[Request/Done] Let's Encrypt Container


rix

Recommended Posts

Yea no you can see Nginx fail to start in the log he posted.

 

* Starting nginx nginx
...fail!

 

Just to be certain use this to see if your ports really are open.

http://www.canyouseeme.org/

 

yup. installed the nginx docker. I can reach the landing page from that one from within the network as well as from the ddns.

 

Probably covered.  Kind of only leaves an issue with your ......duckdns.org domain.

Link to comment

Huh. canyouseeme gives me an error for 443 and 2132

I doubt there is anything wrong with my ddns, I have verified the correct spelling multiple times and it is most certainly routing to my IP.

 

Edit: Oh well, I give up for now.

 

It should give you an error for 2132, as that shouldn't be open on your router, it should be port 80 open on your router which is forwarded to 2132 on your Unraid box.

Link to comment

yeah, should  :'( I'll monitor this thread, if anyone has another idea...

Thank you so far man  :)

 

Edit: I did it so often. It didnt work. I didnt know why.

Felt like doing it one more time just now. It worked.  I dont know why.

The joy of working with computers.

I'm fairly sure my fritz box had a hiccup. port 443 is open now.

 

Next step: Getting it to work with mineOS and Nextcloud. Hope I can do that on my own.

Link to comment

yeah, should  :'( I'll monitor this thread, if anyone has another idea...

Thank you so far man  :)

 

Edit: I did it so often. It didnt work. I didnt know why.

Felt like doing it one more time just now. It worked.  I dont know why.

The joy of working with computers.

I'm fairly sure my fritz box had a hiccup. port 443 is open now.

 

Next step: Getting it to work with mineOS and Nextcloud. Hope I can do that on my own.

 

Happy days then....

 

Ignore my PM then.  ;)

Link to comment
  • 3 weeks later...

Hi all,

 

So for some reason ngix fails to start.  Have container setup with port 81 and 443.  Port 80, 81, and 443 are open, port 80 requests are being forwarded to 81, and confirmed working.  Let's encrypt works fine, but just can't get ngix to start, according to log.  I'm not sure how to fix and what info you guys would need in order to help me, so please ask and I will provide.  I am a bit of a noob with this so bare with me. 

 

Thanks so much!

Link to comment

Hi all,

 

So for some reason ngix fails to start.  Have container setup with port 81 and 443.  Port 80, 81, and 443 are open, port 80 requests are being forwarded to 81, and confirmed working.  Let's encrypt works fine, but just can't get ngix to start, according to log.  I'm not sure how to fix and what info you guys would need in order to help me, so please ask and I will provide.  I am a bit of a noob with this so bare with me. 

 

Thanks so much!

You can start by posting a log

Link to comment

Hi all,

 

So for some reason ngix fails to start.  Have container setup with port 81 and 443.  Port 80, 81, and 443 are open, port 80 requests are being forwarded to 81, and confirmed working.  Let's encrypt works fine, but just can't get ngix to start, according to log.  I'm not sure how to fix and what info you guys would need in order to help me, so please ask and I will provide.  I am a bit of a noob with this so bare with me. 

 

Thanks so much!

You can start by posting a log

 

Container log below

 

Nov 22 23:09:01 54e47c49a959 /USR/SBIN/CRON[377]: (root) CMD ( [ -x /usr/lib/php5/maxlifetime ] && [ -x /usr/lib/php5/sessionclean ] && [ -d /var/lib/php5 ] && /usr/lib/php5/sessionclean /var/lib/php5 $(/usr/lib/php5/maxlifetime))
Nov 22 23:17:01 54e47c49a959 /USR/SBIN/CRON[389]: (root) CMD ( cd / && run-parts --report /etc/cron.hourly)
*** Shutting down runit daemon (PID 357)...
*** Killing all processes...
*** Running /etc/my_init.d/00_regen_ssh_host_keys.sh...
*** Running /etc/my_init.d/firstrun.sh...
Using existing nginx.conf
Using existing nginx-fpm.conf
Using existing site config
Using existing landing page
Using existing jail.local
Using existing fail2ban filters
SUBDOMAINS entered, processing
Sub-domains processed are: -d www.mydomain.duckdns.org
2048 bit DH parameters present
<------------------------------------------------->

<------------------------------------------------->
cronjob running at Wed Nov 23 09:05:32 CST 2016
Running certbot renew
Saving debug log to /var/log/letsencrypt/letsencrypt.log
Cert not yet due for renewal

-------------------------------------------------------------------------------
No renewals attempted, so not running post-hook
Processing /etc/letsencrypt/renewal/mydomain.duckdns.org.conf
-------------------------------------------------------------------------------

The following certs are not due for renewal yet:
/etc/letsencrypt/live/mydomain.duckdns.org/fullchain.pem (skipped)
No renewals were attempted.
* Starting nginx nginx
...fail!
* Starting authentication failure monitor fail2ban
...done.
*** Running /etc/rc.local...
*** Booting runit daemon...
*** Runit started as PID 146
Nov 23 09:05:33 54e47c49a959 syslog-ng[155]: syslog-ng starting up; version='3.5.3' 

Link to comment
  • 1 month later...

Hi,

 

Is there any way to permanently add something to the crontab?

If i just add it normally, it vanishes on the next restart of the container

If you add it to crontab inside the container, it should remain until you reinstall the container (editing settings will also reinstall). Start / stop should be fine

Link to comment

I add it like this, after a restart, or stop and start, it just falls back to the standard crontab that comes with the container...

