2nu2storage Posted September 15, 2020 Share Posted September 15, 2020 (edited) This is solved. Two things happened: one involved not putting the CORRECT docker container on the customer network, and the second involved removing the "directions" in the conf file and removing any authentication methods. Hello, Yes, I'm late to the party on this and I've kinda hit a wall going from forum to forum so I apologize in advance for re-opening this can of worms... I am having some configuration trouble with getting radarr or ombi, or any docker on the docker proxy network to show up when I use my domain. I just get "can't reach this page," but when I use the IP:port everything is fine. I'm using duckdns which shouldn't be an issue unless I didn't look at the right thing...And as I far as I understand I should be able to go to myservernameradarr.duckdns.org (where the domain is active) and I should see radarr. Again, if I'm approaching this in the most ass-backwards way possible...then have a laugh at my expense and throw me some links to set me on the right path. Swag is up and running as I do see "Server Ready" in the logs. I've modified the proxy-configs as they should per the various documents and videos I've seen and I think that is where my problem is, or at least I think... If anyone can point me in the right direction I will be very grateful. Here is where I stand with the configs (domains names are different, but the same as how I have them.) I also left the instructions in there as I didn't feel like I needed to remove them (see having a laugh at my expense)? # make sure that your dns has a cname set for radarr and that your radarr container is not using a base url server { listen 443 ssl; listen [::]:443 ssl; server_name MYSERVERradarr.*; include /config/nginx/ssl.conf; client_max_body_size 0; # enable for ldap auth, fill in ldap details in ldap.conf #include /config/nginx/ldap.conf; # enable for Authelia #include /config/nginx/authelia-server.conf; location / { # enable the next two lines for http auth #auth_basic "Restricted"; #auth_basic_user_file /config/nginx/.htpasswd; # enable the next two lines for ldap auth #auth_request /auth; #error_page 401 =200 /ldaplogin; # enable for Authelia #include /config/nginx/authelia-location.conf; include /config/nginx/proxy.conf; resolver 127.0.0.11 valid=30s; set $upstream_app binhex-radarr; set $upstream_port 7878; set $upstream_proto http; proxy_pass $upstream_proto://$upstream_app:$upstream_port; } location ~ (/radarr)?/api { include /config/nginx/proxy.conf; resolver 127.0.0.11 valid=30s; set $upstream_app binhex-radarr; set $upstream_port 7878; set $upstream_proto http; proxy_pass $upstream_proto://$upstream_app:$upstream_port; } } It may be obvious to you what the error is, but not to me so be gentle Edited September 15, 2020 by 2nu2storage Quote Link to comment
Squid Posted September 15, 2020 Share Posted September 15, 2020 5 minutes ago, Akitaka said: So i need just change it in /boot/config/plugins/dockerMan/images ? Edit the template, switch to advanced view and change the icon URL 1 Quote Link to comment
Akitaka Posted September 15, 2020 Share Posted September 15, 2020 2 minutes ago, Squid said: Edit the template, switch to advanced view and change the icon URL OMG, thx, i always thought that i'm already in advanced mode Quote Link to comment
Coolsaber57 Posted September 16, 2020 Share Posted September 16, 2020 (edited) Hey all, I'm trying to access Home Assistant Core via the lets encrypt docker, have updated the proxy.conf sample they have for Home Assistant with the new container name, as well as the port I mapped in. I can access the page via my subdomain I set up (shows the HA user name and password prompt), but when I attempt to login, it just shows the HA symbol and the "refresh" button. Here's the proxy.conf: # make sure that your dns has a cname set for homeassistant and that your homeassistant container is not using a base url server { listen 443 ssl; listen [::]:443 ssl; server_name ha.