IWasJustHere Posted May 15, 2019 Share Posted May 15, 2019 Hi All - While trying to set up Nextcloud with Letsincrypt(Spaceinvader One Method) - I get the following error from the Letsencrypt Log, and really have no idea what to do: nginx: [alert] detected a LuaJIT version which is not OpenResty's; many optimizations will be disabled and performance will be compromised (see https://github.com/openresty/luajit2 for OpenResty's LuaJIT or, even better, consider using the OpenResty releases from https://openresty.org/en/download.html) nginx: [error] lua_load_resty_core failed to load the resty.core module from https://github.com/openresty/lua-resty-core; ensure you are using an OpenResty release from https://openresty.org/en/download.html (rc: 2, reason: module 'resty.core' not found: no field package.preload['resty.core'] no file './resty/core.lua' no file '/usr/share/luajit-2.1.0-beta3/resty/core.lua' no file '/usr/local/share/lua/5.1/resty/core.lua' no file '/usr/local/share/lua/5.1/resty/core/init.lua' no file '/usr/share/lua/5.1/resty/core.lua' no file '/usr/share/lua/5.1/resty/core/init.lua' no file '/usr/share/lua/common/resty/core.lua' no file '/usr/share/lua/common/resty/core/init.lua' no file './resty/core.so' no file '/usr/local/lib/lua/5.1/resty/core.so' no file '/usr/lib/lua/5.1/resty/core.so' no file '/usr/local/lib/lua/5.1/loadall.so' no file './resty.so' no file '/usr/local/lib/lua/5.1/resty.so' no file '/usr/lib/lua/5.1/resty.so' no file '/usr/local/lib/lua/5.1/loadall.so') Server ready And when I access Nextcloud from WAN, I just see: "Welcome to Server" Please advise Best, Quote Link to comment
saarg Posted May 15, 2019 Share Posted May 15, 2019 2 hours ago, IWasJustHere said: Hi All - While trying to set up Nextcloud with Letsincrypt(Spaceinvader One Method) - I get the following error from the Letsencrypt Log, and really have no idea what to do: nginx: [alert] detected a LuaJIT version which is not OpenResty's; many optimizations will be disabled and performance will be compromised (see https://github.com/openresty/luajit2 for OpenResty's LuaJIT or, even better, consider using the OpenResty releases from https://openresty.org/en/download.html) nginx: [error] lua_load_resty_core failed to load the resty.core module from https://github.com/openresty/lua-resty-core; ensure you are using an OpenResty release from https://openresty.org/en/download.html (rc: 2, reason: module 'resty.core' not found: no field package.preload['resty.core'] no file './resty/core.lua' no file '/usr/share/luajit-2.1.0-beta3/resty/core.lua' no file '/usr/local/share/lua/5.1/resty/core.lua' no file '/usr/local/share/lua/5.1/resty/core/init.lua' no file '/usr/share/lua/5.1/resty/core.lua' no file '/usr/share/lua/5.1/resty/core/init.lua' no file '/usr/share/lua/common/resty/core.lua' no file '/usr/share/lua/common/resty/core/init.lua' no file './resty/core.so' no file '/usr/local/lib/lua/5.1/resty/core.so' no file '/usr/lib/lua/5.1/resty/core.so' no file '/usr/local/lib/lua/5.1/loadall.so' no file './resty.so' no file '/usr/local/lib/lua/5.1/resty.so' no file '/usr/lib/lua/5.1/resty.so' no file '/usr/local/lib/lua/5.1/loadall.so') Server ready And when I access Nextcloud from WAN, I just see: "Welcome to Server" Please advise Best, That error is harmless unless you run anything Lua, which nextcloud doesn't. So you set something up wrong. Quote Link to comment
IWasJustHere Posted May 15, 2019 Share Posted May 15, 2019 On 5/11/2019 at 6:02 PM, aptalca said: That's an unrelated issue due to the alpine lua package. No fix for that yet, but it's not the cause of your proxy issue [SOLVED ]You sir - are a champion! I hired a consultant who couldn't figureit out either. Turns out, the Nextcloud conf file I didn't rename correct! (need to learn Krusader better) Quote Link to comment
