bothwalker Posted March 17, 2016 Share Posted March 17, 2016 AAAAwwww, ok, thanks for the help... Quote Link to comment
aptalca Posted March 17, 2016 Share Posted March 17, 2016 The xml is fixed. So if you're having this issue, please install fresh from the community applications Quote Link to comment
bothwalker Posted March 19, 2016 Share Posted March 19, 2016 The xml is fixed. So if you're having this issue, please install fresh from the community applications It is working now for me. Many thanks to your great work. Quote Link to comment
Jammie Posted March 29, 2016 Share Posted March 29, 2016 I know it's probably a little late, but I wrote up an article on how to setup an nginx reverse proxy, with Let's Encrypt and basic auth. Quote Link to comment
kamhighway Posted March 29, 2016 Share Posted March 29, 2016 I know it's probably a little late, but I wrote up an article on how to setup an nginx reverse proxy, with Let's Encrypt and basic auth. Thank you for your writeup. I found it quite nice to have a start to finish explanation of how everything works together. There is no doubt that things will change over time, but for those of us trying to get this implemented now, your guide is much easier to follow than the having to piece it all together from 7 pages of posts. All the best. Quote Link to comment
aptalca Posted March 29, 2016 Share Posted March 29, 2016 I know it's probably a little late, but I wrote up an article on how to setup an nginx reverse proxy, with Let's Encrypt and basic auth. Thank you for your writeup. I found it quite nice to have a start to finish explanation of how everything works together. There is no doubt that things will change over time, but for those of us trying to get this implemented now, your guide is much easier to follow than the having to piece it all together from 7 pages of posts. All the best. Well, as much as I like guides, in this case the guide is using a completely different container than these 7 pages were about :-) That's totally fine, but keep that in mind when you skip the 7 pages and come back for support Feel free to use either container, and a heads up, the docker hub pages or even the github pages should contain the install instructions for most containers and they should be listed in the Community Applications entry for the unraid containers Quote Link to comment
aptalca Posted March 30, 2016 Share Posted March 30, 2016 Just to let everyone know, I pushed an important update to my letsencrypt container. Fixed an issue that might prevent cert renewal through cron. https://hub.docker.com/r/aptalca/nginx-letsencrypt/ Quote Link to comment
kamhighway Posted March 30, 2016 Share Posted March 30, 2016 @aptalca, I assumed the guide was for your dockers since the link was posted in this support thread. I see now that I was wrong. Thanks for pointing that out. Saved me some time following a guide that was not for the docker I wanted to install. Quote Link to comment
aptalca Posted March 30, 2016 Share Posted March 30, 2016 @aptalca, I assumed the guide was for your dockers since the link was posted in this support thread. I see now that I was wrong. Thanks for pointing that out. Saved me some time following a guide that was not for the docker I wanted to install. No problem :-) just wanted to clarify. And I meant no offense to Jammie, he did a great job with the guide, which I'm sure will be helpful to many others. Quote Link to comment
In0cenT Posted April 4, 2016 Share Posted April 4, 2016 Hello aptalca I cant get your docker to create, when I press the create button nothing happens at all. What information can I provide to find the source of the problem? Quote Link to comment
aptalca Posted April 4, 2016 Share Posted April 4, 2016 Hello aptalca I cant get your docker to create, when I press the create button nothing happens at all. What information can I provide to find the source of the problem? Click on advanced view. And make sure you read the description at the top of that page Quote Link to comment
In0cenT Posted April 4, 2016 Share Posted April 4, 2016 My misstake, sorry... I'm gettin following error: dcdcd12136c96a4c28818838a762f6fe957f99efb8cebaccbf1c71c6b4b84256 Error response from daemon: Cannot start container dcdcd12136c96a4c28818838a762f6fe957f99efb8cebaccbf1c71c6b4b84256: Error starting userland proxy: listen tcp 0.0.0.0:80: bind: address already in use I used to have letsencrypt and nginx running on my Raspberry, but I want everything in one box Quote Link to comment
aptalca Posted April 4, 2016 Share Posted April 4, 2016 My misstake, sorry... I'm gettin following error: dcdcd12136c96a4c28818838a762f6fe957f99efb8cebaccbf1c71c6b4b84256 Error response from daemon: Cannot start container dcdcd12136c96a4c28818838a762f6fe957f99efb8cebaccbf1c71c6b4b84256: Error starting userland proxy: listen tcp 0.0.0.0:80: bind: address already in use I used to have letsencrypt and nginx running on my Raspberry, but I want everything in one box You have to map port 80 to something else because the unraid gui is using it Quote Link to comment
In0cenT Posted April 5, 2016 Share Posted April 5, 2016 You're a star, working perfectly! Thanks for your help! Quote Link to comment