*; include /config/nginx/ssl.conf; client_max_body_size 0; # enable for ldap auth, fill in ldap details in ldap.conf #include /config/nginx/ldap.conf; # enable for Authelia #include /config/nginx/authelia-server.conf; location / { # enable the next two lines for http auth #auth_basic "Restricted"; #auth_basic_user_file /config/nginx/.htpasswd; # enable the next two lines for ldap auth #auth_request /auth; #error_page 401 =200 /ldaplogin; # enable for Authelia #include /config/nginx/authelia-location.conf; include /config/nginx/proxy.conf; resolver 127.0.0.11 valid=30s; set $upstream_app Home-Assistant-Core; set $upstream_port 8123; set $upstream_proto http; proxy_pass $upstream_proto://$upstream_app:$upstream_port; } } Is there something I"m doing wrong? I also set the external URL in the Home Assistant .yaml, but no dice. Edit: I always seem to find the solution right after I post in this thread. For future reference, if anyone needs the config for this, you need to add a section for /api. Here's the updated (working) config: # make sure that your dns has a cname set for homeassistant and that your homeassistant container is not using a base url server { listen 443 ssl; listen [::]:443 ssl; server_name ha.*; include /config/nginx/ssl.conf; client_max_body_size 0; # enable for ldap auth, fill in ldap details in ldap.conf #include /config/nginx/ldap.conf; # enable for Authelia #include /config/nginx/authelia-server.conf; location / { # enable the next two lines for http auth #auth_basic "Restricted"; #auth_basic_user_file /config/nginx/.htpasswd; # enable the next two lines for ldap auth #auth_request /auth; #error_page 401 =200 /ldaplogin; # enable for Authelia #include /config/nginx/authelia-location.conf; include /config/nginx/proxy.conf; resolver 127.0.0.11 valid=30s; set $upstream_app Home-Assistant-Core; set $upstream_port 8123; set $upstream_proto http; proxy_pass $upstream_proto://$upstream_app:$upstream_port; } location /api/ { resolver 127.0.0.11 valid=30s; set $upstream_app Home-Assistant-Core; set $upstream_port 8123; set $upstream_proto http; proxy_pass $upstream_proto://$upstream_app:$upstream_port; proxy_set_header Host $host; proxy_http_version 1.1; proxy_set_header Upgrade $http_upgrade; proxy_set_header Connection "upgrade"; } } Edited September 16, 2020 by Coolsaber57 Quote Link to comment
ytddewqf Posted September 16, 2020 Share Posted September 16, 2020 (edited) Hello, I have just followed these two guides; https://technicalramblings.com/blog/cloudflare-fail2ban-integration-with-automated-set_real_ip_from-in-nginx/ & https://technicalramblings.com/blog/blocking-countries-with-geolite2-using-the-letsencrypt-docker-container/ Almost everything seems to be going fine, with no errors that I haven't been able to fix with all the support on this forum. I say almost, as when I try a VPN and connect to my server via another country, I'm still able to get through, I'm not blocked and the access is reported as the same as my "non-VPN" attempts in the logs? I've registered with MAXMIND, entered the key and downloaded the GeoLite2.mmdb file, ensuring that it is saved in the right location. On a side note, sendmail-whois.local still needs some amendment by me, however I wanted to focus on actually securing my site before I continued attempts with notification. I've attached four screenshots below of the amendments I've made to the various config files within SWAG, in the hopes someone can point out what I'm doing wrong. Excellent work by the way on this container, its impressive how much work has gone in to it, including the SWAG support page. In the meantime I'll continue to read through this forum for tips, I'm up to page 19 so far. Regards. Here is the current reported state of my jail list (if it helps); ***Edit - Whilst I'm trying to get to the bottom of my above problem I wanted to ask yourselves (@linuxserver.io @saarg @aptalca @CHBMB) a question as you clearly know what you are talking about (I'm up to page 72 of this thread, so much useful information!) What router would you recommend that works best with SWAG in a home setting? Pfsense or Ubiquiti? Apologies if this should be on its own thread, I just thought I would tag it on to my question above as my number one requirement of a new router will be that it fully supports and compliments SWAG. Edited September 17, 2020 by LoneTraveler 1 Quote Link to comment
