[Support] Linuxserver.io - SWAG - Secure Web Application Gateway (Nginx/PHP/Certbot/Fail2ban)


Recommended Posts

Hello, since start this year i get following error in the log:

"Client with the currently selected authenticator does not support any combination of challenges that will satisfy the CA. "

and i found this:

https://community.letsencrypt.org/t/solution-client-with-the-currently-selected-authenticator-does-not-support-any-combination-of-challenges-that-will-satisfy-the-ca/49983

 

it seems we need a new update to it?

 

Regards and Thanks for help

 

Link to comment
1 hour ago, bengele said:

Hello, since start this year i get following error in the log:

"Client with the currently selected authenticator does not support any combination of challenges that will satisfy the CA. "

and i found this:

https://community.letsencrypt.org/t/solution-client-with-the-currently-selected-authenticator-does-not-support-any-combination-of-challenges-that-will-satisfy-the-ca/49983

 

it seems we need a new update to it?

 

Regards and Thanks for help

 

 

Read the last few pages or the docker info

Link to comment
5 hours ago, bengele said:

Hello, since start this year i get following error in the log:

"Client with the currently selected authenticator does not support any combination of challenges that will satisfy the CA. "

and i found this:

https://community.letsencrypt.org/t/solution-client-with-the-currently-selected-authenticator-does-not-support-any-combination-of-challenges-that-will-satisfy-the-ca/49983

 

it seems we need a new update to it?

 

Regards and Thanks for help

 

 

 

Link to comment

Client with the currently selected authenticator does not support any combination of challenges that will satisfy the CA.

My letsencrypt just broke with the above error.

I have read that certbot has changed the way it works externally.

Does this mean that this docker is broken till further notice? 

Will my other servers stop when their certificate expires?

 

Edited by Jessie
Link to comment
Client with the currently selected authenticator does not support any combination of challenges that will satisfy the CA.
My letsencrypt just broke with the above error.
I have read that certbot has changed the way it works externally.
Does this mean that this docker is broken till further notice? 
Will my other servers stop when their certificate expires?
 
Read my post above yours

Sent from my LG-H815 using Tapatalk

Link to comment
1 hour ago, CHBMB said:

@statecowboy  Can you post your docker run command so I can be absolutely sure what is happening,  the template doesn't always show everything.  But it looks like you've got no HTTPVAL variable.

Hi - I'm sorry for wasting your time, but it turned out I did not set http val to "true" in my config.  Doing so fixed the problem.  Everything is working now.

 

Thank you.

Link to comment
7 minutes ago, statecowboy said:

Hi - I'm sorry for wasting your time, but it turned out I did not set http val to "true" in my config.  Doing so fixed the problem.  Everything is working now.

 

Thank you.

 

Dude, you posted almost all the info we needed, no need to apologise. ;)

 

  • Like 1
Link to comment
8 hours ago, CHBMB said:

Read my post above yours

Sent from my LG-H815 using Tapatalk
 

So I've made httpval = true.

pointed port 80 to the unraid server.

I tried to change the http setting in the docker panel to 80 but it fails.

It says 80 is already allocated, though I'm not sure to what. 

Back to 8088 which was my previous setting.  It starts but no certificate.

I checked previous posts but missed the answer if it is there.  

Will you be updating your guide to give us a hint?

Does the docker still work?

Link to comment
So I've made httpval = true.

pointed port 80 to the unraid server.

I tried to change the http setting in the docker panel to 80 but it fails.

It says 80 is already allocated, though I'm not sure to what. 

Back to 8088 which was my previous setting.  It starts but no certificate.

I checked previous posts but missed the answer if it is there.  

Will you be updating your guide to give us a hint?

Does the docker still work?

Post the info we asked for and we can tell you where you're going wrong. Unraid webui is running on port 80 for starters.

 

The github instructions are correct, the issue tends to be people not understanding ports.

 

Sent from my LG-H815 using Tapatalk

 

 

 

Link to comment
11 hours ago, CHBMB said:

Post the info we asked for and we can tell you where you're going wrong. Unraid webui is running on port 80 for starters.

 

The github instructions are correct, the issue tends to be people not understanding ports.