Abigel Posted May 16, 2019 Share Posted May 16, 2019 On 5/14/2019 at 3:08 PM, aptalca said: Yes, edit the proxy confs to uncomment the relevant lines. Instructions in there. If you're going to use http auth, first generate the .htpasswd as described in the readme Which is the proxy conf data ? Quote Link to comment
aptalca Posted May 16, 2019 Share Posted May 16, 2019 (edited) 6 hours ago, Abigel said: Which is the proxy conf data ? Ie. nextcloud.subdomain.conf Edited May 16, 2019 by aptalca 1 Quote Link to comment
CorneliousJD Posted May 16, 2019 Share Posted May 16, 2019 Hi all, I've recently started having an issue where HTTP traffic is not auto-redirected to HTTPS, I'm not sure exactly when this issue started happening, but the code I'm using to do that hasn't changed in my config, and now I'm finding that it's not working. # REDIRECT TRAFFIC TO HTTPS server { listen 80; server_name www.domain.com; return https://www.domain.com$request_uri; } I've tried this both with and without the www. in the server_name entry. For aesthetic reasons I like the redirect to always be https://www.domain.com. Is there some other way I should be doing this redirect? Quote Link to comment
aptalca Posted May 16, 2019 Share Posted May 16, 2019 (edited) 3 hours ago, CorneliousJD said: Hi all, I've recently started having an issue where HTTP traffic is not auto-redirected to HTTPS, I'm not sure exactly when this issue started happening, but the code I'm using to do that hasn't changed in my config, and now I'm finding that it's not working. # REDIRECT TRAFFIC TO HTTPS server { listen 80; server_name www.domain.com; return https://www.domain.com$request_uri; } I've tried this both with and without the www. in the server_name entry. For aesthetic reasons I like the redirect to always be https://www.domain.com. Is there some other way I should be doing this redirect? Change that section back to the defaults: https://github.com/linuxserver/docker-letsencrypt/blob/master/root/defaults/default#L5-L10 Right now it is only catching www.domain.com and it's redirecting it to www.domain.com on 443. The defaults catch everything and redirect it to the https version of whatever's requested. Then you can create a second block where it listens on 443, the server name is domain.com and redirects to www.domain.com Edited May 16, 2019 by aptalca Quote Link to comment
CorneliousJD Posted May 16, 2019 Share Posted May 16, 2019 14 minutes ago, aptalca said: Change that section back to the defaults: https://github.com/linuxserver/docker-letsencrypt/blob/master/root/defaults/default#L5-L10 Right now it is only catching www.domain.com and it's redirecting it to www.domain.com on 443. The defaults catch everything and redirect it to the https version of whatever's requested Thanks, I think i had messed with that because of the www aesthetic I wanted but I can certainly live without that as long as it properly works. Just updated this and it seems to, although I think the 301 redirect on my PC was working for a while and I didn't notice it until I tried from another device. Will do more in-depth testing with things set back to default. Thanks! Quote Link to comment
aptalca Posted May 17, 2019 Share Posted May 17, 2019 7 hours ago, CorneliousJD said: Thanks, I think i had messed with that because of the www aesthetic I wanted but I can certainly live without that as long as it properly works. Just updated this and it seems to, although I think the 301 redirect on my PC was working for a while and I didn't notice it until I tried from another device. Will do more in-depth testing with things set back to default. Thanks! Edited my post above to add info on how to get redirect to www working. What you want to do is, only catch the naked domain and redirect it to www. You don't want ombi.domain.com to redirect to www.domain.com Quote Link to comment