saarg Posted September 17, 2020 Share Posted September 17, 2020 (edited) On 9/16/2020 at 12:27 PM, LoneTraveler said: Hello, I have just followed these two guides; https://technicalramblings.com/blog/cloudflare-fail2ban-integration-with-automated-set_real_ip_from-in-nginx/ & https://technicalramblings.com/blog/blocking-countries-with-geolite2-using-the-letsencrypt-docker-container/ Almost everything seems to be going fine, with no errors that I haven't been able to fix with all the support on this forum. I say almost, as when I try a VPN and connect to my server via another country, I'm still able to get through, I'm not blocked and the access is reported as the same as my "non-VPN" attempts in the logs? I've registered with MAXMIND, entered the key and downloaded the GeoLite2.mmdb file, ensuring that it is saved in the right location. On a side note, sendmail-whois.local still needs some amendment by me, however I wanted to focus on actually securing my site before I continued attempts with notification. I've attached four screenshots below of the amendments I've made to the various config files within SWAG, in the hopes someone can point out what I'm doing wrong. Excellent work by the way on this container, its impressive how much work has gone in to it, including the SWAG support page. In the meantime I'll continue to read through this forum for tips, I'm up to page 19 so far. Regards. Here is the current reported state of my jail list (if it helps); ***Edit - Whilst I'm trying to get to the bottom of my above problem I wanted to ask yourselves (@linuxserver.io @saarg @aptalca @CHBMB) a question as you clearly know what you are talking about (I'm up to page 72 of this thread, so much useful information!) What router would you recommend that works best with SWAG in a home setting? Pfsense or Ubiquiti? Apologies if this should be on its own thread, I just thought I would tag it on to my question above as my number one requirement of a new router will be that it fully supports and compliments SWAG. All routers work with swag as long as it support port forwarding. If you want to use the domain inside the home network the router should support hairpin NAT/split DNS. Both ubiquiti and pfsense works. Edited September 17, 2020 by saarg 1 Quote Link to comment
ytddewqf Posted September 17, 2020 Share Posted September 17, 2020 11 minutes ago, saarg said: All routers work with swag as long as it support port forwarding. If you want to use the domain inside the home network the router should support hairpin NAT/split DNS. Both ubiquiti and pfsense works. Many thanks for your advice. Could I be forward and ask what router you use? It would be interesting to see what routers the "elders of the Internet - IT Crowd" use. 😁 Quote Link to comment
aptalca Posted September 17, 2020 Share Posted September 17, 2020 2 hours ago, LoneTraveler said: Many thanks for your advice. Could I be forward and ask what router you use? It would be interesting to see what routers the "elders of the Internet - IT Crowd" use. 😁 Pfsense on an embedded celeron mobo with 4gb ram, an intel dual gigabit nic (pci-e), cheapest, smallest ssd in the cheapest case with a built in psu. 1 Quote Link to comment
JonathanM Posted September 17, 2020 Share Posted September 17, 2020 3 hours ago, LoneTraveler said: what routers the "elders of the Internet - IT Crowd" use. 😁 pfSense in a VM running on Unraid for daily use, pfsense on old pc hardware as a backup when I need extended downtime on the main Unraid box for some reason. 1 Quote Link to comment
saarg Posted September 17, 2020 Share Posted September 17, 2020 3 hours ago, LoneTraveler said: Many thanks for your advice. Could I be forward and ask what router you use? It would be interesting to see what routers the "elders of the Internet - IT Crowd" use. 😁 Pfsense in an in a 1u supermicro rack server with an 8-core Xeon, 32GB ram and an SSD. Just a little bit overkill. Will probably install proxmox or something similar at one point to be able to test other firewalls. 1 1 Quote Link to comment
blaine07 Posted September 17, 2020 Share Posted September 17, 2020 Pfsense in an in a 1u supermicro rack server with an 8-core Xeon, 32GB ram and an SSD. Just a little bit overkill. Will probably install proxmox or something similar at one point to be able to test other firewalls.I want to try Untangle and Sophos here, too, one day. At any rate, have pfSense running on a Protectli box here and a spare instance going on a r720 in XCP. 1 Quote Link to comment
