aptalca Posted September 15, 2018 Share Posted September 15, 2018 1 hour ago, CyberMew said: Finally got mine to work, I had a previous 443 port forward rule pointing to another computer, no wonder connection was refused. However for some reason one of my subdomain cert is showing up as invalid, but no issues for the other 4 subdomains. Anyone has any idea why? Not enough info to go on Quote Link to comment
Jerky_san Posted September 17, 2018 Share Posted September 17, 2018 (edited) @linuxserver.io Any chance you could add SSLH to this docker? I want to be able to use ssh and website on the same port and it would let me if that one package was installed. Below is the package requested https://pkgs.alpinelinux.org/package/edge/testing/x86/sslh Below is what I'm trying to do: https://www.ostechnix.com/sslh-share-port-https-ssh/ Thanks Edited September 18, 2018 by Jerky_san Quote Link to comment
rhz Posted September 18, 2018 Share Posted September 18, 2018 Hi, Just wondering if anyone else is having an issue with Lets Encrypt that is not allowing access to the server externally? I can access my dockers through the reverse proxy on my internal network however when I try to access it externally or on my phone's network I get nothing but timeout issues. This used to be working I want to say just under 2 weeks ago and I haven't made any changes that I can think of that would affect it - the logs show no sign of error. Any ideas of where I can start looking? Quote Link to comment
Jerky_san Posted September 18, 2018 Share Posted September 18, 2018 5 hours ago, rhz said: Hi, Just wondering if anyone else is having an issue with Lets Encrypt that is not allowing access to the server externally? I can access my dockers through the reverse proxy on my internal network however when I try to access it externally or on my phone's network I get nothing but timeout issues. This used to be working I want to say just under 2 weeks ago and I haven't made any changes that I can think of that would affect it - the logs show no sign of error. Any ideas of where I can start looking? Almost sound like your forwarders aren't working on your router. Have you checked to make sure the ports are open internet facing? Quote Link to comment
rhz Posted September 19, 2018 Share Posted September 19, 2018 19 hours ago, Jerky_san said: Almost sound like your forwarders aren't working on your router. Have you checked to make sure the ports are open internet facing? I checked these today and found out that if I change the port forward to a random one (say 666), I can access it through https://server.name.com:666 Changing the service port back to 443 then kills it, so something, somewhere, is blocking 443, but I'm not quite sure where to start in checking what is blocking it. Quote Link to comment
Jerky_san Posted September 19, 2018 Share Posted September 19, 2018 4 hours ago, rhz said: I checked these today and found out that if I change the port forward to a random one (say 666), I can access it through https://server.name.com:666 Changing the service port back to 443 then kills it, so something, somewhere, is blocking 443, but I'm not quite sure where to start in checking what is blocking it. You probably need to check to make sure your ISP isn't blocking it. If it isn't perhaps you setup a VPN on your router that took the port? Quote Link to comment
ijuarez Posted September 19, 2018 Share Posted September 19, 2018 You probably need to check to make sure your ISP isn't blocking it. If it isn't perhaps you setup a VPN on your router that took the port?ISP will block port 80 but not 443 as it's https.Sent from my BND-L34 using Tapatalk Quote Link to comment
madaroda Posted September 19, 2018 Share Posted September 19, 2018 I configured the Let's Encrypt (nginx) docker with nzbget, organizr, sonarr, radarr, etc. dockers using my own domain. I can access all of those apps using https (https://nzbget.mydomain.com). But . . . I have lost access to the Unraid GUI. I get a 500 error on the GUI, and a "/etc/nginx/htpasswd" failed (13: Permission denied)" error in /var/log/nginx/error.log. I am trying to enter the GUI locally using http. I can SS=H into unraid, and all the docker apps are accessible. Just not the front end. Advice? Quote Link to comment
CHBMB Posted September 19, 2018 Share Posted September 19, 2018 4 minutes ago, madaroda said: I configured the Let's Encrypt (nginx) docker with nzbget, organizr, sonarr, radarr, etc. dockers using my own domain. I can access all of those apps using https (https://nzbget.mydomain.com). But . . . I have lost access to the Unraid GUI. I get a 500 error on the GUI, and a "/etc/nginx/htpasswd" failed (13: Permission denied)" error in /var/log/nginx/error.log. I am trying to enter the GUI locally using http. I can SS=H into unraid, and all the docker apps are accessible. Just not the front end. Advice? Using IP or hostname to access Unraid? Quote Link to comment
