GilbN Posted October 14, 2019 Share Posted October 14, 2019 (edited) On 10/13/2019 at 7:05 AM, Spoonsy1480 said: I’m having trouble with let’s encrypt it was working fine but I have just changed isp that does not include a static up. Setup Cloudflare dns and Cloudflare points to my IP address I have a file and a www. That points to ip Let’s encrypt says it’s not correct at Cloudflare it doesn’t have a or cname it does Sent from my iPhone using Tapatalk Check port forwarding. New isp might block 80 Edited October 14, 2019 by GilbN Quote Link to comment
aptalca Posted October 15, 2019 Share Posted October 15, 2019 On 10/13/2019 at 1:05 AM, Spoonsy1480 said: I’m having trouble with let’s encrypt it was working fine but I have just changed isp that does not include a static up. Setup Cloudflare dns and Cloudflare points to my IP address I have a file and a www. That points to ip Let’s encrypt says it’s not correct at Cloudflare it doesn’t have a or cname it does Sent from my iPhone using Tapatalk Letsencrypt server seems to reach a server, but it's not the letsencrypt container. So either your ip is incorrect, or your port forwarding. See here: https://blog.linuxserver.io/2019/07/10/troubleshooting-letsencrypt-image-port-mapping-and-forwarding/ Quote Link to comment
Alec.Dalessandro Posted October 15, 2019 Share Posted October 15, 2019 these are the same results I am getting in my log of letsencrypt but 'i'm not sure how the port forwarding is incorrect.... Quote Link to comment
aptalca Posted October 15, 2019 Share Posted October 15, 2019 (edited) 9 hours ago, Alec.Dalessandro said: these are the same results I am getting in my log of letsencrypt but 'i'm not sure how the port forwarding is incorrect.... Your domain (external ip) is forwarded to your unraid gui. Fix your port forwarding. Follow the article I linked above Edited October 15, 2019 by aptalca Quote Link to comment
Kydonakis Posted October 15, 2019 Share Posted October 15, 2019 Hi guys. Awesome support in this thread. Anyone to indicate me how to configure letsencrypt for a container that doesn't support a base url (e.g., motioneye container running on unraid-IP:8765)? Does it help if the container is running on its own lan IP or not? What needs to be added to the letsencrypt configuration file? Apologies if it has been already replied somewhere in the last 156 pages. Quote Link to comment
Idolwild Posted October 15, 2019 Share Posted October 15, 2019 On 9/21/2019 at 3:04 PM, Saldash said: Sorry bud, I didn't even know you'd posted a response - I haven't had any notifications from the forum and only noticed when I popped on to ask a question about Grafana. I can't remember what is was that I had a problem with for this container, let me post this and I'll have a scroll back and edit this once I've remembered! -- EDIT Well I looked back and I haven't got a clue what i was on about! I do have everything setup and functioning so I would be happy to answer any specific questions you might have re the setup I use at this point. No worries - I was able to figure it out! Was surprisingly easy. Thanks for the response! Quote Link to comment
dandiodati Posted October 15, 2019 Share Posted October 15, 2019 Is there a way to enable debugging for nginx within the letsencrypt docker container. Still trying to solve the unms issues I have with websockets not working and I can't seem to turn on debugging mode. I need to get more logging on why its not passing through websocket calls to the unms docker container. Quote Link to comment
aptalca Posted October 16, 2019 Share Posted October 16, 2019 15 hours ago, Kydonakis said: Hi guys. Awesome support in this thread. Anyone to indicate me how to configure letsencrypt for a container that doesn't support a base url (e.g., motioneye container running on unraid-IP:8765)? Does it help if the container is running on its own lan IP or not? What needs to be added to the letsencrypt configuration file? Apologies if it has been already replied somewhere in the last 156 pages. If you use the subdomain method, you don't need a base url Quote Link to comment
