA-AES256-SHA:AES128-GCM-SHA256:AES256-GCM-SHA384:AES128-SHA256:AES256-SHA256:AES128-SHA:AES256-SHA:AES:CAMELLIA:DES-CBC3-SHA:!aNULL:!eNULL:!EXPORT:!DES:!RC4:!MD5:!PSK:!aECDH:!EDH-DSS-DES-CBC3-SHA:!EDH-RSA-DES-CBC3-SHA:!KRB5-DES-CBC3-SHA';
ssl_prefer_server_ciphers on;

client_max_body_size 0;

location / {
	root /config/www;
	index index.html index.htm index.php;
        auth_basic "Restricted";
	auth_basic_user_file /config/nginx/.htpasswd;
}

location ~ \.php$ {
	fastcgi_split_path_info ^(.+\.php)(/.+)$;
	fastcgi_pass unix:/var/run/php5-fpm.sock;
                fastcgi_index index.php;
                fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
                include fastcgi_params;
}
location /plexpy {
	auth_basic "Restricted";
	auth_basic_user_file /config/nginx/.htpasswd;
        include /config/nginx/proxy.conf;
	proxy_pass http://172.16.100.5:8181/plexpy;	
	}
location /plexrequests {
	auth_basic "Restricted";
	auth_basic_user_file /config/nginx/.htpasswd;
        include /config/nginx/proxy.conf;
	proxy_pass http://172.16.100.5:3000/plexrequests;	
	}
location /library {
	include /config/nginx/proxy.conf;
	proxy_pass http://172.16.100.5:2202/library;	
	}
location /nextcloud {
	include /config/nginx/proxy.conf;
	proxy_pass http://172.16.100.5:8443/nextcloud;
	}
location /news {
	auth_basic "Restricted";
	auth_basic_user_file /config/nginx/.htpasswd;
        include /config/nginx/proxy.conf;
	proxy_pass https://172.16.100.5:8787/news;	
	}
}

 

Now the nextcloud nginx default.conf

upstream php-handler {
  server 127.0.0.1:9000;
# server unix:/var/run/php/php7.0-fpm.sock;
}

server {
  listen 80;
  server_name _;
  return 301 https://$server_name$request_uri;
}

server {
  listen 443 ssl;
  server_name _;

  ssl_certificate /config/keys/cert.crt;
  ssl_certificate_key /config/keys/cert.key;

  # Add headers to serve security related headers
  add_header Strict-Transport-Security "max-age=15768000; includeSubDomains; preload;";
  add_header X-Content-Type-Options nosniff;
  add_header X-Frame-Options "SAMEORIGIN";
  add_header X-XSS-Protection "1; mode=block";
  add_header X-Robots-Tag none;
  add_header X-Download-Options noopen;
  add_header X-Permitted-Cross-Domain-Policies none;

  # Path to the root of your installation
  root /config/www/;
  # set max upload size
  client_max_body_size 10G;
  fastcgi_buffers 64 4K;

  # Disable gzip to avoid the removal of the ETag header
  gzip off;

  # Uncomment if your server is build with the ngx_pagespeed module
  # This module is currently not supported.
  #pagespeed off;

  index index.php;
  error_page 403 /core/templates/403.php;
  error_page 404 /core/templates/404.php;

  rewrite ^/.well-known/carddav /remote.php/dav/ permanent;
  rewrite ^/.well-known/caldav /remote.php/dav/ permanent;

  # The following 2 rules are only needed for the user_webfinger app.
  # Uncomment it if you're planning to use this app.
  #rewrite ^/.well-known/host-meta /public.php?service=host-meta last;
  #rewrite ^/.well-known/host-meta.json /public.php?service=host-meta-json last;

  location = /robots.txt {
    allow all;
    log_not_found off;
    access_log off;
  }

  location ~ ^/(build|tests|config|lib|3rdparty|templates|data)/ {
    deny all;
  }

  location ~ ^/(?:\.|autotest|occ|issue|indie|db_|console) {
    deny all;
  }

  location / {

    rewrite ^/remote/(.*) /remote.php last;

    rewrite ^(/core/doc/[^\/]+/)$ $1/index.html;

    try_files $uri $uri/ =404;
  }

  location ~ \.php(?|/) {
    fastcgi_split_path_info ^(.+\.php)(/.+)$;
    include /etc/nginx/fastcgi_params;
    fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
    fastcgi_param PATH_INFO $fastcgi_path_info;
    fastcgi_param HTTPS on;
    fastcgi_param modHeadersAvailable true; #Avoid sending the security headers twice
    fastcgi_pass php-handler;
    fastcgi_intercept_errors on;
  }

