September 15, 20187 yr 1 hour ago, CyberMew said: Finally got mine to work, I had a previous 443 port forward rule pointing to another computer, no wonder connection was refused. However for some reason one of my subdomain cert is showing up as invalid, but no issues for the other 4 subdomains. Anyone has any idea why? Not enough info to go on
September 17, 20187 yr @linuxserver.io Any chance you could add SSLH to this docker? I want to be able to use ssh and website on the same port and it would let me if that one package was installed. Below is the package requested https://pkgs.alpinelinux.org/package/edge/testing/x86/sslh Below is what I'm trying to do: https://www.ostechnix.com/sslh-share-port-https-ssh/ Thanks Edited September 18, 20187 yr by Jerky_san
September 18, 20187 yr Hi, Just wondering if anyone else is having an issue with Lets Encrypt that is not allowing access to the server externally? I can access my dockers through the reverse proxy on my internal network however when I try to access it externally or on my phone's network I get nothing but timeout issues. This used to be working I want to say just under 2 weeks ago and I haven't made any changes that I can think of that would affect it - the logs show no sign of error. Any ideas of where I can start looking?
September 18, 20187 yr 5 hours ago, rhz said: Hi, Just wondering if anyone else is having an issue with Lets Encrypt that is not allowing access to the server externally? I can access my dockers through the reverse proxy on my internal network however when I try to access it externally or on my phone's network I get nothing but timeout issues. This used to be working I want to say just under 2 weeks ago and I haven't made any changes that I can think of that would affect it - the logs show no sign of error. Any ideas of where I can start looking? Almost sound like your forwarders aren't working on your router. Have you checked to make sure the ports are open internet facing?
September 19, 20187 yr 19 hours ago, Jerky_san said: Almost sound like your forwarders aren't working on your router. Have you checked to make sure the ports are open internet facing? I checked these today and found out that if I change the port forward to a random one (say 666), I can access it through https://server.name.com:666 Changing the service port back to 443 then kills it, so something, somewhere, is blocking 443, but I'm not quite sure where to start in checking what is blocking it.
September 19, 20187 yr 4 hours ago, rhz said: I checked these today and found out that if I change the port forward to a random one (say 666), I can access it through https://server.name.com:666 Changing the service port back to 443 then kills it, so something, somewhere, is blocking 443, but I'm not quite sure where to start in checking what is blocking it. You probably need to check to make sure your ISP isn't blocking it. If it isn't perhaps you setup a VPN on your router that took the port?
September 19, 20187 yr You probably need to check to make sure your ISP isn't blocking it. If it isn't perhaps you setup a VPN on your router that took the port?ISP will block port 80 but not 443 as it's https.Sent from my BND-L34 using Tapatalk
September 19, 20187 yr I configured the Let's Encrypt (nginx) docker with nzbget, organizr, sonarr, radarr, etc. dockers using my own domain. I can access all of those apps using https (https://nzbget.mydomain.com). But . . . I have lost access to the Unraid GUI. I get a 500 error on the GUI, and a "/etc/nginx/htpasswd" failed (13: Permission denied)" error in /var/log/nginx/error.log. I am trying to enter the GUI locally using http. I can SS=H into unraid, and all the docker apps are accessible. Just not the front end. Advice?
September 19, 20187 yr 4 minutes ago, madaroda said: I configured the Let's Encrypt (nginx) docker with nzbget, organizr, sonarr, radarr, etc. dockers using my own domain. I can access all of those apps using https (https://nzbget.mydomain.com). But . . . I have lost access to the Unraid GUI. I get a 500 error on the GUI, and a "/etc/nginx/htpasswd" failed (13: Permission denied)" error in /var/log/nginx/error.log. I am trying to enter the GUI locally using http. I can SS=H into unraid, and all the docker apps are accessible. Just not the front end. Advice? Using IP or hostname to access Unraid?