ytddewqf Posted September 18, 2020 Share Posted September 18, 2020 Many thanks everyone for your inputs, it gives me a great place to start looking for a new router. Quote Link to comment
DockX Posted September 18, 2020 Share Posted September 18, 2020 Hi, I want to use the onlyoffice documentserver for nextcloud behind the proxy but as subfolder. aptalca posted a solution here which is working fine, but not for subfolder. onlyoffice described a proxy-to-virtual-path here but I could not get it to work. Iam not so experienced with nginx. Any Ideas how a subfolder solution have to look like? Thanks in advance. Quote Link to comment
ytddewqf Posted September 20, 2020 Share Posted September 20, 2020 (edited) Hi, I just wanted to say a big thanks to everyone who got me back on track especially @GilbN, SWAG is all up and running for me along with Fail2ban and GeoIP2, thank you! Edited September 20, 2020 by LoneTraveler Quote Link to comment
blaine07 Posted September 20, 2020 Share Posted September 20, 2020 If i change template name from letsencrypt to SWAG what issues is that going to cause me? Is it usually referenced by container name anywhere else? Quote Link to comment
Squid Posted September 20, 2020 Share Posted September 20, 2020 1 hour ago, blaine07 said: If i change template name from letsencrypt to SWAG what issues is that going to cause me? None. A name is a name is a name. I respond to Andrew, Squid, (and my wife's favourite: Asshole). Doesn't change who I am. The whole point is to change the repository from linuxserver/letsencrypt to linuxserver/swag. The only place this would cause an issue is if you're routing your traffic from other containers through "Letsencrypt" vs "Swag". Which you're probably not. (You tend to only do that with containers that connect to a VPN ie:Binhex, and not this one which simply forwards requests to a different port) 2 Quote Link to comment
blaine07 Posted September 20, 2020 Share Posted September 20, 2020 None. A name is a name is a name. I respond to Andrew, Squid, (and my wife's favourite: Asshole). Doesn't change who I am. The whole point is to change the repository from linuxserver/letsencrypt to linuxserver/swag. The only place this would cause an issue is if you're routing your traffic from other containers through "Letsencrypt" vs "Swag". Which you're probably not. (You tend to only do that with containers that connect to a VPN ie:Binhex, and not this one which simply forwards requests to a different port)Thank you for the thorough response! (I won’t call you asshole BUT ironically that’s my wife’s favorite for me, too[emoji1787]). Quote Link to comment
aptalca Posted September 20, 2020 Share Posted September 20, 2020 22 minutes ago, blaine07 said: Thank you for the thorough response! (I won’t call you asshole BUT ironically that’s my wife’s favorite for me, too). Sounds like we all have the same first name 😅 The only potential issue I'm aware of is in nextcloud's config.php where you allow a proxy. You'd have to change that to swag if you change the container name (and if you reverse proxy nextcloud) Quote Link to comment
blaine07 Posted September 20, 2020 Share Posted September 20, 2020 Sounds like we all have the same first name [emoji28] The only potential issue I'm aware of is in nextcloud's config.php where you allow a proxy. You'd have to change that to swag if you change the container name (and if you reverse proxy nextcloud) Excuse my rudimentary pic but I’m assume first line? Shutdown NC, change letsencrypt name to swag(&let it boot up), change NC config.php, then boot Nextcloud back up? Quote Link to comment