  # Adding the cache control header for js and css files
  # Make sure it is BELOW the location ~ \.php(?|/) { block
  location ~* \.(?:css|js)$ {
    add_header Cache-Control "public, max-age=7200";
    # Add headers to serve security related headers
    add_header Strict-Transport-Security "max-age=15768000; includeSubDomains; preload;";
    add_header X-Content-Type-Options nosniff;
    add_header X-Frame-Options "SAMEORIGIN";
    add_header X-XSS-Protection "1; mode=block";
    add_header X-Robots-Tag none;
    add_header X-Download-Options noopen;
    add_header X-Permitted-Cross-Domain-Policies none;
    # Optional: Don't log access to assets
    access_log off;
  }

  # Optional: Don't log access to other assets
  location ~* \.(?:jpg|jpeg|gif|bmp|ico|png|swf)$ {
    access_log off;
  }
}

 

and the nextcloud config.php

<?php
$CONFIG = array (
  'memcache.local' => '\\OC\\Memcache\\APCu',
  'datadirectory' => '/data',
  'instanceid' => 'oczmltajpdti',
  'passwordsalt' => 'zzatfiwjAV0CPgMqay8ewbvahBwBj3',
  'secret' => 'Yio64EkchFlzBg4GkKfsyjsktEaLmaSVu+q3LSmtBW/ZEgUu',
  'trusted_domains' => 
  array (
    0 => '172.16.100.5',
1 => 'domain.com'
  ),
  'overwrite.cli.url' => 'https://172.16.100.5:8443/nextcloud/',
  'dbtype' => 'mysql',
  'version' => '9.0.53.0',
  'dbname' => 'NextCloud',
  'dbhost' => '172.16.100.5:3306',
  'dbtableprefix' => 'oc_',
  'dbuser' => 'xxxxx',
  'dbpassword' => 'xxxxx',
  'logtimezone' => 'UTC',
  'installed' => true,
  'trusted_proxies' => ['172.16.100.5']
  'overwritewebroot' => '/nextcloud/',
  'overwritehost' => 'comain.com',
);

Link to comment

In the nextcloud config.php your trusted proxies are entered differently than mine.

 

Here's what you have:

  'trusted_proxies' => ['172.16.100.5']

 

Here's what I have:

 

  'trusted_proxies' => 
  array (
    0 => '192.168.183',
  ),

 

You are missing a trailing comma, and I'm not sure what the square brackets do. If the square brackets are another way to specify an array, then they are fine.

 

Also, you have

 'overwritewebroot' => '/nextcloud/',

I have

 'overwritewebroot' => '/nextcloud',

 

Your nextcloud nginx conf file looks identical to mine.

 

Your letsencrypt nginx conf file looks like it should work.

Link to comment

@kamhighway Success!! I just needed to nuke it and start over.  As a note, I did make those changes you suggested before nuking with no luck.  This time - I did the exact same thing with the changes you wrote out and nextcloud didn't return any errors in the startup logs.  However - I was still getting error 400.  Thats when I realized that my letsencrypt settings didn't have that damn 's'.  So I changed my line from http:// to https://

 

Wow, a bit of a learning curve on this one for me.  Thanks a lot for your herculean efforts.  Time to fiddle with Nextcloud now!

Link to comment

After the update of this container I can't get it to work with a duckdns.org subdomain. I get the following error. What is wrong with my configuration?

 

Failed authorization procedure. xxxxxx.duckdns.org (tls-sni-01): urn:acme:error:unauthorized :: The client lacks sufficient authorization :: Incorrect validation certificate for TLS-SNI-01 challenge. Requested 230a025c5004f7396f708827c4fadcf3.1806e186eac08a8f7xxxxxxxe4e41d.acme.invalid from xx.xx.xx.xx:443. Received certificate containing ''

 

Thank you for your help!

Link to comment

After the update of this container I can't get it to work with a duckdns.org subdomain. I get the following error. What is wrong with my configuration?