madaroda Posted September 19, 2018 Share Posted September 19, 2018 (edited) 6 minutes ago, CHBMB said: Using IP or hostname to access Unraid? Using internal IP will not work (gets the 500 error). Trying hostname (https://unraid.mydomain.com), which in DNS is a C record to mydomain.com (IP set via DDNS on router) just gives me the NGINX "Welcome to our server" page. Edited September 19, 2018 by madaroda Quote Link to comment
CHBMB Posted September 19, 2018 Share Posted September 19, 2018 Just now, madaroda said: Using internal IP will not work (gets the 500 error). Trying hostname (https://unraid.mydomain.com), which in DNS is a C record to mydomain.com (IP set via DDNS on router) just gives me the NGINX "Welcome to our server" page. Can you access it if you stop the LE container? Quote Link to comment
madaroda Posted September 19, 2018 Share Posted September 19, 2018 (edited) 2 hours ago, CHBMB said: Can you access it if you stop the LE container? I figured out how to stop a container in the CLI. Stopping Letsencrypt did not fix the issue. I assumed they were related because it happened right after the LE installation. So, here I am, most likely in the wrong thread, and no solution. Edited September 19, 2018 by madaroda Quote Link to comment
ijuarez Posted September 20, 2018 Share Posted September 20, 2018 I figured out how to stop a container in the CLI. Stopping Letsencrypt did not fix the issue. I assumed they were related because it happened right after the LE installation. So, here I am, most likely in the wrong thread, and no solution.So you made your unraid gui accessible to the internet via the LE container?Sent from my BND-L34 using Tapatalk Quote Link to comment
Jerky_san Posted September 21, 2018 Share Posted September 21, 2018 On 9/17/2018 at 1:33 PM, Jerky_san said: @linuxserver.io Any chance you could add SSLH to this docker? I want to be able to use ssh and website on the same port and it would let me if that one package was installed. Below is the package requested https://pkgs.alpinelinux.org/package/edge/testing/x86/sslh Below is what I'm trying to do: https://www.ostechnix.com/sslh-share-port-https-ssh/ Thanks @linuxserver.io any chance you could do this? Quote Link to comment
Spritzup Posted September 21, 2018 Share Posted September 21, 2018 Hey All, I'm having issue's using Nextcloud with the LetsEncrypt proxy. Basically I can hit the login page to nextcloud without issue, but when I go to login in, I keep getting "504 Gateway Time-out, nginx/1.14.0". Any thoughts on where I should be looking? This was working before. Thanks in advance! ~Spritz Quote Link to comment
Jerky_san Posted September 21, 2018 Share Posted September 21, 2018 3 hours ago, Spritzup said: Hey All, I'm having issue's using Nextcloud with the LetsEncrypt proxy. Basically I can hit the login page to nextcloud without issue, but when I go to login in, I keep getting "504 Gateway Time-out, nginx/1.14.0". Any thoughts on where I should be looking? This was working before. Thanks in advance! ~Spritz are you using the proxy-conf example or did you create your own? Quote Link to comment
Spritzup Posted September 21, 2018 Share Posted September 21, 2018 59 minutes ago, Jerky_san said: are you using the proxy-conf example or did you create your own? I am using the example that was created, and followed the instructions that were located within. ~Spritz Quote Link to comment
CyberMew Posted September 21, 2018 Share Posted September 21, 2018 On 9/16/2018 at 4:34 AM, aptalca said: Not enough info to go on Seems to be propagation or cache issues, all is good now. Thanks! Quote Link to comment
aptalca Posted September 21, 2018 Share Posted September 21, 2018 (edited) 9 hours ago, Jerky_san said: @linuxserver.io any chance you could do this? Not willing to route everything through sslh. You can add it yourself via mapping an init file into the /etc/cont-init.d folder Edited September 21, 2018 by aptalca Quote Link to comment
eurlin Posted September 21, 2018 Share Posted September 21, 2018 Hey guys, I've been using my Letsencrypt for most of my dockers under domain1.com dockers being ombi,organizr, chevereto, etc etc. I am currently trying to setup a wordpress site under my Nginx docker, and put it through the Lets encrypt docker for the reverse proxy, using a domain2.com. I'm having an issue where I try to set up the site conf "default" file to direct the root location to the nginx docker, but I don't know how to make it work. The root location is the appdata for the nginx docker, both /config and the docker made path for the /ngix-config cause the same issue of not sending the site outside the network. Wordpress does work just fine locally. Any and all help is appreciated. Quote Link to comment