SPOautos Posted September 20, 2020 Share Posted September 20, 2020 (edited) Hey guys, I could use a little guidance....I'm not a computer guy by any stretch of the imagination so setting up Nextcloud with ReverseProxy is WAY over my head.....I'm just following SI video instructions and have no idea what everything is actually doing. Anyway, in the video when setting up Letsencrypt/SWAG he used the duckdns.org and his duckdns subdomains. I registered my own personal domains and created Cnames...BUT they forward to a duckdns url. So in the field asking for the Domain Name....do I use my main URL I purchased or the DuckDNS.org that everything is forwarding too? Additionally, at the bottom of SWAG it has a field for a DuckDNS token, that was not in the old app that SI was using.....Do I need to include that? Currently I used my newly purchased Domain Name in the domain field, added the sub's, then dont have anything in the field asking for a DuckDNS tocken.....but I'm not wanting to move past this screen unless I know its correct because if all this doesnt work at the end, I will have NO idea where to look. So I REALLLLY want to get it right as I go though all of this. ALSO, do I need to make subdomains for EVERYTHING like SAB, NZBget, PLEX and other things like that which are on my server but go out onto the net? Thanks for any guidance you can give....greatly appreciated! Edited September 20, 2020 by SPOautos Quote Link to comment
SPOautos Posted September 20, 2020 Share Posted September 20, 2020 (edited) UPDATE to my last post - I went ahead and "applied" those settings I mentioned above..... "Currently I used my newly purchased Domain Name in the domain field, added the sub's, then dont have anything in the field asking for a DuckDNS tocken.....but I'm not wanting to move past this screen unless I know its correct because if all this doesnt work at the end, I will have NO idea where to look. So I REALLLLY want to get it right as I go though all of this." BUT in the logs all of the challanges failed. It seems like it was looking for a A record where I created CNames....is that why? With the A record though you have to point it to a IP address, it wont let me point it to a Duckdns address. Could this be because I just purchased the domain and created the Cnames about 2-3 hours ago? Does it need more time? Or do I just have the settings wrong? Here is the SWAG log..... [s6-init] making user provided files available at /var/run/s6/etc...exited 0. [s6-init] ensuring user provided files have correct perms...exited 0. [fix-attrs.d] applying ownership & permissions fixes... [fix-attrs.d] done. [cont-init.d] executing container initialization scripts... [cont-init.d] 01-envfile: executing... [cont-init.d] 01-envfile: exited 0. [cont-init.d] 10-adduser: executing... ------------------------------------- _ () | | ___ _ __ | | / __| | | / \ | | \__ \ | | | () | |_| |___/ |_| \__/ Brought to you by linuxserver.io ------------------------------------- To support the app dev(s) visit: Certbot: https://supporters.eff.org/donate/support-work-on-certbot To support LSIO projects visit: https://www.linuxserver.io/donate/ ------------------------------------- GID/UID ------------------------------------- User uid: 99 User gid: 100 ------------------------------------- [cont-init.d] 10-adduser: exited 0. [cont-init.d] 20-config: executing... [cont-init.d] 20-config: exited 0. [cont-init.d] 30-keygen: executing... using keys found in /config/keys [cont-init.d] 30-keygen: exited 0. [cont-init.d] 50-config: executing... Variables set: PUID=99 PGID=100 TZ=America/Chicago URL=s2white.com SUBDOMAINS=server,sonarr,radarr,lidarr,nextcloud EXTRA_DOMAINS= ONLY_SUBDOMAINS=false VALIDATION=http DNSPLUGIN= [email protected] STAGING=false SUBDOMAINS entered, processing SUBDOMAINS entered, processing Sub-domains processed are: -d server.s2white.com -d sonarr.s2white.com -d radarr.s2white.com -d lidarr.s2white.com -d nextcloud.s2white.com E-mail address entered: [email protected] http validation is selected Different validation parameters entered than what was used before. Revoking and deleting existing certificate, and an updated one will be created Generating new certificate Saving debug log to /var/log/letsencrypt/letsencrypt.log Plugins selected: Authenticator standalone, Installer None Obtaining a new certificate Performing the following challenges: http-01 challenge for lidarr.s2white.com http-01 challenge for nextcloud.s2white.com http-01 challenge for radarr.s2white.com http-01 challenge for s2white.com http-01 challenge for server.s2white.com http-01 challenge for sonarr.s2white.com Waiting for verification... Challenge failed for domain lidarr.s2white.com Challenge failed for domain nextcloud.s2white.com Challenge failed for