 

Sent from my LG-H815 using Tapatalk

 

 

 

Ahh I get it.  Sorry I'm still getting my head around finding things in this forum.  I didn't go back far enough.

 

If anyone is interested and had a previously working Letsencrypt docker which stopped:-

 

Change container port 80 to something that is not 80 on the docker config page.  (I used 8088)

Go to advanced settings on the Docker config page and make HTTPVAL: = true.

 

In your router, point external port 80 to internal port 8088 (or the internal port of your choice) to the ip address of the unraid server.

All other settings as you had them.

(The rest of it was set up as per CHBMB's Guide)

Restart the Dockers.

 

Worked for me.

 

image.thumb.png.7b2e8fb53e6c508fae4499a7b5b83085.png

image.thumb.png.7e5e3b022a025994848799bd4aef918d.png

Link to comment
On 1/21/2018 at 7:09 PM, CHBMB said:

 

God only knows what you actually need in the script, but -v means it can be mounted in the volume bit of your template, like this.....

 

0h4yP6R.png

 

Just make sure you've chmod +x and it has the right perms.

If I have gotten as far as installing it through a startup script. (yay)

How do I properly bash into the docker?

If I use docker attach I just end up in what seems to be the log output. No ability to execute commands like cd or apk etc.

I would like to call composer manually through ssh via the docker. On a other docker I can attach and execute commands.

 

Am I missing something here?

Link to comment
If I have gotten as far as installing it through a startup script. (yay)

How do I properly bash into the docker?

 

If I use docker attach I just end up in what seems to be the log output. No ability to execute commands like cd or apk etc.

I would like to call composer manually through ssh via the docker. On a other docker I can attach and execute commands.

 

Am I missing something here?

docker exec -it letsencrypt bash

 

Sent from my LG-H815 using Tapatalk

 

 

 

Link to comment
On 1/25/2018 at 3:48 PM, GilbN said:

And I dont use qbittorrent. So I didnt really test it. If you dont figure it out you could try sub domain. 

 

This worked better. 

 


server {
		listen 80;	
		listen 443 ssl http2;
		server_name qbit.domain.com;
			

location / {
    proxy_pass  http://192.168.1.34:8080;
    proxy_set_header   X-Forwarded-Host  $host:$server_port;
    proxy_hide_header  Referer;
    proxy_hide_header  Origin;
    proxy_set_header   Referer           '';
    proxy_set_header   Origin            '';
	add_header X-Frame-Options "SAMEORIGIN";			
    }
}

 

Thanks got it all sorted by adding my keys:

 

server {
		listen 80;	
		listen 443 ssl http2;
		server_name qbit.domain.com;
			
        # Ensure these lines point to your SSL certificate and key
        ssl_certificate /config/etc/letsencrypt/live/domain.duckdns.org/fullchain.pem;
        ssl_certificate_key /config/etc/letsencrypt/live/domain.duckdns.org/privkey.pem;
			
			
		location / {
			proxy_pass http://192.168.50.84:8080/;
			proxy_set_header   X-Forwarded-Host  $host:$server_port;
			proxy_hide_header  Referer;
			proxy_hide_header  Origin;
			proxy_set_header   Referer           '';
			proxy_set_header   Origin            '';
			add_header X-Frame-Options "SAMEORIGIN";			
    }
}

 

Link to comment
25 minutes ago, KeithG said:

Hello,

 

I'm wondering if this docker has support for IMAP / SMTP proxying? 

 

I read that is possible (https://www.nginx.com/resources/admin-guide/mail-proxy/)  but didn't know if the required Mail Modules were included.  I didn't see mention of them on the GitHub page so I thought I'd ask :)

 

Thanks!

 

Not sure, but probably. All official modules are included. Try it and see. If they are not in and we can add them, we will. 

Link to comment

So I was looking through my docker settings cleaning stuff up and noticed I had a typo in my email address.  I changed it not even thinking about the fact this would mess up with cert.  Can someone please tell me how to force it to re-issue a new cert?  I tried simply restarting the docker but that did not work.

 

This is the error I'm getting now:

nginx: [emerg] duplicate upstream "backend" in /config/nginx/site-confs/default.bak:1
 

Edited by statecowboy
Link to comment

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.

Guest
Reply to this topic...

×   Pasted as rich text.   Restore formatting

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.