Abigel Posted May 17, 2019 Share Posted May 17, 2019 (edited) 20 hours ago, aptalca said: Ie. nextcloud.subdomain.conf I don't see something that can help me to set password protection: # make sure that your dns has a cname set for nextcloud # assuming this container is called "letsencrypt", edit your nextcloud container's config # located at /config/www/nextcloud/config/config.php and add the following lines before the ");": # 'trusted_proxies' => ['letsencrypt'], # 'overwrite.cli.url' => 'https://nextcloud.your-domain.com/', # 'overwritehost' => 'nextcloud.your-domain.com', # 'overwriteprotocol' => 'https', # # Also don't forget to add your domain name to the trusted domains array. It should look somewhat like this: # array ( # 0 => '192.168.0.1:444', # This line may look different on your setup, don't modify it. # 1 => 'nextcloud.your-domain.com', # ), server { listen 443 ssl; listen [::]:443 ssl; server_name nextcloud.*; include /config/nginx/ssl.conf; client_max_body_size 0; location / { include /config/nginx/proxy.conf; resolver 127.0.0.11 valid=30s; set $upstream_nextcloud nextcloud; proxy_max_temp_file_size 2048m; proxy_pass https://$upstream_nextcloud:443; } } Another question: Let's encrypt network settings go over bridge 192.168.3.3, I add Dokuwiki for example in the config with the same bridge IP 192.168.3.3 then it works (both over bridge). If I give Dokuwiki an own address like 192.168.3.4 it doesn't work. Why can't Let's encrypt the requests just forward them to another IP? Edited May 17, 2019 by Abigel extra question Quote Link to comment
aptalca Posted May 17, 2019 Share Posted May 17, 2019 2 hours ago, Abigel said: I don't see something that can help me to set password protection: # make sure that your dns has a cname set for nextcloud # assuming this container is called "letsencrypt", edit your nextcloud container's config # located at /config/www/nextcloud/config/config.php and add the following lines before the ");": # 'trusted_proxies' => ['letsencrypt'], # 'overwrite.cli.url' => 'https://nextcloud.your-domain.com/', # 'overwritehost' => 'nextcloud.your-domain.com', # 'overwriteprotocol' => 'https', # # Also don't forget to add your domain name to the trusted domains array. It should look somewhat like this: # array ( # 0 => '192.168.0.1:444', # This line may look different on your setup, don't modify it. # 1 => 'nextcloud.your-domain.com', # ), server { listen 443 ssl; listen [::]:443 ssl; server_name nextcloud.*; include /config/nginx/ssl.conf; client_max_body_size 0; location / { include /config/nginx/proxy.conf; resolver 127.0.0.11 valid=30s; set $upstream_nextcloud nextcloud; proxy_max_temp_file_size 2048m; proxy_pass https://$upstream_nextcloud:443; } } Another question: Let's encrypt network settings go over bridge 192.168.3.3, I add Dokuwiki for example in the config with the same bridge IP 192.168.3.3 then it works (both over bridge). If I give Dokuwiki an own address like 192.168.3.4 it doesn't work. Why can't Let's encrypt the requests just forward them to another IP? If there is no setting for http auth, that usually means it doesn't work with it. Nextcloud has its own auth built in so likely it collides with http auth. Do you mean br0? That's macvlan, not bridge, and it blocks connections between host and the containers on it. But I'm making assumptions because you are not providing enough info to understand the situation. Quote Link to comment
