April 1, 20188 yr 1 hour ago, clause said: @d2dyno I tired forwarding my domain name to my duckdns and then removed subdomains, but it still isnt working. Are you sure there isn't something else running on port 81 on unraid? According to your log, letsencrypt servers cannot reach your container when they try to connect to your domain on port 80, which could be that your dns is not set up correctly, or duckdns is forwarding to the wrong ip, or your router is not forwarding to the correct lan ip or port, or your container is not listening on the right port. You can temporarily put up a regular nginx container (while letsencrypt container is down) with the same ports and try to connect to it through your domain on port 80 and see if you get the default placeholder page
April 1, 20188 yr pihole? anyone got this to work through nginx? I have it partially working, but it looks like only the html loads and not the php # Pihole location /pihole/ { proxy_pass http://192.168.11.10:80/admin/; proxy_set_header Host $host; proxy_set_header X-Real-IP $remote_addr; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; proxy_read_timeout 90; } This gets the page to load but the graphs and counters dont populate. developer tools tell me this when i hit f12 Failed to load resource: the server responded with a status of 404 (Not Found)https://domain.pw/pihole/api.php?overTimeData10mins Failed to load resource: the server responded with a status of 404 (Not Found) jquery.min.js:4 GET https://domain.pw/pihole/api.php?overTimeData10mins 404 (Not Found) I've been hacking away at this all day and just cant get it to work. Any help Please? Thanks Edited April 1, 20188 yr by Kube
April 2, 20188 yr 3 hours ago, aptalca said: Are you sure there isn't something else running on port 81 on unraid? According to your log, letsencrypt servers cannot reach your container when they try to connect to your domain on port 80, which could be that your dns is not set up correctly, or duckdns is forwarding to the wrong ip, or your router is not forwarding to the correct lan ip or port, or your container is not listening on the right port. You can temporarily put up a regular nginx container (while letsencrypt container is down) with the same ports and try to connect to it through your domain on port 80 and see if you get the default placeholder page I put up a regular nginx container with the same ports, and I was able to connect to it fine. Removed the nginx container and recreated the LE container, and still had the same error, so i think my forwarding is fine.
April 2, 20188 yr 1 hour ago, clause said: I put up a regular nginx container with the same ports, and I was able to connect to it fine. Removed the nginx container and recreated the LE container, and still had the same error, so i think my forwarding is fine. Try changing the config folder location to /mnt/cache or /mnt/disk (longshot)
April 2, 20188 yr 2 hours ago, clause said: I put up a regular nginx container with the same ports, and I was able to connect to it fine. Removed the nginx container and recreated the LE container, and still had the same error, so i think my forwarding is fine. I think I had the same problem... I had a variable in "show more settings" called HTTPVAL: - it was set to True as I had had to do that sometime in the past I believe. I changed it to "false" and started getting some stuff working. Haven't finished testing, but wanted to pass it on.
April 2, 20188 yr 1 hour ago, aptalca said: Try changing the config folder location to /mnt/cache or /mnt/disk (longshot) Tried that. Still no luck.
April 2, 20188 yr 4 minutes ago, bdillahu said: I think I had the same problem... I had a variable in "show more settings" called HTTPVAL: - it was set to True as I had had to do that sometime in the past I believe. I changed it to "false" and started getting some stuff working. Haven't finished testing, but wanted to pass it on. No HTTPVAL in my command. Here it is.root@localhost:# /usr/local/emhttp/plugins/dynamix.docker.manager/scripts/docker run -d --name='letsencrypt' --net='bridge' --privileged=true -e TZ="America/Los_Angeles" -e HOST_OS="unRAID" -e 'EMAIL'='XXXXXXXX' -e 'URL'='duckdns.org' -e 'SUBDOMAINS'='XXXXXXX,' -e 'ONLY_SUBDOMAINS'='true' -e 'DHLEVEL'='2048' -e 'VALIDATION'='http' -e 'DNSPLUGIN'='' -e 'PUID'='99' -e 'PGID'='100' -p '81:80/tcp' -p '444:443/tcp' -v '/mnt/cache/appdata/letsencrypt/':'/config':'rw' 'linuxserver/letsencrypt' d3a3282f734239ff8f7722288607e7cb56b6cd74a45022ed17f02f97b32a8b77The command finished successfully!