EdgarWallace Posted April 5, 2016 Share Posted April 5, 2016 Aptalca, as Bungy's ownCloud isn't supporting HTTPS I thought that by using your docker I could fix my issue: http://lime-technology.com/forum/index.php?topic=38930.msg461212#msg461212. Is that a correct assumption? If so are these the right steps to install it? 1.) Router: port forwarding from Port 443 to the Port of the respective ownCloud Docker (e.g. 8000) 2.) Install your docker by using Advanced View 3.) Accessing ownCloud by using: via LAN: https://192.168.178.28:443 via WAN: www.example.url:443 Sorry for the noob questions. Below is my log: Creating virtual environment... Installing Python packages... Installation succeeded. Requesting root privileges to run letsencrypt... ~/.local/share/letsencrypt/bin/letsencrypt certonly --renew-by-default --standalone --standalone-supported-challenges tls-sni-01 --email [email protected] --agree-tos -d example.url -d www.example.url IMPORTANT NOTES: - The following errors were reported by the server: Domain: example.url Type: connection Detail: Failed to connect to host for DVSNI challenge Domain: www.example.url Type: connection Detail: Failed to connect to host for DVSNI challenge To fix these errors, please make sure that your domain name was entered correctly and the DNS A record(s) for that domain contain(s) the right IP address. Additionally, please check that your computer has a publicly routable IP address and that no firewalls are preventing the server from communicating with the client. If you're using the webroot plugin, you should also verify that you are serving files from the webroot path you provided. Restarting web server * Starting authentication failure monitor fail2ban ...fail! Apr 5 17:16:19 Tower syslog-ng[6168]: syslog-ng starting up; version='3.5.3' Apr 5 17:17:01 Tower /USR/SBIN/CRON[6182]: (root) CMD ( cd / && run-parts --report /etc/cron.hourly) Di I have to register myself somewhere? Thanks for having created this docker. Quote Link to comment
aptalca Posted April 5, 2016 Share Posted April 5, 2016 Aptalca, as Bungy's ownCloud isn't supporting HTTPS I thought that by using your docker I could fix my issue: http://lime-technology.com/forum/index.php?topic=38930.msg461212#msg461212. Is that a correct assumption? If so are these the right steps to install it? 1.) Router: port forwarding from Port 443 to the Port of the respective ownCloud Docker (e.g. 8000) 2.) Install your docker by using Advanced View 3.) Accessing ownCloud by using: via LAN: https://192.168.178.28:443 via WAN: www.example.url:443 Sorry for the noob questions. Below is my log: Creating virtual environment... Installing Python packages... Installation succeeded. Requesting root privileges to run letsencrypt... ~/.local/share/letsencrypt/bin/letsencrypt certonly --renew-by-default --standalone --standalone-supported-challenges tls-sni-01 --email [email protected] --agree-tos -d example.url -d www.example.url IMPORTANT NOTES: - The following errors were reported by the server: Domain: example.url Type: connection Detail: Failed to connect to host for DVSNI challenge Domain: www.example.url Type: connection Detail: Failed to connect to host for DVSNI challenge To fix these errors, please make sure that your domain name was entered correctly and the DNS A record(s) for that domain contain(s) the right IP address. Additionally, please check that your computer has a publicly routable IP address and that no firewalls are preventing the server from communicating with the client. If you're using the webroot plugin, you should also verify that you are serving files from the webroot path you provided. Restarting web server * Starting authentication failure monitor fail2ban ...fail! Apr 5 17:16:19 Tower syslog-ng[6168]: syslog-ng starting up; version='3.5.3' Apr 5 17:17:01 Tower /USR/SBIN/CRON[6182]: (root) CMD ( cd / && run-parts --report /etc/cron.hourly) Di I have to register myself somewhere? Thanks for having created this docker. Port 443 has to be mapped to the letsencrypt container for validation and so it can get the certificate. For owncloud, you'll have to set up a reverse proxy (tell nginx to forward all traffic between the owncloud container and the user) I would recommend reading up on reverse proxy and url prefix. I never tried owncloud through reverse proxy but I'm using other containers like sab, couch, sonarr, plexwatch, etc. all through the nginx port Quote Link to comment
EdgarWallace Posted April 5, 2016 Share Posted April 5, 2016 I have mapped Port 90 (container port) to Port 90 (host port) and the router is forwarding port 443 to port 80 of my unRAID server IP. That should be correct, no? However I can't even reach the webUI of the letsencrypt container. By using the buildin DNS server of my router I was making some progress: Checking for new version... Creating virtual environment... Installing Python packages... Installation succeeded. Requesting root privileges to run letsencrypt... ~/.local/share/letsencrypt/bin/letsencrypt certonly --renew-by-default --standalone --standalone-supported-challenges tls-sni-01 --email [email protected] --agree-tos -d HTTP://xyz.myfritz.net Restarting web server * Starting authentication failure monitor fail2ban ...fail! Why isn't it possible to access the containers WebUI? Quote Link to comment
aptalca Posted April 5, 2016 Share Posted April 5, 2016 I have mapped Port 80 (container port) to Port 90 (host port) and the router is forwarding port 443 to port 90 of my unRAID server IP. That should be correct, no? However I can't even reach the webUI of the letsencrypt container. Map container port 443 to host port 90 and unraid port 90 to router 443 The key is that the outside port 443 should ultimately go to port 443 inside the container Quote Link to comment
EdgarWallace Posted April 6, 2016 Share Posted April 6, 2016 Apologies aptalca, I'm not getting it. I can reach my server from outside my LAN via unraid.url.myfritz.net:443 , so according to the guide on github that prerequisite is fulfilled. I have mapped port 80 of unRAID to port 443. Any other entry will not allow me to access unRAID from external. Additionally I do not understand what to enter under Port Mappings. Quote Link to comment