Jerky_san Posted September 21, 2018 Share Posted September 21, 2018 1 hour ago, aptalca said: Not willing to route everything through sslh. You can add it yourself via mapping an init file into the /etc/cont-init.d folder Didn't think it would route through it unless you called it but also assumed everytime I update the docker it would wipe the module and I would have to redo it again. Quote Link to comment
aptalca Posted September 22, 2018 Share Posted September 22, 2018 8 hours ago, Jerky_san said: Didn't think it would route through it unless you called it but also assumed everytime I update the docker it would wipe the module and I would have to redo it again. Init file runs during container start. So you can put "apk add --no-cache sslh" in there and it will install if necessary during every container start. Quote Link to comment
harmjanr Posted September 22, 2018 Share Posted September 22, 2018 (edited) Hey all, I setup docker on my ubuntu 18.04 server, using portainer. To have reverse proxy including ssl setup, I used https://hub.docker.com/r/linuxserver/letsencrypt/. When I only had one domain setup, it was working great - the certificate and key was generated in my persisted volume. When I add more subdomains using the SUBDOMAINS env variable, it doesn't generate certificates for the new domains anymore. The home.mydomain.com/fullchain.pem is existing in the /etc/letsencrypt/live/ directory, the other subdomain files are not though. The log when starting up: -------------------------------------, _ (), | | ___ _ __, | | / __| | | / \ , | | \__ \ | | | () |, |_| |___/ |_| \__/, , , Brought to you by linuxserver.io, We gratefully accept donations at:, https://www.linuxserver.io/donate/, -------------------------------------, GID/UID, -------------------------------------, , User uid: 911, User gid: 911, -------------------------------------, , [cont-init.d] 10-adduser: exited 0., [cont-init.d] 20-config: executing... , [cont-init.d] 20-config: exited 0., [cont-init.d] 30-keygen: executing... , using keys found in /config/keys, [cont-init.d] 30-keygen: exited 0., [cont-init.d] 50-config: executing... , Variables set:, PUID=, PGID=, TZ=Netherlands/Amsterdam, URL=mydomain.com, SUBDOMAINS=home,plex,sonarr,radarr,domoticz, EXTRA_DOMAINS=, ONLY_SUBDOMAINS=true, DHLEVEL=2048, VALIDATION=http, DNSPLUGIN=, [email protected], STAGING=, , 2048 bit DH parameters present, SUBDOMAINS entered, processing, SUBDOMAINS entered, processing, Only subdomains, no URL in cert, Sub-domains processed are: -d home.mydomain.com -d plex.mydomain.com -d sonarr.mydomain.com -d radarr.mydomain.com -d domoticz.mydomain.com, E-mail address entered: [email protected], http validation is selected, Certificate exists; parameters unchanged; attempting renewal, <------------------------------------------------->, , <------------------------------------------------->, cronjob running on Fri Sep 21 14:33:57 UTC 2018, Running certbot renew, Saving debug log to /var/log/letsencrypt/letsencrypt.log, , - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -, Processing /etc/letsencrypt/renewal/home.mydomain.com.conf, - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -, Cert not yet due for renewal, , - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -, , The following certs are not due for renewal yet:, /etc/letsencrypt/live/home.mydomain.com/fullchain.pem expires on 2018-12-20 (skipped), No renewals were attempted., No hooks were run., - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -, [cont-init.d] 50-config: exited 0., [cont-init.d] done., [services.d] starting services, [services.d] done., nginx: [emerg] BIO_new_file("/etc/letsencrypt/live/domoticz.mydomain.com/fullchain.pem") failed (SSL: error:02FFF002:system library:func(4095):No such file or directory:fopen('/etc/letsencrypt/live/domoticz.mydomain.com/fullchain.pem', 'r') error:20FFF080:BIO routines:CRYPTO_internal:no such file), [21-Sep-2018 14:33:59] ERROR: unable to bind listening socket for address '127.0.0.1:9000': Address in use (98), [21-Sep-2018 14:33:59] ERROR: FPM initialization failed, This is my setup:https://rosk.am/share/2018-09-22_14-33-20.png Any clue how I can make all the subdomains work and make letsencrypt create the certificates for all subdomains? Another thing that I saw in the logs was "ERROR: FPM initialization failed". I had this one appearing as well when I had just 1 subdomain which was working. Can I safely ignore this error, or should I do anything to fix it? Edited September 22, 2018 by harmjanr Added small question. Quote Link to comment
trurl Posted September 22, 2018 Share Posted September 22, 2018 2 minutes ago, harmjanr said: I setup docker on my ubuntu 18.04 server From the very first post in this thread: Quote If you are not using Unraid (and you should be!) then please do not post here, instead head to linuxserver.io to see how to get support. Quote Link to comment
harmjanr Posted September 22, 2018 Share Posted September 22, 2018 Oh crap, sorry Quote Link to comment
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.