Kydonakis Posted October 16, 2019 Share Posted October 16, 2019 I have already setup the rest of the containers with the subfolder method and I was wondering how I can attach motioneye to the existing config. Quote Link to comment
phil1c Posted October 17, 2019 Share Posted October 17, 2019 On 10/8/2019 at 3:06 PM, dandiodati said: Anyone else have luck setting up letsencrypt and unms ? I have both services running in docker containers. If I send a websocket request (curl --insecure --include --no-buffer --header "Connection: Upgrade" --header "Upgrade: websocket" --header "Host: example.com:80" --header "Origin: http://example.com:80" --header "Sec-WebSocket-Key: dGhlIHNhbXBsZSBub25jZQ==" --header "Sec-WebSocket-Version: 13" https://192.168.x.x:443/) then the nginx service within letsencrypt container just redirects me to its default home page instead of the unms container. If I use a regular https request then I do get redirected to the unms container(The login page). So something is weird with trying to connect as a websocket container which is needed for discovery. I tried the setting above too but no luck. Hey! I was having the same problem and eventually gave up. If you get this sorted, let me know. I will gladly try and help track this down again because it drives me nuts. For reference below are a few links to my own troubleshooting that I tried months ago, both from this post and from UBNT forums. Do note that my set up has changed since some of those posts in that I now have an EdgeSwitch8 instead of an Asus router in AP mode referenced in some of the posts. That change had no effect. If it lends itself to some other connection, I also cannot browse to my domain website (Ombi) from within my network. The UBNT rep suggested a static host map, but that brings me to an "ERR_CONNECTION_REFUSED" page when attempting to go through my domain. Initial Post: Follow-up: UBNT and exchange with UBNT support https://community.ui.com/questions/UNMS-WSS-key-using-WAN-IP-device-connection-times-out/7ea01845-1b3d-41a9-9555-172e8ecbd4b0 Quote Link to comment
Spoonsy1480 Posted October 17, 2019 Share Posted October 17, 2019 I’m having trouble with let’s encrypt it was working fine but I have just changed isp that does not include a static up. Setup Cloudflare dns and Cloudflare points to my IP address I have a file and a www. That points to ipLet’s encrypt says it’s not correct at Cloudflare it doesn’t have a or cname it doesSent from my iPhone using TapatalkI have it working now had to change http and https ports on UnRAID as my router won’t do that Sent from my iPhone using Tapatalk Quote Link to comment
Greg001 Posted October 18, 2019 Share Posted October 18, 2019 Hey all! I've been lurking for a while (weeks and months by now!) trying to figure out what I might be doing wrong, but figured it was time to actually ask for help I'm trying to set up letsencrypt to access nextcloud and others. I've followed SpaceInvaderOne's videos and various other guides online. I ended up switching to DNS validation thinking it might be an issue with port forwarding or my isp blocking some ports (as I understand it, DNS validation would avoid all this). Letsencrypt logs show "Server ready", but I still can't access my containers. I get an ERR_SSL_PROTOCOL_ERROR message. I've also tried using tools like https://www.sslshopper.com/ssl-checker.html to check and the IP resolves to my router, but it tells me that no SSL certificates were found and to check name resolution and port forwarding (which is how I switched to DNS validation in the first place). Any help would be appreciated! Are there any other tools that might show me better where things are failing? Letsencrypt log below. [s6-init] making user provided files available at /var/run/s6/etc...exited 0. [s6-init] ensuring user provided files have correct perms...exited 0. [fix-attrs.d] applying ownership & permissions fixes... [fix-attrs.d] done. [cont-init.d] executing container initialization scripts... [cont-init.d] 10-adduser: executing... ------------------------------------- _ () | | ___ _ __ | | / __| | | / \ | | \__ \ | | | () | |_| |___/ |_| \__/ Brought to you by linuxserver.io We gratefully accept donations at: https://www.linuxserver.io/donate/ ------------------------------------- GID/UID ------------------------------------- User uid: 99 User gid: 100 ------------------------------------- [cont-init.d] 10-adduser: exited 0. [cont-init.d] 20-config: executing... [cont-init.d] 20-config: exited 0. [cont-init.d] 30-keygen: executing... using keys found in /config/keys [cont-init.d] 30-keygen: exited 0. [cont-init.d] 50-config: executing... Variables set: PUID=99 PGID=100 TZ=America/New_York URL=REDACTED.net SUBDOMAINS=wildcard EXTRA_DOMAINS= ONLY_SUBDOMAINS=true DHLEVEL=2048 VALIDATION=dns DNSPLUGIN=cloudflare [email protected] STAGING= 2048 bit DH parameters present SUBDOMAINS entered, processing Wildcard cert for only the subdomains of REDACTED.net will be requested E-mail address entered: [email protected] dns validation via cloudflare plugin is selected Certificate exists; parameters unchanged; starting nginx creating GeoIP2 database [cont-init.d] 50-config: exited 0. [cont-init.d] 99-custom-files: executing... [custom-init] no custom files found exiting... [cont-init.d] 99-custom-files: exited 0. [cont-init.d] done. [services.d] starting services [services.d] done. nginx: [alert] detected a LuaJIT version which is not OpenResty's; many optimizations will be disabled and performance will be compromised (see https://github.com/openresty/luajit2 for OpenResty's LuaJIT or, even better, consider using the OpenResty releases from https://openresty.org/en/download.html) nginx: [error] lua_load_resty_core failed to load the resty.core module from https://github.com/openresty/lua-resty-core; ensure you are using an OpenResty release from https://openresty.org/en/download.html (rc: 2, reason: module 'resty.core' not found: no field package.preload['resty.core'] no file './resty/core.lua' no file '/usr/share/luajit-2.1.0-beta3/resty/core.lua' no file '/usr/local/share/lua/5.1/resty/core.lua' no file '/usr/local/share/lua/5.1/resty/core/init.lua' no file '/usr/share/lua/5.1/resty/core.lua' no file '/usr/share/lua/5.1/resty/core/init.lua' no file '/usr/share/lua/common/resty/core.lua' no file '/usr/share/lua/common/resty/core/init.lua' no file './resty/core.so' no file '/usr/local/lib/lua/5.1/resty/core.so' no file '/usr/lib/lua/5.1/resty/core.so' no file '/usr/local/lib/lua/5.1/loadall.so' no file './resty.so' no file '/usr/local/lib/lua/5.1/resty.so' no file '/usr/lib/lua/5.1/resty.so' no file '/usr/local/lib/lua/5.1/loadall.so') Server ready Quote Link to comment
Chandler Posted October 21, 2019 Share Posted October 21, 2019 Hi, I have LetsEncrypt working with a few dockers already. However, with Pydio, I get *1 pydio could not be resolved (3: Host not found). Here is my conf: # make sure that your dns has a cname set for pydio and that your pydio container is not using a base url server { listen 443 ssl; listen [::]:443 ssl; server_name pydio.*; include /config/nginx/ssl.conf; client_max_body_size 0; # enable for ldap auth, fill in ldap details in ldap.conf #include /config/nginx/ldap.conf; location / { # enable the next two lines for http auth #auth_basic "Restricted"; #auth_basic_user_file /config/nginx/.htpasswd; # enable the next two lines for ldap auth #auth_request /auth; #error_page 401 =200 /login; include /config/nginx/proxy.conf; resolver 127.0.0.11 valid=30s; set $upstream_pydio pydio; proxy_pass https://$upstream_pydio:4436; } } The only thing I changed in here was the port. The name of the container matches the conf case sensitive. The network type is the same as the other dockers that are working. Any ideas? Quote Link to comment