domain radarr.s2white.com Challenge failed for domain s2white.com Challenge failed for domain server.s2white.com Challenge failed for domain sonarr.s2white.com http-01 challenge for lidarr.s2white.com http-01 challenge for nextcloud.s2white.com http-01 challenge for radarr.s2white.com http-01 challenge for s2white.com http-01 challenge for server.s2white.com http-01 challenge for sonarr.s2white.com Cleaning up challenges Some challenges have failed. IMPORTANT NOTES: - The following errors were reported by the server: Domain: lidarr.s2white.com Type: dns Detail: DNS problem: NXDOMAIN looking up A for lidarr.s2white.com - check that a DNS record exists for this domain Domain: nextcloud.s2white.com Type: dns Detail: DNS problem: NXDOMAIN looking up A for nextcloud.s2white.com - check that a DNS record exists for this Domain: radarr.s2white.com Type: dns Detail: DNS problem: NXDOMAIN looking up A for radarr.s2white.com - check that a DNS record exists for this domain Domain: server.s2white.com Type: dns Detail: DNS problem: NXDOMAIN looking up A for server.s2white.com - check that a DNS record exists for this domain Domain: sonarr.s2white.com Type: dns Detail: DNS problem: NXDOMAIN looking up A for sonarr.s2white.com - check that a DNS record exists for this domain - The following errors were reported by the server: Domain: s2white.com Type: unauthorized Detail: Invalid response from http://s2white.com/.well-known/acme-challenge/II7qAGyVqDFhBJ7WLQg2obnFCDxtWDqCxANhUwOgLVM [34.102.136.180]: "<!doctype html><html lang=\"en\"><head><meta http-equiv=\"content-type\" content=\"text/html;charset=utf-8\"><meta name=\"viewport\" con" To fix these errors, please make sure that your domain name was entered correctly and the DNS A/AAAA record(s) for that domain contain(s) the right IP address. - Your account credentials have been saved in your Certbot configuration directory at /etc/letsencrypt. You should make a secure backup of this folder now. This configuration directory will also contain certificates and private keys obtained by Certbot so making regular backups of this folder is ideal. ERROR: Cert does not exist! Please see the validation error above. The issue may be due to incorrect dns or port forwarding settings. Please fix your settings and recreate the container Edited September 20, 2020 by SPOautos Quote Link to comment
aptalca Posted September 20, 2020 Share Posted September 20, 2020 3 hours ago, blaine07 said: Excuse my rudimentary pic but I’m assume first line? Shutdown NC, change letsencrypt name to swag(&let it boot up), change NC config.php, then boot Nextcloud back up? Yup 1 Quote Link to comment
aptalca Posted September 20, 2020 Share Posted September 20, 2020 15 minutes ago, SPOautos said: UPDATE to my last post - I went ahead and "applied" those settings I mentioned above..... "Currently I used my newly purchased Domain Name in the domain field, added the sub's, then dont have anything in the field asking for a DuckDNS tocken.....but I'm not wanting to move past this screen unless I know its correct because if all this doesnt work at the end, I will have NO idea where to look. So I REALLLLY want to get it right as I go though all of this." BUT in the logs all of the challanges failed. It seems like it was looking for a A record where I created CNames....is that why? With the A record though you have to point it to a IP address, it wont let me point it to a Duckdns address. Could this be because I just purchased the domain and created the Cnames about 2-3 hours ago? Does it need more time? Or do I just have the settings wrong? Here is the SWAG log..... [s6-init] making user provided files available at /var/run/s6/etc...exited 0. [s6-init] ensuring user provided files have correct perms...exited 0. [fix-attrs.d] applying ownership & permissions fixes... [fix-attrs.d] done. [cont-init.d] executing container initialization scripts... [cont-init.d] 01-envfile: executing... [cont-init.d] 01-envfile: exited 0. [cont-init.d] 10-adduser: executing... ------------------------------------- _ () | | ___ _ __ | | / __| | | / \ | | \__ \ | | | () | |_| |___/ |_| \__/ Brought to you by linuxserver.io ------------------------------------- To support the app dev(s) visit: Certbot: https://supporters.eff.org/donate/support-work-on-certbot To support LSIO projects visit: https://www.linuxserver.io/donate/ ------------------------------------- GID/UID ------------------------------------- User uid: 99 User gid: 100 ------------------------------------- [cont-init.d] 10-adduser: exited 0. [cont-init.d] 20-config: executing... [cont-init.d] 20-config: exited 0. [cont-init.d] 30-keygen: executing... using keys found in /config/keys [cont-init.d] 30-keygen: exited 0. [cont-init.d] 50-config: executing... Variables set: PUID=99 PGID=100 TZ=America/Chicago URL=s2white.com SUBDOMAINS=server,sonarr,radarr,lidarr,nextcloud EXTRA_DOMAINS= ONLY_SUBDOMAINS=false VALIDATION=http DNSPLUGIN= [email protected] STAGING=false SUBDOMAINS entered, processing SUBDOMAINS entered, processing Sub-domains processed are: -d server.s2white.com -d sonarr.s2white.com -d radarr.s2white.com -d lidarr.s2white.com -d nextcloud.s2white.com E-mail address entered: [email protected] http validation is selected Different validation parameters entered than what was used before. Revoking and deleting existing certificate, and an updated one will be created Generating new certificate Saving debug log to /var/log/letsencrypt/letsencrypt.log Plugins selected: Authenticator standalone, Installer None Obtaining a new certificate Performing the following challenges: http-01 challenge for lidarr.s2white.com http-01 challenge for nextcloud.s2white.com http-01 challenge for radarr.s2white.com http-01 challenge for s2white.com http-01 challenge for server.s2white.com http-01 challenge for sonarr.s2white.com Waiting for verification... Challenge failed for domain lidarr.s2white.com Challenge failed for domain nextcloud.s2white.com Challenge failed for domain radarr.s2white.com Challenge failed for domain s2white.com Challenge failed for domain server.s2white.com Challenge failed for domain sonarr.s2white.com http-01 challenge for lidarr.s2white.com http-01 challenge for nextcloud.s2white.com http-01 challenge for radarr.s2white.com http-01 challenge for s2white.com http-01 challenge for server.s2white.com http-01 challenge for sonarr.s2white.com Cleaning up challenges Some challenges have failed. IMPORTANT NOTES: - The following errors were reported by the server: Domain: lidarr.s2white.com Type: dns Detail: DNS problem: NXDOMAIN looking up A for lidarr.s2white.com - check that a DNS record exists for this domain Domain: nextcloud.s2white.com Type: dns Detail: DNS problem: NXDOMAIN looking up A for nextcloud.s2white.com - check that a DNS record exists for this Domain: radarr.s2white.com Type: dns Detail: DNS problem: NXDOMAIN looking up A for radarr.s2white.com - check that a DNS record exists for this domain Domain: server.s2white.com Type: dns Detail: DNS problem: NXDOMAIN looking up A for server.s2white.com - check that a DNS record exists for this domain Domain: sonarr.s2white.com Type: dns Detail: DNS problem: NXDOMAIN looking up A for sonarr.s2white.com - check that a DNS record exists for this domain - The following errors were reported by the server: Domain: s2white.com Type: unauthorized Detail: Invalid response from http://s2white.com/.well-known/acme-challenge/II7qAGyVqDFhBJ7WLQg2obnFCDxtWDqCxANhUwOgLVM [34.102.136.180]: "<!doctype html><html lang=\"en\"><head><meta http-equiv=\"content-type\" content=\"text/html;charset=utf-8\"><meta name=\"viewport\" con" To fix these errors, please make sure that your domain name was entered correctly and the DNS A/AAAA record(s) for that domain contain(s) the right IP address. - Your account credentials have been saved in your Certbot configuration directory at /etc/letsencrypt. You should make a secure backup of this folder now. This configuration directory will also contain certificates and private keys obtained by Certbot so making regular backups of this folder is ideal. ERROR: Cert does not exist! Please see the validation error above. The issue may be due to incorrect dns or port forwarding settings. Please fix your settings and recreate the container This needs to return an ip address: https://dnschecker.org/#A/sonarr.s2white.com See here for details setup info: https://docs.linuxserver.io/general/swag Quote Link to comment