September 19, 20187 yr 6 minutes ago, CHBMB said: Using IP or hostname to access Unraid? Using internal IP will not work (gets the 500 error). Trying hostname (https://unraid.mydomain.com), which in DNS is a C record to mydomain.com (IP set via DDNS on router) just gives me the NGINX "Welcome to our server" page. Edited September 19, 20187 yr by madaroda
September 19, 20187 yr Just now, madaroda said: Using internal IP will not work (gets the 500 error). Trying hostname (https://unraid.mydomain.com), which in DNS is a C record to mydomain.com (IP set via DDNS on router) just gives me the NGINX "Welcome to our server" page. Can you access it if you stop the LE container?
September 19, 20187 yr 2 hours ago, CHBMB said: Can you access it if you stop the LE container? I figured out how to stop a container in the CLI. Stopping Letsencrypt did not fix the issue. I assumed they were related because it happened right after the LE installation. So, here I am, most likely in the wrong thread, and no solution. Edited September 19, 20187 yr by madaroda
September 20, 20187 yr I figured out how to stop a container in the CLI. Stopping Letsencrypt did not fix the issue. I assumed they were related because it happened right after the LE installation. So, here I am, most likely in the wrong thread, and no solution.So you made your unraid gui accessible to the internet via the LE container?Sent from my BND-L34 using Tapatalk
September 21, 20187 yr On 9/17/2018 at 1:33 PM, Jerky_san said: @linuxserver.io Any chance you could add SSLH to this docker? I want to be able to use ssh and website on the same port and it would let me if that one package was installed. Below is the package requested https://pkgs.alpinelinux.org/package/edge/testing/x86/sslh Below is what I'm trying to do: https://www.ostechnix.com/sslh-share-port-https-ssh/ Thanks @linuxserver.io any chance you could do this?
September 21, 20187 yr Hey All, I'm having issue's using Nextcloud with the LetsEncrypt proxy. Basically I can hit the login page to nextcloud without issue, but when I go to login in, I keep getting "504 Gateway Time-out, nginx/1.14.0". Any thoughts on where I should be looking? This was working before. Thanks in advance! ~Spritz
September 21, 20187 yr 3 hours ago, Spritzup said: Hey All, I'm having issue's using Nextcloud with the LetsEncrypt proxy. Basically I can hit the login page to nextcloud without issue, but when I go to login in, I keep getting "504 Gateway Time-out, nginx/1.14.0". Any thoughts on where I should be looking? This was working before. Thanks in advance! ~Spritz are you using the proxy-conf example or did you create your own?
September 21, 20187 yr 59 minutes ago, Jerky_san said: are you using the proxy-conf example or did you create your own? I am using the example that was created, and followed the instructions that were located within. ~Spritz
September 21, 20187 yr On 9/16/2018 at 4:34 AM, aptalca said: Not enough info to go on Seems to be propagation or cache issues, all is good now. Thanks!
September 21, 20187 yr 9 hours ago, Jerky_san said: @linuxserver.io any chance you could do this? Not willing to route everything through sslh. You can add it yourself via mapping an init file into the /etc/cont-init.d folder Edited September 21, 20187 yr by aptalca
September 21, 20187 yr Hey guys, I've been using my Letsencrypt for most of my dockers under domain1.com dockers being ombi,organizr, chevereto, etc etc. I am currently trying to setup a wordpress site under my Nginx docker, and put it through the Lets encrypt docker for the reverse proxy, using a domain2.com. I'm having an issue where I try to set up the site conf "default" file to direct the root location to the nginx docker, but I don't know how to make it work. The root location is the appdata for the nginx docker, both /config and the docker made path for the /ngix-config cause the same issue of not sending the site outside the network. Wordpress does work just fine locally. Any and all help is appreciated.
September 21, 20187 yr 1 hour ago, aptalca said: Not willing to route everything through sslh. You can add it yourself via mapping an init file into the /etc/cont-init.d folder Didn't think it would route through it unless you called it but also assumed everytime I update the docker it would wipe the module and I would have to redo it again.
September 22, 20187 yr 8 hours ago, Jerky_san said: Didn't think it would route through it unless you called it but also assumed everytime I update the docker it would wipe the module and I would have to redo it again. Init file runs during container start. So you can put "apk add --no-cache sslh" in there and it will install if necessary during every container start.