aptalca Posted October 21, 2019 Share Posted October 21, 2019 16 minutes ago, Chandler said: Hi, I have LetsEncrypt working with a few dockers already. However, with Pydio, I get *1 pydio could not be resolved (3: Host not found). Here is my conf: # make sure that your dns has a cname set for pydio and that your pydio container is not using a base url server { listen 443 ssl; listen [::]:443 ssl; server_name pydio.*; include /config/nginx/ssl.conf; client_max_body_size 0; # enable for ldap auth, fill in ldap details in ldap.conf #include /config/nginx/ldap.conf; location / { # enable the next two lines for http auth #auth_basic "Restricted"; #auth_basic_user_file /config/nginx/.htpasswd; # enable the next two lines for ldap auth #auth_request /auth; #error_page 401 =200 /login; include /config/nginx/proxy.conf; resolver 127.0.0.11 valid=30s; set $upstream_pydio pydio; proxy_pass https://$upstream_pydio:4436; } } The only thing I changed in here was the port. The name of the container matches the conf case sensitive. The network type is the same as the other dockers that are working. Any ideas? Why did you change the port? Don't do things the conf doesn't tell you to do Quote Link to comment
Chandler Posted October 21, 2019 Share Posted October 21, 2019 2 minutes ago, aptalca said: Why did you change the port? Don't do things the conf doesn't tell you to do Because the default port in the conf is not what my container is running on. Quote Link to comment
saarg Posted October 21, 2019 Share Posted October 21, 2019 3 hours ago, Chandler said: Because the default port in the conf is not what my container is running on. The port is the internal one for the container. Not the one you change to your need. Quote Link to comment
Chandler Posted October 21, 2019 Share Posted October 21, 2019 (edited) 7 hours ago, saarg said: The port is the internal one for the container. Not the one you change to your need. Well whether I put 443 or 4436 in the conf, neither work. Same error with each. Edited October 21, 2019 by Chandler Quote Link to comment
war1000 Posted October 23, 2019 Share Posted October 23, 2019 (edited) Hi Everyone, I have tried to fix this myself for a few days and I have failed. So looking for some guidance. If this is not the right forum, please let me know and I will go to the UnRaid forum and ask there. 1. So I use UnRaid 6.7.2 and I installed the Letsencrypt docker app. I also installed nextcloud and sonarr. 2. I bought a domain irisnet.ga and I have put two CNAME in there. sonarr.irisnet.ga and nextcloud.irisnet.ga 3. I used dns certificate method in the Letsencrypt to generate the certificate and it generates for the two subdomains. http method doesn't work as the challenge fails. My port 80 might be blocked. Not sure about this one. 4. I followed spaceinvaders youtube videos to setup the reverse proxy for both of the nextcloud and sonarr. However, seems like in cloudflare is not able to reach my server when I type in https://nextcloud.irisnet.ga for example. I get a 522 error. Router Setup Cloudflare Setup Docker Setup Letsencrypt Output [s6-init] making user provided files available at /var/run/s6/etc…exited 0. [s6-init] ensuring user provided files have correct perms…exited 0. [fix-attrs.d] applying ownership & permissions fixes… [fix-attrs.d] done. [cont-init.d] executing container initialization scripts… [cont-init.d] 10-adduser: executing… _ () | | ___ _ __ | | / | | | / | | _ \ | | | () | || |/ || __/ Brought to you by linuxserver.io We gratefully accept donations at: https://www.linuxserver.io/donate/ GID/UID User uid: 99 User gid: 100 [cont-init.d] 10-adduser: exited 0. [cont-init.d] 20-config: executing… [cont-init.d] 20-config: exited 0. [cont-init.d] 30-keygen: executing… using keys found in /config/keys [cont-init.d] 30-keygen: exited 0. [cont-init.d] 50-config: executing… Variables set: PUID=99 PGID=100 TZ=America/New_York URL=irisnet.ga SUBDOMAINS=sonarr,nextcloud EXTRA_DOMAINS= ONLY_SUBDOMAINS=true DHLEVEL=2048 VALIDATION=dns DNSPLUGIN=cloudflare [email protected] STAGING= 2048 bit DH parameters present SUBDOMAINS entered, processing SUBDOMAINS entered, processing Only subdomains, no URL in cert Sub-domains processed are: -d sonarr.irisnet.ga -d nextcloud.irisnet.ga E-mail address entered: @.com dns validation via cloudflare plugin is selected Certificate exists; parameters unchanged; starting nginx [cont-init.d] 50-config: exited 0. [cont-init.d] 99-custom-files: executing… [custom-init] no custom files found exiting… [cont-init.d] 99-custom-files: exited 