 

Failed authorization procedure. xxxxxx.duckdns.org (tls-sni-01): urn:acme:error:unauthorized :: The client lacks sufficient authorization :: Incorrect validation certificate for TLS-SNI-01 challenge. Requested 230a025c5004f7396f708827c4fadcf3.1806e186eac08a8f7xxxxxxxe4e41d.acme.invalid from xx.xx.xx.xx:443. Received certificate containing ''

 

Thank you for your help!

What settings did you use?

Link to comment

After the update of this container I can't get it to work with a duckdns.org subdomain. I get the following error. What is wrong with my configuration?

 

Failed authorization procedure. xxxxxx.duckdns.org (tls-sni-01): urn:acme:error:unauthorized :: The client lacks sufficient authorization :: Incorrect validation certificate for TLS-SNI-01 challenge. Requested 230a025c5004f7396f708827c4fadcf3.1806e186eac08a8f7xxxxxxxe4e41d.acme.invalid from xx.xx.xx.xx:443. Received certificate containing ''

 

Thank you for your help!

What settings did you use?

 

This are the settings I did use:

hr8rEQh.png

Link to comment

 

 

After the update of this container I can't get it to work with a duckdns.org subdomain. I get the following error. What is wrong with my configuration?

 

Failed authorization procedure. xxxxxx.duckdns.org (tls-sni-01): urn:acme:error:unauthorized :: The client lacks sufficient authorization :: Incorrect validation certificate for TLS-SNI-01 challenge. Requested 230a025c5004f7396f708827c4fadcf3.1806e186eac08a8f7xxxxxxxe4e41d.acme.invalid from xx.xx.xx.xx:443. Received certificate containing ''

 

Thank you for your help!

What settings did you use?

 

This are the settings I did use:

hr8rEQh.png

 

Is this a new install? If it's an update, did you change the settings? Is your port 443 forwarded properly? Is your domain spelled correctly? Does your domain forward to unraid correctly?

 

It could be a lot of things

Link to comment

Hi,

Im having a problem with subdomains using this container. SSL working just fine, but when I try to work with subdomains what happens is all subdomains behaves like the domain itself... it ignores config files and no maptter what subdomain i enter, it all goes to default server config and its locations...

Config files for my subdomains which I use are the same I used for my previous NGINX container where it was working correctly.

Can you please advise what should I do to make it work?

 

Default:

server {
listen 80 default_server;
#listen [::]:80 default_server ipv6only=on;

listen 443 ssl;


index index.html index.htm index.php;

server_name _;

    ssl_certificate /config/keys/fullchain.pem;
ssl_certificate_key /config/keys/privkey.pem;
ssl_dhparam /config/nginx/dhparams.pem;
ssl_ciphers 'ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES256-GCM-SHA384:DHE-RSA-AES128-GCM-SHA256:DHE-DSS-AES128-GCM-SHA256:kEDH+AESGCM:ECDHE-RSA-AES128-SHA256:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA:ECDHE-ECDSA-AES128-SHA:ECDHE-RSA-AES256-SHA384:ECDHE-ECDSA-AES256-SHA384:ECDHE-RSA-AES256-SHA:ECDHE-ECDSA-AES256-SHA:DHE-RSA-AES128-SHA256:DHE-RSA-AES128-SHA:DHE-DSS-AES128-SHA256:DHE-RSA-AES256-SHA256:DHE-DSS-AES256-SHA:DHE-RSA-AES256-SHA:AES128-GCM-SHA256:AES256-GCM-SHA384:AES128-SHA256:AES256-SHA256:AES128-SHA:AES256-SHA:AES:CAMELLIA:DES-CBC3-SHA:!aNULL:!eNULL:!EXPORT:!DES:!RC4:!MD5:!PSK:!aECDH:!EDH-DSS-DES-CBC3-SHA:!EDH-RSA-DES-CBC3-SHA:!KRB5-DES-CBC3-SHA';
ssl_prefer_server_ciphers on;
client_max_body_size 0;

location / {
	root /config/www;
	try_files $uri $uri/ /index.html /index.php?$args =404;
}
}

 

MyDomain:

server {
listen 80;
server_name inside.xxxxx.com;

location /jenkins {
	include /config/nginx/proxy.conf;
	proxy_pass http://192.168.100.210:8080/jenkins/;
}
}

1.PNG.3f22b2cfc5081cbb4b251b719d4a5a9f.PNG

Link to comment

Hi,

Im having a problem with subdomains using this container. SSL working just fine, but when I try to work with subdomains what happens is all subdomains behaves like the domain itself... it ignores config files and no maptter what subdomain i enter, it all goes to default server config and its locations...

