Jump to content
linuxserver.io

[Support] Linuxserver.io - Letsencrypt (Nginx)

3725 posts in this topic Last Reply

Recommended Posts

You're only supposed to rename the files, not move them to different folders. Documentation is pretty clear on that.

Share this post


Link to post

guys,

 

sorry for wasting your time.

 

all sorted now. I also changed the context path in the airsonic docker to work using airsonic.domain instead of the airsonic.domain/airsonic

 

I was making things way too complex, you guys did all the work. Thank you, thnak you for now loosing it with me :/

Share this post


Link to post
On 7/19/2019 at 8:02 PM, aptalca said:

I believe you need to change the remote port shown on there

Weird, that column is in the stock image but not on my actual router. I did try the remote port settings but I must have done it wrong initially because I tried it just now and it worked. Hopefully I can manage from here. Thanks for the help, I know I wasn't making things easy but I just really needed another set of eyes because I haven't been able to keep things straight lately.

Share this post


Link to post
On 7/15/2019 at 11:10 PM, aptalca said:

That command creates the credentials file. Then edit your site config files to enable it for whatever location you want

 

I'm trying this in the console for the letsencrypt docker.

 

I must be doing something wrong...

 

root@27g4c5326171:/# docker exec -it letsencrypt htpasswd -c /config/nginx/.htpasswd
sh: docker: not found
root@27g4c5326171:/# exec -it letsencrypt htpasswd -c /config/nginx/.htpasswd
sh: exec: illegal option -i
root@27g4c5326171:/#

 

Share this post


Link to post
4 hours ago, Lien1454 said:

 

I'm trying this in the console for the letsencrypt docker.

 

I must be doing something wrong...

 

root@27g4c5326171:/# docker exec -it letsencrypt htpasswd -c /config/nginx/.htpasswd
sh: docker: not found
root@27g4c5326171:/# exec -it letsencrypt htpasswd -c /config/nginx/.htpasswd
sh: exec: illegal option -i
root@27g4c5326171:/#

 

"docker exec -it letsencrypt" is used to run things things inside the container while you're on the host console, outside of the container.

 

If you're already inside the container, just run the part that starts with htpasswd

Share this post


Link to post

Hi, 

 

was there recently a change on Letsencrypt? Today my websites were broken, because the certificate was not renewed. Last Renewal was in April. In the Logs I cannot find an relating error, of course there are warnings, but I do not think they are responsible for the issue.

 

-------------------------------------
_ ()
| | ___ _ __
| | / __| | | / \
| | \__ \ | | | () |
|_| |___/ |_| \__/


Brought to you by linuxserver.io
We gratefully accept donations at:
https://www.linuxserver.io/donate/
-------------------------------------
GID/UID
-------------------------------------

User uid: 99
User gid: 100
-------------------------------------

[cont-init.d] 10-adduser: exited 0.
[cont-init.d] 20-config: executing...
[cont-init.d] 20-config: exited 0.
[cont-init.d] 30-keygen: executing...
using keys found in /config/keys
[cont-init.d] 30-keygen: exited 0.
[cont-init.d] 50-config: executing...
Variables set:
PUID=99
PGID=100
TZ=Europe/Berlin
URL=familie-ebner.at
SUBDOMAINS=cloud,tauchen,solar,ha,solar2,nr,nr2,wetter,wetter2,mqtt,
EXTRA_DOMAINS=cloud.ff-metnitz.at,slideshow.ff-metnitz.at,backup.ff-metnitz.at,
ONLY_SUBDOMAINS=true
DHLEVEL=2048
VALIDATION=http
DNSPLUGIN=
EMAIL=johannes@familie-ebner.at
STAGING=

2048 bit DH parameters present
SUBDOMAINS entered, processing
SUBDOMAINS entered, processing
Only subdomains, no URL in cert
Sub-domains processed are: -d cloud.familie-ebner.at -d tauchen.familie-ebner.at -d solar.familie-ebner.at -d ha.familie-ebner.at -d solar2.familie-ebner.at -d nr.familie-ebner.at -d nr2.familie-ebner.at -d wetter.familie-ebner.at -d wetter2.familie-ebner.at -d mqtt.familie-ebner.at
EXTRA_DOMAINS entered, processing
Extra domains processed are: -d cloud.ff-metnitz.at -d slideshow.ff-metnitz.at -d backup.ff-metnitz.at
E-mail address entered: johannes@familie-ebner.at
http validation is selected
Certificate exists; parameters unchanged; starting nginx
[cont-init.d] 50-config: exited 0.
[cont-init.d] 99-custom-files: executing...
[custom-init] no custom files found exiting...
[cont-init.d] 99-custom-files: exited 0.
[cont-init.d] done.
[services.d] starting services
[services.d] done.
nginx: [warn] the "ssl" directive is deprecated, use the "listen ... ssl" directive instead in /config/nginx/site-confs/ha.familie-ebner.at:42
nginx: [warn] the "ssl" directive is deprecated, use the "listen ... ssl" directive instead in /config/nginx/site-confs/mqtt.familie-ebner.at:42
nginx: [warn] the "ssl" directive is deprecated, use the "listen ... ssl" directive instead in /config/nginx/site-confs/nr.familie-ebner.at:42
nginx: [warn] the "ssl" directive is deprecated, use the "listen ... ssl" directive instead in /config/nginx/site-confs/nr2.familie-ebner.at:42
nginx: [warn] the "ssl" directive is deprecated, use the "listen ... ssl" directive instead in /config/nginx/site-confs/wetter.familie-ebner.at:42
nginx: [warn] the "ssl" directive is deprecated, use the "listen ... ssl" directive instead in /config/nginx/site-confs/wetter2.familie-ebner.at:42
nginx: [alert] detected a LuaJIT version which is not OpenResty's; many optimizations will be disabled and performance will be compromised (see https://github.com/openresty/luajit2 for OpenResty's LuaJIT or, even better, consider using the OpenResty releases from https://openresty.org/en/download.html)

