Jump to content
linuxserver.io

[Support] Linuxserver.io - Letsencrypt (Nginx)

3700 posts in this topic Last Reply

Recommended Posts

linuxserver_medium.png

 

Application Name: Letsencrypt (Nginx)

Application Site: https://letsencrypt.org/ https://www.nginx.com/

Docker Hub: https://hub.docker.com/r/linuxserver/letsencrypt/

Github: https://github.com/linuxserver/docker-letsencrypt

 

Please post any questions/issues relating to this docker you have in this thread.

 

If you are not using Unraid (and you should be!) then please do not post here, instead head to linuxserver.io to see how to get support.

Edited by linuxserver.io
  • Like 1
  • Upvote 3

Share this post


Link to post

If someone wants to migrate to this container, what differences are there between this and the Nginx-letsencrypt by aptalca?

 

Does this container have Perl-FastCGI baked in?

Share this post


Link to post

If someone wants to migrate to this container, what differences are there between this and the Nginx-letsencrypt by aptalca?

 

This is based on Alpine Linux not Phusion, so considerably smaller (46MB vs 243MB).  It's not a drop in replacement as some of the folder/file structure is slightly different, but if you pull both of them to different appdata folders it's pretty easy to figure out.  I've been playing around with this for a month or two now and that's what I did.  For the record, this was written by Aptalca as well.

 

Does this container have Perl-FastCGI baked in?

 

Not that I'm aware of, I guess you could pull a tagged release

 

linuxserver/letsencrypt:13

 

and then

 

docker exec -it letsencrypt apk add --no-cache perl-fcgi

 

And I'm pretty sure that will survive the weekly update, leaving you to update manually when you see fit.

 

Or even set it up on a cron job I guess, or a user script using Squids plugin to update after each weekly update.

Share this post


Link to post

Has anyone tried to use this with CloudFlare?

 

I've set up my domain to use CloudFlare, and when I installed the docker, it couldn't be set up correctly because it's resolving my domain into CloudFlare's IP. I can't get the SSL certificates going because it's not my home IP.

 

I understand this is a CloudFlare issue, I am trying out disabling their caching and all the functions. Not sure how long it takes for that to come into effect.

 

Just wondering if anyone has tried this with CloudFlare and how they did it.

 

And a separate question: In the docker settings you're suppose to enter a URL. It doesn't take an IP. I know an IP defeats the purpose of DDNS, I really just want the reverse proxy function since my company prevents me from accessing a DDNS like DuckDNS. I'd be equally happy accessing my server with http://IP/sonarr .

Share this post


Link to post

Has anyone tried to use this with CloudFlare?

 

I've set up my domain to use CloudFlare, and when I installed the docker, it couldn't be set up correctly because it's resolving my domain into CloudFlare's IP. I can't get the SSL certificates going because it's not my home IP.

 

I understand this is a CloudFlare issue, I am trying out disabling their caching and all the functions. Not sure how long it takes for that to come into effect.

 

Just wondering if anyone has tried this with CloudFlare and how they did it.

 

And a separate question: In the docker settings you're suppose to enter a URL. It doesn't take an IP. I know an IP defeats the purpose of DDNS, I really just want the reverse proxy function since my company prevents me from accessing a DDNS like DuckDNS. I'd be equally happy accessing my server with http://IP/sonarr .

 

I would imagine you'd need to turn off cloudflare to create the certs.

Share this post


Link to post

I think I've turned off the caching and all the extra features that would divert traffic to CloudFlare but my domain is still resolving to CloudFlare's IP. Unless it takes some time for those to come into effect.

 

Or did you mean to remove my domain from CloudFlre entirely, try to get the SSL certs, and then put my domain on CloudFlare?

Share this post


Link to post

I think I've turned off the caching and all the extra features that would divert traffic to CloudFlare but my domain is still resolving to CloudFlare's IP. Unless it takes some time for those to come into effect.

 

Or did you mean to remove my domain from CloudFlre entirely, try to get the SSL certs, and then put my domain on CloudFlare?

 

I can't remember as I gave up on Cloudflare a while ago as it caused issues.  But if your domain is resolving to Cloudflare IP then that needs to be changed as per the readme.

 

Before running this container, make sure that the url and subdomains are properly forwarded to this container's host.

 

 

Share this post


Link to post

Ok thank you. I'll try my second option and see what happens.

 

 

Regarding my second question, is there a way to use this with an IP instead of a domain? Just to get reverse proxy working with something like http://IP/sonarr ?

Share this post


Link to post

Ok thank you. I'll try my second option and see what happens.

 

Regarding my second question, is there a way to use this with an IP instead of a domain? Just to get reverse proxy working with something like http://IP/sonarr ?

 

A quick search....

Share this post


Link to post

Ok thank you. I'll try my second option and see what happens.

 

 

Regarding my second question, is there a way to use this with an IP instead of a domain? Just to get reverse proxy working with something like http://IP/sonarr ?

Unless you are an ISP or a large organization, you don't own any public IP's. And no, you can't get SSL certificates for things you don't "own".

Share this post


Link to post

Ok thank you. I'll try my second option and see what happens.

 

 

Regarding my second question, is there a way to use this with an IP instead of a domain? Just to get reverse proxy working with something like http://IP/sonarr ?

Unless you are an ISP or a large organization, you don't own any public IP's. And no, you can't get SSL certificates for things you don't "own".

 

I can't recommend getting your own domain name enough tbh.  Mine only cost me about $10 iirc for a year.

Share this post


Link to post

Unless you are an ISP or a large organization, you don't own any public IP's. And no, you can't get SSL certificates for things you don't "own".