September 22, 20187 yr Hey all, I setup docker on my ubuntu 18.04 server, using portainer. To have reverse proxy including ssl setup, I used https://hub.docker.com/r/linuxserver/letsencrypt/. When I only had one domain setup, it was working great - the certificate and key was generated in my persisted volume. When I add more subdomains using the SUBDOMAINS env variable, it doesn't generate certificates for the new domains anymore. The home.mydomain.com/fullchain.pem is existing in the /etc/letsencrypt/live/ directory, the other subdomain files are not though. The log when starting up: -------------------------------------, _ (), | | ___ _ __, | | / __| | | / \ , | | \__ \ | | | () |, |_| |___/ |_| \__/, , , Brought to you by linuxserver.io, We gratefully accept donations at:, https://www.linuxserver.io/donate/, -------------------------------------, GID/UID, -------------------------------------, , User uid: 911, User gid: 911, -------------------------------------, , [cont-init.d] 10-adduser: exited 0., [cont-init.d] 20-config: executing... , [cont-init.d] 20-config: exited 0., [cont-init.d] 30-keygen: executing... , using keys found in /config/keys, [cont-init.d] 30-keygen: exited 0., [cont-init.d] 50-config: executing... , Variables set:, PUID=, PGID=, TZ=Netherlands/Amsterdam, URL=mydomain.com, SUBDOMAINS=home,plex,sonarr,radarr,domoticz, EXTRA_DOMAINS=, ONLY_SUBDOMAINS=true, DHLEVEL=2048, VALIDATION=http, DNSPLUGIN=, [email protected], STAGING=, , 2048 bit DH parameters present, SUBDOMAINS entered, processing, SUBDOMAINS entered, processing, Only subdomains, no URL in cert, Sub-domains processed are: -d home.mydomain.com -d plex.mydomain.com -d sonarr.mydomain.com -d radarr.mydomain.com -d domoticz.mydomain.com, E-mail address entered: [email protected], http validation is selected, Certificate exists; parameters unchanged; attempting renewal, <------------------------------------------------->, , <------------------------------------------------->, cronjob running on Fri Sep 21 14:33:57 UTC 2018, Running certbot renew, Saving debug log to /var/log/letsencrypt/letsencrypt.log, , - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -, Processing /etc/letsencrypt/renewal/home.mydomain.com.conf, - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -, Cert not yet due for renewal, , - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -, , The following certs are not due for renewal yet:, /etc/letsencrypt/live/home.mydomain.com/fullchain.pem expires on 2018-12-20 (skipped), No renewals were attempted., No hooks were run., - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -, [cont-init.d] 50-config: exited 0., [cont-init.d] done., [services.d] starting services, [services.d] done., nginx: [emerg] BIO_new_file("/etc/letsencrypt/live/domoticz.mydomain.com/fullchain.pem") failed (SSL: error:02FFF002:system library:func(4095):No such file or directory:fopen('/etc/letsencrypt/live/domoticz.mydomain.com/fullchain.pem', 'r') error:20FFF080:BIO routines:CRYPTO_internal:no such file), [21-Sep-2018 14:33:59] ERROR: unable to bind listening socket for address '127.0.0.1:9000': Address in use (98), [21-Sep-2018 14:33:59] ERROR: FPM initialization failed, This is my setup:https://rosk.am/share/2018-09-22_14-33-20.png Any clue how I can make all the subdomains work and make letsencrypt create the certificates for all subdomains? Another thing that I saw in the logs was "ERROR: FPM initialization failed". I had this one appearing as well when I had just 1 subdomain which was working. Can I safely ignore this error, or should I do anything to fix it? Edited September 22, 20187 yr by harmjanr Added small question.
September 22, 20187 yr 2 minutes ago, harmjanr said: I setup docker on my ubuntu 18.04 server From the very first post in this thread: Quote If you are not using Unraid (and you should be!) then please do not post here, instead head to linuxserver.io to see how to get support.
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.