SPOautos Posted September 20, 2020 Share Posted September 20, 2020 (edited) 1 hour ago, aptalca said: This needs to return an ip address: https://dnschecker.org/#A/sonarr.s2white.com See here for details setup info: https://docs.linuxserver.io/general/swag Does that mean something is wrong with the CNAME? I made the Host Name sonarr.s2white.com and the points to value is a duckdns.org address that points to my server IP In the linuxserver link you shared (thank you for that).....I see where it says this.... "Nextcloud is a bit trickier because the app has various security measures built-in, forcing us to configure certain options manually. As with the other examples, let's make sure that we have a CNAME for nextcloud set up on our dns provider (a wildcard CNAME * will also cover this) and it is pointing to our A record that points to our server IP. If we are using the docker cli method, we also need to create the user defined bridge network (here named lsio) as described above. For DuckDNS, we do not need to create CNAMES, as all sub-subdomains automatically point to the same IP as our custom subdomain, but we need to make sure that it is the correct IP address for our server. We also need to make sure that port 443 on our router is forwarded to the correct port on our server." To be honest I'm not sure what all that means to what I have already done. Have things changed since the SI video where I should now use a A record instead of a Cname and point it directly to my server ip address instead of a duckdns address? So is this saying that instead of doing it the way SI shows, I now need to make a single Cname like Nextcloud.mydomain.com that points to a A record that I also create at Godaddy which in turn points to my servers IP address, then basically dont do anything with DuckDNS? I do have my router set to reserve the IP address so I think that means it will always keep that domain so I dont really NEED DuckDNS I dont THINK....but I'm not positive about how all that works. Edited September 21, 2020 by SPOautos Quote Link to comment
aptalca Posted September 21, 2020 Share Posted September 21, 2020 1 hour ago, SPOautos said: Does that mean something is wrong with the CNAME? I made the Host Name sonarr.s2white.com and the points to value is a duckdns.org address that points to my server IP In the linuxserver link you shared (thank you for that).....I see where it says this.... "Nextcloud is a bit trickier because the app has various security measures built-in, forcing us to configure certain options manually. As with the other examples, let's make sure that we have a CNAME for nextcloud set up on our dns provider (a wildcard CNAME * will also cover this) and it is pointing to our A record that points to our server IP. If we are using the docker cli method, we also need to create the user defined bridge network (here named lsio) as described above. For DuckDNS, we do not need to create CNAMES, as all sub-subdomains automatically point to the same IP as our custom subdomain, but we need to make sure that it is the correct IP address for our server. We also need to make sure that port 443 on our router is forwarded to the correct port on our server." To be honest I'm not sure what all that means to what I have already done. Have things changed since the SI video where I should now use a A record instead of a Cname and point it directly to my server ip address instead of a duckdns address? So is this saying that instead of doing it the way SI shows, I now need to make a single Cname like Nextcloud.mydomain.com that points to a A record that I also create at Godaddy which in turn points to my servers IP address, then basically dont do anything with DuckDNS? I do have my router set to reserve the IP address so I think that means it will always keep that domain so I dont really NEED DuckDNS I dont THINK....but I'm not positive about how all that works. I'm not the author of that video and am not familiar with it. You'll have to contact the author. All the info we publish is in the github/docker hub readme (linked in the first post) and the docs article I linked above. Typically, if you already own your own domain name, you don't need duckdns. Duckdns is a free alternative to owning a domain name. Quote Link to comment
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.