Any Idea what this could be?

 

 

# do daily/weekly/monthly maintenance
# min   hour    day     month   weekday command
*/15    *       *       *       *       run-parts /etc/periodic/15min
0       *       *       *       *       run-parts /etc/periodic/hourly
0       2       *       *       *       run-parts /etc/periodic/daily
0       3       *       *       6       run-parts /etc/periodic/weekly
0       5       1       *       *       run-parts /etc/periodic/monthly
# renew letsencrypt certs
8       2       *       *       *       /app/le-renew.sh >> /config/log/letsencrypt/letsencrypt.log 2>&1
*       /2       *       *       *       cp -u /etc/letsencrypt/live/3li.duckdns.org/chain.pem /etc/letsencrypt/live/3li.duckdns.org/chain.crt \
                                                && cp -u /etc/letsencrypt/live/sub.domain.tld/fullchain.pem /etc/letsencrypt/live/sub.domain.tld/fullchain.crt \
                                                && cp -u /etc/letsencrypt/live/sub.domain.tld/privkey.pem /etc/letsencrypt/live/sub.domain.tld/privkey.key \
                                                && cp -u /etc/letsencrypt/live/sub.domain.tld/cert.pem /etc/letsencrypt/live/sub.domain.tld/cert.crt

 

btw if you now a better way to rename the Certs to .crt and .key, i'm all ears ^^

 

 

EDIT: forgot to mention that i'm using the linuxserver/letsencrypt-Container and not yours Aptalca, maybe theirs is different for some reason...

 

Link to comment

I add it like this, after a restart, or stop and start, it just falls back to the standard crontab that comes with the container...

Any Idea what this could be?

 

 

# do daily/weekly/monthly maintenance
# min   hour    day     month   weekday command
*/15    *       *       *       *       run-parts /etc/periodic/15min
0       *       *       *       *       run-parts /etc/periodic/hourly
0       2       *       *       *       run-parts /etc/periodic/daily
0       3       *       *       6       run-parts /etc/periodic/weekly
0       5       1       *       *       run-parts /etc/periodic/monthly
# renew letsencrypt certs
8       2       *       *       *       /app/le-renew.sh >> /config/log/letsencrypt/letsencrypt.log 2>&1
*       /2       *       *       *       cp -u /etc/letsencrypt/live/3li.duckdns.org/chain.pem /etc/letsencrypt/live/3li.duckdns.org/chain.crt \
                                                && cp -u /etc/letsencrypt/live/sub.domain.tld/fullchain.pem /etc/letsencrypt/live/sub.domain.tld/fullchain.crt \
                                                && cp -u /etc/letsencrypt/live/sub.domain.tld/privkey.pem /etc/letsencrypt/live/sub.domain.tld/privkey.key \
                                                && cp -u /etc/letsencrypt/live/sub.domain.tld/cert.pem /etc/letsencrypt/live/sub.domain.tld/cert.crt

 

btw if you now a better way to rename the Certs to .crt and .key, i'm all ears ^^

 

 

EDIT: forgot to mention that i'm using the linuxserver/letsencrypt-Container and not yours Aptalca, maybe theirs is different for some reason...

The linuxserver one exports and imports the crontab from the config folder. Edit that one.

 

Why do you need to rename them?

Link to comment

The linuxserver one exports and imports the crontab from the config folder. Edit that one.

 

Thx, worked ;D

 

Why do you need to rename them?

 

my app only accepts .crt and .key and not the .pem versions...  ::)

 

thx for the help

Glad to hear it.

 

And the method you're using is the most appropriate one I can think of.

Link to comment
  • 2 weeks later...

How do I go about adding full PHP to this webserver so I can use Wordpress?

 

got reverse proxy all working but would like to use the web server without having to run a new web server install on non standard ports

 

I have already posted similar on https://github.com/linuxserver/docker-letsencrypt, just looking for a quick response as to if this is even possible

 

thanks

Both have php with most common modules installed.

 

Linuxserver one has been tested to work with wordpress (simple php site with a few plugins) .

 

If there are additional modules you need, Feel free to request them for addition.

 

Link to comment

Hi Aptalca,

 

thanks for the swift response.

so I have just downloaded wordpress, dropped it into the root on the www folder, yet when I go to the web server, it downloads the index.php file as if it is not able to read php.

this is why I had assumed that php was not part of the docker

 

I have done nothing apart from setup some site configs for reverse proxy, anything else I should need to do to get wordpress running? (i was expecting the install page to popup)

 

thanks

Link to comment

ok, so deleted the container, recreated it and now Wordpress is working :)

 

however when I try and add a new theme through wordpress I get...

Installation failed: Abort class-pclzip.php : Missing zlib extensions

 

can zlib extensions be added? (though not sure what they are)

 

many thanks again

Link to comment

ok, so deleted the container, recreated it and now Wordpress is working :)

 

however when I try and add a new theme through wordpress I get...

Installation failed: Abort class-pclzip.php : Missing zlib extensions

 

can zlib extensions be added? (though not sure what they are)

 

many thanks again

Yeah, just realized that the zlib extension is added to the latest dev version and it should be released very soon.

 

In the meantime you can exec into the container and do "apk add --update php5-zlib" and after that it should work

Link to comment

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.

Guest
Reply to this topic...

×   Pasted as rich text.   Restore formatting

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.