0. [cont-init.d] done. [services.d] starting services [services.d] done. nginx: [alert] detected a LuaJIT version which is not OpenResty’s; many optimizations will be disabled and performance will be compromised (see https://github.com/openresty/luajit2 for OpenResty’s LuaJIT or, even better, consider using the OpenResty releases from https://openresty.org/en/download.html) nginx: [error] lua_load_resty_core failed to load the resty.core module from https://github.com/openresty/lua-resty-core; ensure you are using an OpenResty release from https://openresty.org/en/download.html (rc: 2, reason: module ‘resty.core’ not found: no field package.preload[‘resty.core’] no file ‘./resty/core.lua’ no file ‘/usr/share/luajit-2.1.0-beta3/resty/core.lua’ no file ‘/usr/local/share/lua/5.1/resty/core.lua’ no file ‘/usr/local/share/lua/5.1/resty/core/init.lua’ no file ‘/usr/share/lua/5.1/resty/core.lua’ no file ‘/usr/share/lua/5.1/resty/core/init.lua’ no file ‘/usr/share/lua/common/resty/core.lua’ no file ‘/usr/share/lua/common/resty/core/init.lua’ no file ‘./resty/core.so’ no file ‘/usr/local/lib/lua/5.1/resty/core.so’ no file ‘/usr/lib/lua/5.1/resty/core.so’ no file ‘/usr/local/lib/lua/5.1/loadall.so’ no file ‘./resty.so’ no file ‘/usr/local/lib/lua/5.1/resty.so’ no file ‘/usr/lib/lua/5.1/resty.so’ no file ‘/usr/local/lib/lua/5.1/loadall.so’) Server ready ===================================================== I am a bit lost at this point. Would anyone please point me in the right direction? Thank you! Update: I requested help on the Letsencrypt forum and confirmed that the certificates are getting generated. Cloudflare not able to reach my ip. or I am not able to get past my router. Because for example if I type in http://192.168.1.145:8989/ i can hit sonarr. But if I type in https://irisnet.duckdns.org:8989 or https://sonarr.irisnet.ga or https://sonarr.irisnet.ga:8989 it doesn’t go anywhere. Same with the nextcloud. I can reach with the internal ip. So if the certificates are working, the issue is either the router port is not redirecting traffic on 443 to 1443 or Letsencrypt is not forwarding to the right docker. If anyone has any troubleshooting tips, please let me know. On another note, the virgil (hassio on raspberry pi) when I tried DuckDNS with Letsencrypt, I am able to reach it using https://irisnet.duckdns.org:8123 Edited October 23, 2019 by war1000 added additional update Quote Link to comment
Marshalleq Posted October 23, 2019 Share Posted October 23, 2019 (edited) 16 hours ago, war1000 said: I am a bit lost at this point. Would anyone please point me in the right direction? Thank you! Update: I requested help on the Letsencrypt forum and confirmed that the certificates are getting generated. Cloudflare not able to reach my ip. or I am not able to get past my router. Because for example if I type in http://192.168.1.145:8989/ i can hit sonarr. But if I type in https://irisnet.duckdns.org:8989 or https://sonarr.irisnet.ga or https://sonarr.irisnet.ga:8989 it doesn’t go anywhere. Same with the nextcloud. I can reach with the internal ip. So if the certificates are working, the issue is either the router port is not redirecting traffic on 443 to 1443 or Letsencrypt is not forwarding to the right docker. If anyone has any troubleshooting tips, please let me know. On another note, the virgil (hassio on raspberry pi) when I tried DuckDNS with Letsencrypt, I am able to reach it using https://irisnet.duckdns.org:8123 Hey, I don't use duckdns because I have a fixed IP, but I have got Nextcloud running. I had this issue at the beginning too. Also, the LuaJIT / restycore error at the end of your letsencrypt log is apparently perfectly normal (I think it's just a docker issue and I have it too), so don't worry about that. What I suggest you do is turn off the 'cloudflare proxy' setting for any non-working cname. I'm not actually sure how duckdns works, but to start with I'd suggest you also turn of any cloudflare proxy setting to do with duckdns set up as well. You can gradually turn them on later to test which ones work. I found some apps are OK, others are not. I found I got a 'too many