nginx: [error] lua_load_resty_core failed to load the resty.core module from https://github.com/openresty/lua-resty-core; ensure you are using an OpenResty release from https://openresty.org/en/download.html (rc: 2, reason: module 'resty.core' not found:

no field package.preload['resty.core']
no file './resty/core.lua'
no file '/usr/share/luajit-2.1.0-beta3/resty/core.lua'
no file '/usr/local/share/lua/5.1/resty/core.lua'
no file '/usr/local/share/lua/5.1/resty/core/init.lua'
no file '/usr/share/lua/5.1/resty/core.lua'
no file '/usr/share/lua/5.1/resty/core/init.lua'
no file '/usr/share/lua/common/resty/core.lua'
no file '/usr/share/lua/common/resty/core/init.lua'
no file './resty/core.so'
no file '/usr/local/lib/lua/5.1/resty/core.so'
no file '/usr/lib/lua/5.1/resty/core.so'
no file '/usr/local/lib/lua/5.1/loadall.so'
no file './resty.so'
no file '/usr/local/lib/lua/5.1/resty.so'
no file '/usr/lib/lua/5.1/resty.so'
no file '/usr/local/lib/lua/5.1/loadall.so')
nginx: [warn] conflicting server name "wetter.familie-ebner.at" on 0.0.0.0:80, ignored
nginx: [warn] conflicting server name "wetter2.familie-ebner.at" on 0.0.0.0:80, ignored
nginx: [warn] conflicting server name "wetter.familie-ebner.at" on 0.0.0.0:443, ignored
nginx: [warn] conflicting server name "wetter2.familie-ebner.at" on 0.0.0.0:443, ignored
Server ready

 

Share this post


Link to post

Hi,

 

I have reverted back now the letsencrypt version, and I was able to fix all errors and warnings, except the last 4 warnings. But the certs are still not updated.

 

Br,

Johannes

Share this post


Link to post
25 minutes ago, ebnerjoh said:

Hi,

 

I have reverted back now the letsencrypt version, and I was able to fix all errors and warnings, except the last 4 warnings. But the certs are still not updated.

 

Br,

Johannes

Do you turn off the server at night? The renewal script is running at night.

You could try to add a subdomain and see if your certificate is renewed. If it is, remove the added subdomain.

Share this post


Link to post
7 minutes ago, saarg said:

Do you turn off the server at night? The renewal script is running at night.

You could try to add a subdomain and see if your certificate is renewed. If it is, remove the added subdomain.

Hi, no, I am not shutting down.

 

I got it now working by reverting back to an older Letsencrypt installation and running a "certbot renew" in the Docker-CLI.

 

I need to look in detail when I have more time.

Share this post


Link to post
1 hour ago, ebnerjoh said:

Hi, no, I am not shutting down.

 

I got it now working by reverting back to an older Letsencrypt installation and running a "certbot renew" in the Docker-CLI.

 

I need to look in detail when I have more time.

Don't run certbot manually. Simply adding or removing a subdomain is enough to trigger a renewal.

Share this post


Link to post
4 hours ago, ebnerjoh said:

Hi, no, I am not shutting down.

 

I got it now working by reverting back to an older Letsencrypt installation and running a "certbot renew" in the Docker-CLI.

 

I need to look in detail when I have more time.

Letsencrypt renewal attempt logs are in the config folder

Share this post


Link to post

Trying to get the Letsencrypt container working with a very standard setup but it doesn't seem to be listening on any ports.

I have the docker container configured with a bridge network, and port 81 and 444, with no conflicts.

 

Once it's running should I then be able to hit <UNRAIDIP>:81 and <UNRAIDIP>:444 ??

Or do a netstat inside the docker container and see it listening on those ports?

 

My port forwards from the outside are perfect but it's definitely not listening like I would expect :(

Share this post


Link to post
7 hours ago, zer0zer0 said:

Trying to get the Letsencrypt container working with a very standard setup but it doesn't seem to be listening on any ports.

I have the docker container configured with a bridge network, and port 81 and 444, with no conflicts.

 

Once it's running should I then be able to hit <UNRAIDIP>:81 and <UNRAIDIP>:444 ??

Or do a netstat inside the docker container and see it listening on those ports?