alturismo Posted May 18, 2019 Share Posted May 18, 2019 Hi, may someone has a hint how to get the xteve site working behind reverse proxy when i curl the sitenames (local 192.168...../web or my.domain/web) the result is exactly the same, so there are no differences. the symptom when using the external domain is an endless loading spinner on the site here a respond from curl in case that could help ... <!doctype html> <html> <head> <meta charset="utf-8"> <!--- <meta name="viewport" content="width=device-width, initial-scale=1.0" /> --> <title>xTeVe</title> <link rel="stylesheet" href="css/screen.css" type="text/css"> <link rel="stylesheet" href="css/base.css" type="text/css"> <script language="javascript" type="text/javascript" src="js/base.js"></script> <script language="javascript" type="text/javascript" src="js/menu.js"></script> <script language="javascript" type="text/javascript" src="js/data.js"></script> <script language="javascript" type="text/javascript" src="js/log.js"></script> <script language="javascript" type="text/javascript" src="js/users.js"></script> <script language="javascript" type="text/javascript" src="js/files.js"></script> <script language="javascript" type="text/javascript" src="js/mapping-editor.js"></script> </head> <body onload="javascript: pageReady();"> <div id="loading" class="block"> <div class="loader"> </div> </div> ............ screenshot from spinner (site started loading but doesnt go further) and here the reverse proxy conf part yet (it was simpler, but i tried adding all kinda things i readed across the web. server { listen 443 ssl; root /config/www; index index.html index.htm index.php; server_name web.*; ssl_certificate /config/keys/letsencrypt/fullchain.pem; ssl_certificate_key /config/keys/letsencrypt/privkey.pem; ssl_dhparam /config/nginx/dhparams.pem; ssl_ciphers 'ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES256-GCM-SHA384:DHE-RSA-AES128-GCM-SHA256:DHE-DSS-AES128-GCM-SHA256:kEDH+AESGCM:ECDHE-RSA-AES128-SHA256:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA:ECDHE-ECDSA-AES128-SHA:ECDHE-RSA-AES256-SHA384:ECDHE-ECDSA-AES256-SHA384:ECDHE-RSA-AES256-SHA:ECDHE-ECDSA-AES256-SHA:DHE-RSA-AES128-SHA256:DHE-RSA-AES128-SHA:DHE-DSS-AES128-SHA256:DHE-RSA-AES256-SHA256:DHE-DSS-AES256-SHA:DHE-RSA-AES256-SHA:AES128-GCM-SHA256:AES256-GCM-SHA384:AES128-SHA256:AES256-SHA256:AES128-SHA:AES256-SHA:AES:CAMELLIA:DES-CBC3-SHA:!aNULL:!eNULL:!EXPORT:!DES:!RC4:!MD5:!PSK:!aECDH:!EDH-DSS-DES-CBC3-SHA:!EDH-RSA-DES-CBC3-SHA:!KRB5-DES-CBC3-SHA'; ssl_prefer_server_ciphers on; client_max_body_size 0; location / { auth_basic off; allow all; # Allow all to see content # auth_basic "Restricted"; # auth_basic_user_file /config/nginx/.htpasswd; include /config/nginx/proxy.conf; proxy_pass http://192.168.1.2:34400; proxy_buffering off; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; proxy_set_header Upgrade $http_upgrade; proxy_set_header Connection $http_connection; access_log off; } } in case someone has a idea, thanks ahead Quote Link to comment
monogoat Posted May 18, 2019 Share Posted May 18, 2019 I can't seem to find a similar error searching through this thread. I am trying to get this docker setup as a reverse proxy, and when starting it fails like this: Generating new certificate An unexpected error occurred: pkg_resources.ContextualVersionConflict: (urllib3 1.25.2 (/usr/lib/python3.6/site-packages), Requirement.parse('urllib3<1.25,>=1.20; python_version >= "3.4"'), {'botocore'}) Please see the logfile '/tmp/tmpffuut7dx' for more details. ERROR: Cert does not exist! Please see the validation error above. The issue may be due to incorrect dns or port forwarding settings. Please fix your settings and recreate the container Here is the output from the logfile it references: 2019-05-18 13:34:09,180:DEBUG:certbot.log:Exiting abnormally: Traceback (most recent call last): File "/usr/bin/certbot", line 10, in <module> sys.exit(main()) File "/usr/lib/python3.6/site-packages/certbot/main.py", line 1349, in main plugins = plugins_disco.PluginsRegistry.find_all() File "/usr/lib/python3.6/site-packages/certbot/plugins/disco.py", line 209, in find_all plugin_ep = PluginEntryPoint(entry_point) File "/usr/lib/python3.6/site-packages/certbot/plugins/disco.py", line 51, in __init__ self.plugin_cls = entry_point.load() File "/usr/lib/python3.6/site-packages/pkg_resources/__init__.py", line 2345, in load self.require(*args, **kwargs) File "/usr/lib/python3.6/site-packages/pkg_resources/__init__.py", line 2368, in require items = working_set.resolve(reqs, env, installer, extras=self.extras) File "/usr/lib/python3.6/site-packages/pkg_resources/__init__.py", line 789, in resolve raise VersionConflict(dist, req).with_context(dependent_req) pkg_resources.ContextualVersionConflict: (urllib3 1.25.2 (/usr/lib/python3.6/site-packages), Requirement.parse('urllib3<1.25,>=1.20; python_version >= "3.4"'), {'botocore'}) 2019-05-18 13:34:09,180:ERROR:certbot.log:An unexpected error occurred: I tried installing python3 with the nerdpack plugin, made no difference. Any ideas about what is going on? Quote Link to comment
CHBMB Posted May 18, 2019 Share Posted May 18, 2019 @monogoat Quote The issue may be due to incorrect dns or port forwarding settings. Please fix your settings Post your docker run command, it's wrong, or your router config is wrong. Quote Link to comment
monogoat Posted May 18, 2019 Share Posted May 18, 2019 Well all I did when adding it from CA was add in the ports, 80 and 443, the email and the domain. In the mean time I installed NginxProxyManager and it is working fine, so I'll stick with it for now. Thanks Quote Link to comment
CHBMB Posted May 18, 2019 Share Posted May 18, 2019 4 minutes ago, monogoat said: Well all I did when adding it from CA was add in the ports, 80 and 443, the email and the domain. In the mean time I installed NginxProxyManager and it is working fine, so I'll stick with it for now. Thanks If you don't provide us with the information, we can't help. Quote Link to comment
monogoat Posted May 18, 2019 Share Posted May 18, 2019 3 minutes ago, CHBMB said: If you don't provide us with the information, we can't help. I'm sorry for any confusion, I have it working with the NginxProxyManager so I didn't want to bother using up anyone's time trying to troubleshoot this problem. Thanks for everything you guys do. Quote Link to comment
CHBMB Posted May 18, 2019 Share Posted May 18, 2019 3 minutes ago, monogoat said: I'm sorry for any confusion, I have it working with the NginxProxyManager so I didn't want to bother using up anyone's time trying to troubleshoot this problem. Thanks for everything you guys do. Actually I'm already looking at it, I *think* it's a problem with a python package. Quote Link to comment
monogoat Posted May 18, 2019 Share Posted May 18, 2019 26 minutes ago, CHBMB said: Actually I'm already looking at it, I *think* it's a problem with a python package. I can reinstall the container and provide you with any information you need to help fix, if it doesn't appear isolated to my configuration Quote Link to comment
CHBMB Posted May 18, 2019 Share Posted May 18, 2019 1 minute ago, monogoat said: I can reinstall the container and provide you with any information you need to help fix, if it doesn't appear isolated to my configuration It's OK thanks, I think I've isolated it and have submitted a PR to fix it. Quote Link to comment
CHBMB Posted May 18, 2019 Share Posted May 18, 2019 17 minutes ago, monogoat said: I can reinstall the container and provide you with any information you need to help fix, if it doesn't appear isolated to my configuration Fix has been merged, so if you try again it should work now. Quote Link to comment