April 3, 20188 yr On 2.4.2018 at 12:47 AM, Kube said: pihole? anyone got this to work through nginx? I have it partially working, but it looks like only the html loads and not the php # Pihole location /pihole/ { proxy_pass http://192.168.11.10:80/admin/; proxy_set_header Host $host; proxy_set_header X-Real-IP $remote_addr; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; proxy_read_timeout 90; } This gets the page to load but the graphs and counters dont populate. developer tools tell me this when i hit f12 Failed to load resource: the server responded with a status of 404 (Not Found)https://domain.pw/pihole/api.php?overTimeData10mins Failed to load resource: the server responded with a status of 404 (Not Found) jquery.min.js:4 GET https://domain.pw/pihole/api.php?overTimeData10mins 404 (Not Found) I've been hacking away at this all day and just cant get it to work. Any help Please? Thanks Try location /admin/ instead You can also try with this rewrite (I haven't tried it) if ($http_referer ~* /pihole/) { rewrite ^/admin/(.*) /pihole/admin/$1? redirect; } Edited April 3, 20188 yr by GilbN
April 4, 20188 yr Hi, I have some troubles with LetsEncrypt. I got now several times an email, that my certs are expiring soon. So I checked the logs on LetsEncrypt and noticed the follwoing warning: Attempting to renew cert (xxx.yyy.com) from /etc/letsencrypt/... produced and unexpected error: Failed authorization procedure xxx.yyy.com (http-01): urn:acme:error:connection :: The server could not connect to the client to verify the domain. In the past I had issues after a LetsEncrypt-Update and I had to add the HTTPVAL Key with setting true. Regardless if I set it to false or true, it is still not working. Br, Johannes
April 4, 20188 yr 1 hour ago, ebnerjoh said: Hi, I have some troubles with LetsEncrypt. I got now several times an email, that my certs are expiring soon. So I checked the logs on LetsEncrypt and noticed the follwoing warning: Attempting to renew cert (xxx.yyy.com) from /etc/letsencrypt/... produced and unexpected error: Failed authorization procedure xxx.yyy.com (http-01): urn:acme:error:connection :: The server could not connect to the client to verify the domain. In the past I had issues after a LetsEncrypt-Update and I had to add the HTTPVAL Key with setting true. Regardless if I set it to false or true, it is still not working. Br, Johannes My mistake. I somehow removed the Portforwarding for Port 80 and only allowed 443. Added 80 and now it is working again. Br, Johannes
April 4, 20188 yr 6 hours ago, ebnerjoh said: My mistake. I somehow removed the Portforwarding for Port 80 and only allowed 443. Added 80 and now it is working again. Br, Johannes Also keep in mind that httpval is deprecated and replaced with "VALIDATION", which can be set to http or dns. So far it is still backwards compatible, but in the future, httpval support will get dropped
April 4, 20188 yr 1 hour ago, aptalca said: Also keep in mind that httpval is deprecated and replaced with "VALIDATION", which can be set to http or dns. So far it is still backwards compatible, but in the future, httpval support will get dropped Well crap, what page is that on? Nevermind I found it Edited April 4, 20188 yr by ijuarez resolved
April 4, 20188 yr 4 hours ago, ijuarez said: Well crap, what page is that on? Nevermind I found it Docker hub info, github page, blog post on the website
April 5, 20188 yr Two unRAID servers, a Plex docker on each machine, DuckDNS and LetsEncrypt on the first machine - how to do that? Below is my current configuration. Because I can open port 80/443 to one single machine only, I create redirections in the nginx default conf. My questions: - Is this ok/safe or is there a better way? - Plex on the second machine reports indirect connections only. Is there a way to get around that? - Please have a look at my proxy_pass settings. I use https there. Is this ok? Many thanks in advance. Router: port 80 (extern) --> port 81 (intern) port 443 (extern) --> port 444 (intern) DuckDNS subdomains t***1.duckdns.org t***2.duckdns.org DuckDNS container (on first unRAID machine): SUBDOMAINS: t***1,t***2 LetsEncrypt container (on first unRAID machine): Email: h***[email protected] Domainname: duckdns.org Subdomain(s): t***1 Only subdomains: true Plex network settings (on first machine): External URL: https://t***1.duckdns.org/plex01/ --> working perfect Plex network settings (on second machine): External URL: https://t***1.duckdns.org/plex02/ --> working indirect nginx/site-confs/default: - first machine is 192.168.178.35 - second machine is 192.168.178.34 Many thanks in advance. upstream backend { server 192.168.178.35:19999; keepalive 64; } server { listen 443 ssl default_server; listen 80 default_server; root /config/www; index index.html index.htm index.php; server_name _; ssl_certificate /config/keys/letsencrypt/fullchain.pem; ssl_certificate_key /config/keys/letsencrypt/privkey.pem; ssl_dhparam /config/nginx/dhparams.pem; ssl_ciphers '***'; ssl_prefer_server_ciphers on; client_max_body_size 0; location = / { return 301 /; } location /web { # serve the CSS code proxy_pass https://192.168.178.35:32400; } location /plex01 { # proxy request to plex server auth_basic "Restricted"; auth_basic_user_file /config/nginx/.htpasswd; include /config/nginx/proxy.conf; proxy_pass https://192.168.178.35:32400/web; } location /plex02 { # proxy request to plex server auth_basic "Restricted"; auth_basic_user_file /config/nginx/.htpasswd; include /config/nginx/proxy.conf; proxy_pass https://192.168.178.34:32400/web; } location ~ /netdata/(?<ndpath>.*) { proxy_set_header X-Forwarded-Host $host; proxy_set_header X-Forwarded-Server $host; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; proxy_pass http://backend/$ndpath$is_args$args; proxy_http_version 1.1; proxy_pass_request_headers on; proxy_set_header Connection "keep-alive"; proxy_store off; } }
April 5, 20188 yr 1 hour ago, nuhll said: Can this be used without using 443 and 80? If you use dns validation, yes
April 6, 20188 yr 15 hours ago, aptalca said: If you use dns validation, yes I guess, i cant use that with a free dns. I really dont like exposing 80 or 443 to the internet...
April 6, 20188 yr 1 hour ago, nuhll said: I guess, i cant use that with a free dns. I really dont like exposing 80 or 443 to the internet... Just get your own domain and point the name servers to cloudflare. It's free and works great. Then you can use whatever port you like
April 6, 20188 yr 5 hours ago, hawihoney said: Are the last two posts related to my questions? If yes, what does that mean? It was a separate question. Can't answer your question fully because I haven't reverse proxied plex, let alone two of them. At first look, it seems that the /web location is shared between both plex servers and all requests are forwarded to one and not the other. You might be better off proxying them via subdomains at the root so you don't have to worry about proxying additional subfolders like web. Change your URL in letsencrypt settings to yoursubdomain.duckdns.org, set only_subdomains to false (should have been that way from the start, but I guess you followed an external guide rather than the description in the container settings, it is specifically spelled out there). Then you can set the subdomains to plex1,plex2 In the default site config, use the first server block for plex1.yoursubdomain.duckdns.org and the second one for plex2 Edited April 6, 20188 yr by aptalca
April 6, 20188 yr 16 minutes ago, aptalca said: Just get your own domain and point the name servers to cloudflare. It's free and works great. Then you can use whatever port you like Yes, i thought about that, but.. i have dynamic ip. And also, i guess, letsencrypt needs to redo the cert at some time and will check again on 80 and 443, or not!?
April 6, 20188 yr 3 hours ago, nuhll said: Yes, i thought about that, but.. i have dynamic ip. And also, i guess, letsencrypt needs to redo the cert at some time and will check again on 80 and 443, or not!? Ddclient updates ip on cloudflare If you do dns validation, all renewals will also validate through dns, not through ports
April 6, 20188 yr 4 hours ago, aptalca said: Just get your own domain and point the name servers to cloudflare. It's free and works great. Then you can use whatever port you like hmmm this is an interesting way to do it. I like the fact you don't have to use ports, i don't use ddclient but pfsense will have to work that gem out.
April 6, 20188 yr Quote Change your URL in letsencrypt settings to yoursubdomain.duckdns.org, set only_subdomains to false (should have been that way from the start, but I guess you followed an external guide rather than the description in the container settings, it is specifically spelled out there). Then you can set the subdomains to plex1,plex2 In the default site config, use the first server block for plex1.yoursubdomain.duckdns.org and the second one for plex2 Could it be that easy? Wow, worked immediately. Out of the box. Have plex1.t***.duckdns.org and plex2.t***.duckdns.org now. Thanks a million. One last question - more Plex related: If I remove port forwarding of 3240x from my router Plex tells me about missing direct connection. I mean, what is that 3240x port used for if the connection works over 443? This one puzzles me a bit.
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.