 

My port forwards from the outside are perfect but it's definitely not listening like I would expect :(

Hard for us to say anything when you haven't posted any log, docker run command or screenshot of port forwarding.

The nginx part isn't started until the certificate is created

Share this post


Link to post
2 hours ago, saarg said:

Hard for us to say anything when you haven't posted any log, docker run command or screenshot of port forwarding.

The nginx part isn't started until the certificate is created

🔮🔮🔮🔮

Share this post


Link to post
Posted (edited)
9 hours ago, saarg said:

Hard for us to say anything when you haven't posted any log, docker run command or screenshot of port forwarding.

The nginx part isn't started until the certificate is created

All I needed to know is if it should be listening or not, and you answered that perfectly! Thank you :D

 

I also noticed the actual container ports were stuck on port 81/444 for some reason, so I deleted and recreated it and it started up listening on 80/443, and also switched to dns validation, and things are working as expected now :)

Edited by zer0zer0

Share this post


Link to post

The only left over annoying part of this is going to 'jellyfin.website.com' doesn't redirect so it doesn't work. you have to manually enter in 'https://jellyfin.website.com'. I think I'm probably just missing a setting in NGINX but I haven't been able to find anything, anybody know how to fix this?

Share this post


Link to post
1 hour ago, FireFtw said:

The only left over annoying part of this is going to 'jellyfin.website.com' doesn't redirect so it doesn't work. you have to manually enter in 'https://jellyfin.website.com'. I think I'm probably just missing a setting in NGINX but I haven't been able to find anything, anybody know how to fix this?

Check the top of the default site config

Share this post


Link to post
Posted (edited)

Hello,

 

Has anyone been able to use pagespeed module with this container, as in just getting a so into the appadata folder and having nginx load it.

Edited by Kosmatik

Share this post


Link to post

Since a few weeks i'm using GeoIP2, but after the last two container updates, GeoLit2-City.mmdb couldn't been found.

In the container log I see the following message: [emerg] MMDB_open("/var/lib/libmaxminddb/GeoLite2-City.mmdb") failed - Error opening the specified MaxMind DB file in /config/nginx/nginx.conf:36. After manualy running .//etc/periodic/weekly/libmaxminddb everything works again.

 

Share this post


Link to post
6 hours ago, capino said:

Since a few weeks i'm using GeoIP2, but after the last two container updates, GeoLit2-City.mmdb couldn't been found.

In the container log I see the following message: [emerg] MMDB_open("/var/lib/libmaxminddb/GeoLite2-City.mmdb") failed - Error opening the specified MaxMind DB file in /config/nginx/nginx.conf:36. After manualy running .//etc/periodic/weekly/libmaxminddb everything works again.

 

I have a theory about that. Can you create an issue on the GitHub repo so we can track it easier?

Share this post


Link to post
Posted (edited)

hey guys!, i hope im in the right place as i am a noob to unraid and dockers which are awesome so far in my experience, i am trying to use this docker to install the web panel open game panel and i am missing php dependencies. here is what it is saying its missing, any ideas on how to make it work? is it an unraid issue or can it be added to this docker? any help is appreciated. 

 

Checking required file permissions:

includes/config.inc.phpOK

modules/TS3Admin/templates_cOK

Checking PHP version:

PHP Version >= 5.37.3.6

Checking required modules:

PHP XML-RPC moduleNot found

PHP Curl moduleFound

PHP XML ReaderFound

PHP JSON ExtensionFound

PHP Zip ExtensionFound

PHP mbstring ExtensionFound

Pear XXTEA

Found

Pear

Not found

file_get_contents()

Found

allow_url_fopen=on

Found

Checking optional modules:

PHP BCMath ExtensionNot found.

 

Thanks

Edited by crgcputech79

Share this post


Link to post
34 minutes ago, crgcputech79 said:

hey guys!, i hope im in the right place as i am a noob to unraid and dockers which are awesome so far in my experience, i am trying to use this docker to install the web panel open game panel and i am missing php dependencies. here is what it is saying its missing, any ideas on how to make it work? is it an unraid issue or can it be added to this docker? any help is appreciated. 

 

Checking required file permissions:

includes/config.inc.phpOK

modules/TS3Admin/templates_cOK

Checking PHP version:

PHP Version >= 5.37.3.6

Checking required modules:

PHP XML-RPC moduleNot found

PHP Curl moduleFound

PHP XML ReaderFound

PHP JSON ExtensionFound

PHP Zip ExtensionFound

PHP mbstring ExtensionFound

Pear XXTEA

Found

Pear

Not found

file_get_contents()

Found

allow_url_fopen=on

Found

Checking optional modules:

PHP BCMath ExtensionNot found.

 

Thanks

You can request php modules to be added and unless they're really fringe cases, we add them.

 

What exactly are you trying to set up?

Share this post


Link to post

Can anyone please tell me why I am seeing these wget errors in my log? Also any change of getting php7_ladap added to the container?

 

image.png.2181e4f7a388d070f5c3f43fefee8923.png

 

Thanks,

Share this post


Link to post

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.

Guest
Reply to this topic...

×   Pasted as rich text.   Restore formatting

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.