aptalca Posted April 6, 2016 Share Posted April 6, 2016 Apologies aptalca, I'm not getting it. I can reach my server from outside my LAN via unraid.url.myfritz.net:443 , so according to the guide on github that prerequisite is fulfilled. I have mapped port 80 of unRAID to port 443. Any other entry will not allow me to access unRAID from external. Additionally I do not understand what to enter under Port Mappings. Don't map port 80 to 443. you are not trying to reach the unraid gui. Plus, you should never make your unraid web gui accessible from the Internet. It is not secure enough. You're trying to reach the webserver running inside the container. So do this: on your router, forward outside port 443 to port 443 at your local server ip. Then in the container settings, map 443 to 443 so an outside request to port 443 gets forwarded all the way to port 443 inside the container. And make sure not to put http in the url field in container settings it should be just unraid.ip.myfritz.net Then check the logs to make sure that it was able to generate a certificate By the way port 443 is the default port for https so when it all works out, you access the new webserver by going to https://unraid.ip.myfritz.net no need to define port number Quote Link to comment
rix Posted April 6, 2016 Author Share Posted April 6, 2016 Just to annoy you with your otherwise flawless webserver container: to get php running again a look at how: https://hub.docker.com/r/lsiodev/owncloud/ implemented php7 with nginx might be helpful. If you have the time to get php running, that is Quote Link to comment
aptalca Posted April 6, 2016 Share Posted April 6, 2016 Just to annoy you with your otherwise flawless webserver container: to get php running again a look at how: https://hub.docker.com/r/lsiodev/owncloud/ implemented php7 with nginx might be helpful. If you have the time to get php running, that is Don't worry, I haven't forgotten about the php issue I wanted to get the cert renewals completely figured out as it was my top priority. I think that's done now so I'll look into php in the next few days Quote Link to comment
rix Posted April 6, 2016 Author Share Posted April 6, 2016 Just to annoy you with your otherwise flawless webserver container: to get php running again a look at how: https://hub.docker.com/r/lsiodev/owncloud/ implemented php7 with nginx might be helpful. If you have the time to get php running, that is Don't worry, I haven't forgotten about the php issue I wanted to get the cert renewals completely figured out as it was my top priority. I think that's done now so I'll look into php in the next few days Thank you very much OCD-me wants to remove unnecessary docker containers of which muximux is one (running of its own instead of inside your nginx container). Would not kill me to wait for this for another few week Quote Link to comment
EdgarWallace Posted April 6, 2016 Share Posted April 6, 2016 Don't map port 80 to 443. you are not trying to reach the unraid gui. Plus, you should never make your unraid web gui accessible from the Internet. It is not secure enough. You're trying to reach the webserver running inside the container. So do this: on your router, forward outside port 443 to port 443 at your local server ip. Then in the container settings, map 443 to 443 so an outside request to port 443 gets forwarded all the way to port 443 inside the container. And make sure not to put http in the url field in container settings it should be just unraid.ip.myfritz.net Then check the logs to make sure that it was able to generate a certificate By the way port 443 is the default port for https so when it all works out, you access the new webserver by going to https://unraid.ip.myfritz.net no need to define port number My router might be the issue....your guide is saying: "Make sure that your server is reachable through your.domain.url:443" and mine is not. I do believe that I resolved all issues (see both screen shots) but ca't access the webUI. The router webUI is also using port 443 for external access but I switched this off. Sorry for being a pain. Quote Link to comment
rix Posted April 6, 2016 Author Share Posted April 6, 2016 Don't map port 80 to 443. you are not trying to reach the unraid gui. Plus, you should never make your unraid web gui accessible from the Internet. It is not secure enough. You're trying to reach the webserver running inside the container. So do this: on your router, forward outside port 443 to port 443 at your local server ip. Then in the container settings, map 443 to 443 so an outside request to port 443 gets forwarded all the way to port 443 inside the container. And make sure not to put http in the url field in container settings it should be just unraid.ip.myfritz.net Then check the logs to make sure that it was able to generate a certificate By the way port 443 is the default port for https so when it all works out, you access the new webserver by going to https://unraid.ip.myfritz.net no need to define port number My router might be the issue....your guide is saying: "Make sure that your server is reachable through your.domain.url:443" and mine is not. I do believe that I resolved all issues (see both screen shots) but ca't access the webUI. The router webUI is also using port 443 for external access but I switched this off. Sorry for being a pain. @german stell mal sicher, dass die ip deines unraid servers die 192.168.178.28 ist. Mit anderen Worten, wenn du unter https://192.168.178.28 nginx im lokalen netz erreichst liegt das problem bei der portfreigabe deiner fritzbox. erreichst du unter dieser adresse nginx nicht, dann stimm etwas in deinem unraid (docker) setup nicht translates roughly to: ensure the ip set in port forwarding is the one your nginx docker listens to locally. Quote Link to comment
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.