redirects' error with this turned on - and if you're using duckdns it's probably going to be even more redirects. Also, I found I had to wait quite some time (up to a day maybe) after turning this off for it to take effect. The proxy feature hides the IP address of the real host by providing a cloudflare one, then redirecting it. I've read that enabling strict HTTPS can help this issue, (as normally it only occurs when using https, which everyone either does or should now). I suspect this will get you working, then if you ever manage to move that forward more so that you can get the proxy enabled as well, please let me know cause I haven't managed to yet! Also, don't worry about turning off the proxy setting too much - this is the way most people run their DNS - it's a great feature but not absolutely necessary. You'd be better spent ensuring you have a real firewall installed like OPNsense or similar. Let me know if you need any more help and good luck!! Thanks, Marshalleq Edited October 23, 2019 by Marshalleq Quote Link to comment
war1000 Posted October 23, 2019 Share Posted October 23, 2019 16 minutes ago, Marshalleq said: Hey, I don't use duckdns because I have a fixed IP, but I have got Nextcloud running. I had this issue at the beginning too. Also, the LuaJIT / restycore error at the end of your letsencrypt log is apparently perfectly normal (I think it's just a docker issue and I have it too), so don't worry about that. What I suggest you do is turn off the 'cloudflare proxy' setting for any non-working cname. I'm not actually sure how duckdns works, but to start with I'd suggest you also turn of any cloudflare proxy setting to do with duckdns set up as well. You can gradually turn them on later to test which ones work. I found some apps are OK, others are not. I found I got a 'too many redirects' error with this turned on - and if you're using duckdns it's probably going to be even more redirects. Also, I found I had to wait quite some time (up to a day maybe) after turning this off for it to take effect. The proxy feature hides the IP address of the real host by providing a cloudflare one, then redirecting it. I've read that enabling strict HTTPS can help this issue, (as normally it only occurs when using https, which everyone either does or should now). I suspect this will get you working, then if you ever manage to move that forward more so that you can get the proxy enabled as well, please let me know cause I haven't managed to yet! Also, don't worry about turning off the proxy setting too much - this is the way most people run their DNS - it's a great feature but not absolutely necessary. You'd be better spent ensuring you have a real firewall installed like OPNsense or similar. Let me know if you need any more help and good luck!! Thanks, Marshalleq Thank you very much for your reply. I am going to try your recommendation. The made the following change to keep things clean. Cloudflare: DuckDNS: I am not sure about the enabling strict https setting but I will research. I think you are right about the proxy part. Because the DuckDNS on the hassio works as it goes to duckdns only and not through cloudflare. I will keep monitoring and report back tonight. Thank you for the direction here. Quote Link to comment
Marshalleq Posted October 23, 2019 Share Posted October 23, 2019 Yes, it was rather frustrating this one! I'm sure between the two of us we can get you sorted. 1 Quote Link to comment
war1000 Posted October 23, 2019 Share Posted October 23, 2019 10 minutes ago, war1000 said: Thank you very much for your reply. I am going to try your recommendation. The made the following change to keep things clean. Cloudflare: DuckDNS: I am not sure about the enabling strict https setting but I will research. I think you are right about the proxy part. Because the DuckDNS on the hassio works as it goes to duckdns only and not through cloudflare. I will keep monitoring and report back tonight. Thank you for the direction here. Ok setting the cloudflare to dns more returns the right ip if I ping sonarr.irisnet.ga for example. I am pretty sure something is not converting at the router. Since I have my port 443 redirected to the UnRaid server port 1443, is there anyway I could test if a service is available on port 443 directly from the internet? i.e. If I turn off Letsencrypt, then change the port for Sonarr to 443? I am just want to confirm that I can access a service directly on the port. Right now when Letsencrypt is running, I can see the port open using and online port checker. Quote Link to comment