Ehtele Posted May 19, 2019 Share Posted May 19, 2019 15 hours ago, CHBMB said: Fix has been merged, so if you try again it should work now. I had the same error with python as monogoat, but it worked after deleting the container and then (re-)install it after the merge. Thank you for the quick fix. Quote Link to comment
Beaker69 Posted May 20, 2019 Share Posted May 20, 2019 Reinstalled Letsencrypt and add some of the Conf files but am still getting. nginx: [alert] detected a LuaJIT version which is not OpenResty's; many optimizations will be disabled and performance will be compromised (see https://github.com/openresty/luajit2 for OpenResty's LuaJIT or, even better, consider using the OpenResty releases from https://openresty.org/en/download.html) nginx: [error] lua_load_resty_core failed to load the resty.core module from https://github.com/openresty/lua-resty-core; ensure you are using an OpenResty release from https://openresty.org/en/download.html (rc: 2, reason: module 'resty.core' not found: no field package.preload['resty.core'] no file './resty/core.lua' no file '/usr/share/luajit-2.1.0-beta3/resty/core.lua' no file '/usr/local/share/lua/5.1/resty/core.lua' no file '/usr/local/share/lua/5.1/resty/core/init.lua' no file '/usr/share/lua/5.1/resty/core.lua' no file '/usr/share/lua/5.1/resty/core/init.lua' no file '/usr/share/lua/common/resty/core.lua' no file '/usr/share/lua/common/resty/core/init.lua' no file './resty/core.so' no file '/usr/local/lib/lua/5.1/resty/core.so' no file '/usr/lib/lua/5.1/resty/core.so' no file '/usr/local/lib/lua/5.1/loadall.so' no file './resty.so' no file '/usr/local/lib/lua/5.1/resty.so' no file '/usr/lib/lua/5.1/resty.so' no file '/usr/local/lib/lua/5.1/loadall.so') As I am pretty new to all this any help would be gratefully appreciate. Quote Link to comment
Tuumke Posted May 20, 2019 Share Posted May 20, 2019 (edited) I got it working now Will post my config later -edit- I got my subdomains working with OrganizrV2 auth Edited May 20, 2019 by Tuumke Quote Link to comment
CHBMB Posted May 20, 2019 Share Posted May 20, 2019 Reinstalled Letsencrypt and add some of the Conf files but am still getting. nginx: [alert] detected a LuaJIT version which is not OpenResty's; many optimizations will be disabled and performance will be compromised (see https://github.com/openresty/luajit2 for OpenResty's LuaJIT or, even better, consider using the OpenResty releases from https://openresty.org/en/download.html) nginx: [error] lua_load_resty_core failed to load the resty.core module from https://github.com/openresty/lua-resty-core; ensure you are using an OpenResty release from https://openresty.org/en/download.html (rc: 2, reason: module 'resty.core' not found: no field package.preload['resty.core'] no file './resty/core.lua' no file '/usr/share/luajit-2.1.0-beta3/resty/core.lua' no file '/usr/local/share/lua/5.1/resty/core.lua' no file '/usr/local/share/lua/5.1/resty/core/init.lua' no file '/usr/share/lua/5.1/resty/core.lua' no file '/usr/share/lua/5.1/resty/core/init.lua' no file '/usr/share/lua/common/resty/core.lua' no file '/usr/share/lua/common/resty/core/init.lua' no file './resty/core.so' no file '/usr/local/lib/lua/5.1/resty/core.so' no file '/usr/lib/lua/5.1/resty/core.so' no file '/usr/local/lib/lua/5.1/loadall.so' no file './resty.so' no file '/usr/local/lib/lua/5.1/resty.so' no file '/usr/lib/lua/5.1/resty.so' no file '/usr/local/lib/lua/5.1/loadall.so') As I am pretty new to all this any help would be gratefully appreciate.Ignore it, discussed elsewhere in this thread and on GitHub. Harmless error if you're not using Lua and is a problem with the upstream project.Sent from my Mi A1 using Tapatalk Quote Link to comment
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.