Config files for my subdomains which I use are the same I used for my previous NGINX container where it was working correctly.

Can you please advise what should I do to make it work?

 

Default:

server {
listen 80 default_server;
#listen [::]:80 default_server ipv6only=on;

listen 443 ssl;


index index.html index.htm index.php;

server_name _;

    ssl_certificate /config/keys/fullchain.pem;
ssl_certificate_key /config/keys/privkey.pem;
ssl_dhparam /config/nginx/dhparams.pem;
ssl_ciphers 'ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES256-GCM-SHA384:DHE-RSA-AES128-GCM-SHA256:DHE-DSS-AES128-GCM-SHA256:kEDH+AESGCM:ECDHE-RSA-AES128-SHA256:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA:ECDHE-ECDSA-AES128-SHA:ECDHE-RSA-AES256-SHA384:ECDHE-ECDSA-AES256-SHA384:ECDHE-RSA-AES256-SHA:ECDHE-ECDSA-AES256-SHA:DHE-RSA-AES128-SHA256:DHE-RSA-AES128-SHA:DHE-DSS-AES128-SHA256:DHE-RSA-AES256-SHA256:DHE-DSS-AES256-SHA:DHE-RSA-AES256-SHA:AES128-GCM-SHA256:AES256-GCM-SHA384:AES128-SHA256:AES256-SHA256:AES128-SHA:AES256-SHA:AES:CAMELLIA:DES-CBC3-SHA:!aNULL:!eNULL:!EXPORT:!DES:!RC4:!MD5:!PSK:!aECDH:!EDH-DSS-DES-CBC3-SHA:!EDH-RSA-DES-CBC3-SHA:!KRB5-DES-CBC3-SHA';
ssl_prefer_server_ciphers on;
client_max_body_size 0;

location / {
	root /config/www;
	try_files $uri $uri/ /index.html /index.php?$args =404;
}
}

 

MyDomain:

server {
listen 80;
server_name inside.xxxxx.com;

location /jenkins {
	include /config/nginx/proxy.conf;
	proxy_pass http://192.168.100.210:8080/jenkins/;
}
}

 

Several issues with your config files. Each server block has to have its own cert, cipher, port, etc. settings. Your subdomains don't have those and they are only set up to use port 80

 

You are also mixing subdomains with url prefix redirection. The way it is set up, http://inside.xxxxxxxx.com/jenkins will be forwarded to http://192.168.100.210:8080/jenkins/ and only on port 80, not using the certs or https.

 

I think you should follow some guides for setting this up correctly

 

Link to comment

How do I just password protect a certain subdirectory of the site? I've been looking at nginx guides but haven't made any progress.

 

This is part of my config file,

 

    location / {
root /config/www;
index index.html index.htm index.php .htaccess;
#       auth_basic "Restricted";
#	auth_basic_user_file /config/nginx/.htpasswd;
}

    location /admin {
        include /config/nginx/proxy.conf;
        proxy_pass http://example.com/admin;
        auth_basic "Restricted";
auth_basic_user_file /config/nginx/.htpasswd;
}

 

I'm looking to restrict the /mnt/cache/appdata/nginx/www/admin directory. I'm probably doing this wrong. I get a username/password prompt but my credentials don't work. I assume its something to do with why I can't access the site when browsing from my internal network I just get a password prompt where my credentials don't work either. Any help would be much appreciated!

Link to comment

How do I just password protect a certain subdirectory of the site? I've been looking at nginx guides but haven't made any progress.

 

This is part of my config file,

 

    location / {
root /config/www;
index index.html index.htm index.php .htaccess;
#       auth_basic "Restricted";
#	auth_basic_user_file /config/nginx/.htpasswd;
}

    location /admin {
        include /config/nginx/proxy.conf;
        proxy_pass http://example.com/admin;
        auth_basic "Restricted";
auth_basic_user_file /config/nginx/.htpasswd;
}

 

I'm looking to restrict the /mnt/cache/appdata/nginx/www/admin directory. I'm probably doing this wrong. I get a username/password prompt but my credentials don't work. I assume its something to do with why I can't access the site when browsing from my internal network I just get a password prompt where my credentials don't work either. Any help would be much appreciated!

Look into htpasswd as well as the example configs I posted on page 5 of this thread

Link to comment

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.

Guest
Reply to this topic...

×   Pasted as rich text.   Restore formatting

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.