 

Ah I get it now. The cert is registered to a domain I can own, not to a dynamic IP that my ISP assigns me.

 

I can't recommend getting your own domain name enough tbh.  Mine only cost me about $10 iirc for a year.

 

I do have an existing domain I can use, it's just that I'm running into set up problem because I'm using CloudFlare's DNS with it. And I'm using CloudFlare because I found a CloudFlare DDNS docker for unRAID: https://lime-technology.com/forum/index.php?topic=40553.0

 

And I'm going through all these because I can't access sub.duckdns.org from work.

 

 

I'm using CloudFlare's DNS with it because I found a CloudFlare DDNS docker for unRAID.

 

Do you know of other free DDNS service that can be used with your own domain instead of a sub like duckdns.org?

Share this post


Link to post

Thank you, I'm googling for free DDNS services I can use with it. I think there's a ddclient docker for unraid too.

Share this post


Link to post

Thank you, I'm googling for free DDNS services I can use with it. I think there's a ddclient docker for unraid too.

 

There is a ddclient docker, it's what I've been using.  Who did you purchase your domain name from?

Share this post


Link to post

Hmmm from https://hostpc.com/ . I'm not even sure how I picked them, but I have three domains with them for more than 10 years now.

 

Are you using a free DDNS service with the DDClient docker?

Share this post


Link to post

Hmmm from https://hostpc.com/ . I'm not even sure how I picked them, but I have three domains with them for more than 10 years now.

 

Are you using a free DDNS service with the DDClient docker?

 

I think they look like a reseller?

 

You need to find out who the registrar is that your domain name is with.  Mine is with namecheap.

Share this post


Link to post

Looks like mine is enom.

 

I managed to turn off the HTTP caching part of CloudFlare and only use its DNS. The domain resolves back to my home IP now. I'll give this another shot and hopefully this time it'll set up right.

 

Thanks again and sorry for the off-topic. Looking forward to trying this docker. Was previously using Aptalca's previous docker and thought if this is smaller why not.

Share this post


Link to post

Looks like mine is enom.

 

I managed to turn off the HTTP caching part of CloudFlare and only use its DNS. The domain resolves back to my home IP now. I'll give this another shot and hopefully this time it'll set up right.

 

Thanks again and sorry for the off-topic. Looking forward to trying this docker. Was previously using Aptalca's previous docker and thought if this is smaller why not.

 

Cool, no problem.  Not only is this smaller, but as Aptalca has joined ls.io, development will be on this version going forward.

Share this post


Link to post

Very pleased to report I got this docker working with CloudFlare and my domain, everything is reverse proxying as they should.

 

It's also working with the NZBD360 app.

 

Once I figured out how to use CloudFlare only for DNS the docker setup was pretty straight forward.

 

Thanks for the work on this and the off-topic help earlier.

Share this post


Link to post

Somewhat off-topic, but I have a question I haven't been able to figure out with regards to registered domain names and dynamic dns services.

 

I have a domain name that I've had for years.  It's currently registered through Google Domains, but I could change that.  It's just sitting there, waiting for me to do something with it.

 

I also have (and currently use) a dynamic DNS service (dyn-dns) to point to my server from off network.  I'm on a Verizon FIOS connection here in the US and can't easily get a static IP without paying a fortune.

 

Ideally I'd like to ditch the subdomain.dyndns.com and move to my domain name and have it point to my unRaid server and Nginx. 

 

Is that even possible?  Or do I just stick with the subdomain.dyndns.com and register that with LetsEncrypt?

 

Thanks!

Share this post


Link to post

Can anyone help me configure and set up sites in Nginx?

 

I got the following docker apps installed:

 

letsencrypt;

1.1.1.3:8833

1.1.1.3:8181

 

nextcloud:

1.1.1.3:3443 resolved to cloud.domain.com

 

plex:

 

rutorrent:

1.1.1.3:8099 resolved to torrent.domain.com

1.1.1.3:45566

1.1.1.3:8089

1.1.1.3:9527

 

unifi:

1.1.1.3:8080 resolved to unifi.domain.com

1.1.1.3:8081

1.1.1.3:8443

Share this post


Link to post

Can anyone help me configure and set up sites in Nginx?

 

I got the following docker apps installed:

 

rutorrent:

1.1.1.3:8099 resolved to torrent.domain.com

1.1.1.3:45566

1.1.1.3:8089

1.1.1.3:9527

 

If you haven't done so yet you'd want to create a .htpasswd file and put that in /appdata/letsencrypt/ngins/

 

I learned this from reading and mimicking instructions from other people so I can only share what I did for rutorrent:

 

You have to edit /appdata/rutorrent/nginx/nginx.conf. Change

 

server {
listen 80 default_server;
        root /var/www/localhost/rutorrent;
index index.html index.htm index.php;

 

to

 

server {
listen 80 default_server;
        root /var/www/localhost;
index index.html index.htm index.php;

 

And then add to /appdata/letsencrypt/nginx/site-confs/default

 

#Config for ruTorrent
	location ^~ /ru {
		auth_basic "Restricted";
		auth_basic_user_file /config/nginx/.htpasswd;
		include /config/nginx/proxy.conf;
		proxy_pass http://your.internal.ip:port/rutorrent/;
	}

 

Share this post


Link to post

Ok thanks, but first things first - how do I access the /mnt/user/appdata folder from my mac? A long long time ago I used ubuntu and mounting sshfs was not that big a deal and CLI is not my happiest place to work.. :)

Share this post


Link to post

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.

Guest
Reply to this topic...

×   Pasted as rich text.   Restore formatting

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.