Marshalleq Posted October 23, 2019 Share Posted October 23, 2019 (edited) With this I found I had to be carefeul - just because it's returning the right address on one machine, doesn't mean it's returning the right address in all cases, and if it's not, it won't work. Cloudflare is pretty good with speedy DNS updates, but I found I had to wait for this particular change. Are you pinging from the server or the client? Also, I assume you're testing via some external internet connection such as tethering through your phone? If so, checking that IP address pings correctly is important. At this point I'd suggest looking at the active logs of both the letsencrypt docker and the particular app you're going to e.g. nextcloud wihtin the appdata directory or equivalent. I found I could see issues in there fairly easily. Also the logs in the GUI of the docker container on the docker page in unraid. Edited October 23, 2019 by Marshalleq Quote Link to comment
war1000 Posted October 23, 2019 Share Posted October 23, 2019 32 minutes ago, Marshalleq said: With this I found I had to be carefeul - just because it's returning the right address on one machine, doesn't mean it's returning the right address in all cases, and if it's not, it won't work. Cloudflare is pretty good with speedy DNS updates, but I found I had to wait for this particular change. Are you pinging from the server or the client? Also, I assume you're testing via some external internet connection such as tethering through your phone? If so, checking that IP address pings correctly is important. At this point I'd suggest looking at the active logs of both the letsencrypt docker and the particular app you're going to e.g. nextcloud wihtin the appdata directory or equivalent. I found I could see issues in there fairly easily. Also the logs in the GUI of the docker container on the docker page in unraid. Thanks for the reply. No I am testing from within my network. I will test it via the phone tonight. My network setup is pretty standard, 5 computers behind the router. 3 plugged into the router and 2 laptops (there are also phones). 1 server (UnRaid), 1 pc (Windows 10), 1 raspberry pi (Hassio), 2 laptops (Windows 10). I have a laptop that I can use to tether with the phone. Before I do this, I have disconnected hassio so it doesn't ping out when I test. I am also going to redo the nextcloud configs to make it match the spaceinvader setup. I will post the setting here for review. Quote Link to comment
Marshalleq Posted October 23, 2019 Share Posted October 23, 2019 For within your network, it's likely best to create a static DNS record, with the same domain name you're using and point that at your INTERNAL nextcloud / unraid address. So: Unraid needs to have the correct IP for the domain Cloudflare needs to have the correct IP for the domain The proxy setting in cloudflare should be off You need to give it time for the new cloudflare setting to propagate to the DNS servers on the internet (which will include the DNS server at whatever phone provider you are using AND the DNS server that your home router is using) Internal devices either need the internal DNS updated or some router trickery which you may or may not have, which is why I suggest adding this manually for now If you can't figure out how to do this in the router, for testing purposes you can test by just pastin the internal unraid / letsencrypt IP and DNS record into your clients hosts file. Be sure you clear the DNS cache on the local client each time you change this as it will always remember the last setting. Hope that helps. Quote Link to comment
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.