[Support] Linuxserver.io - SWAG - Secure Web Application Gateway (Nginx/PHP/Certbot/Fail2ban)


Recommended Posts

In that link, I've posted

 

https://github.com/linuxserver/docker-letsencrypt/issues/303#issuecomment-493659973

 

a search in this thread

 

https://forums.unraid.net/search/?&q=LuaJIT&type=forums_topic&item=51808&search_and_or=or&sortby=relevancy

 

You're not get hammered because you're a Linux beginner, but because we've answered the question multiple times before in this thread and you haven't remotely scanned it to see.  Instead you've posted exactly the same thing as all the other people here.

 

And... the very poist above you was me quoting the person before you posting the exact same thing.  Which tells me you didn't even bother to scan up one post.....

Edited by CHBMB
Link to comment
1 hour ago, CHBMB said:

In that link, I've posted

 

https://github.com/linuxserver/docker-letsencrypt/issues/303#issuecomment-493659973

 

a search in this thread

 

https://forums.unraid.net/search/?&q=LuaJIT&type=forums_topic&item=51808&search_and_or=or&sortby=relevancy

 

You're not get hammered because you're a Linux beginner, but because we've answered the question multiple times before in this thread and you haven't remotely scanned it to see.  Instead you've posted exactly the same thing as all the other people here.

 

And... the very poist above you was me quoting the person before you posting the exact same thing.  Which tells me you didn't even bother to scan up one post.....

that information i already look at before i posted, reason for posting was that i did not find now how to fix solution and i don't know if that is the cause of nextcloud not working outside my network or not

Edited by Danuel
Link to comment
that information i already look at before i posted, reason for posting was that i find now how to fix solution and i don't know if that is the cause of nextcloud not working outside my network or not
It's not

Sent from my Mi A1 using Tapatalk

Link to comment
29 minutes ago, Danuel said:

that information i already look at before i posted, reason for posting was that i find now how to fix solution and i don't know if that is the cause of nextcloud not working outside my network or not

Post in the nextcloud thread, and be sure to post all the config files you've edited so we can see.  As well as a detailed description of what you mean by "It doesn't work" Need to see nginx configs, config.php, screenshots of router port forwards.  Are you sure you have letsencrypt working?  I think you probably have with the error from LuaJit but a full docker run command and logs from startup are required to check.

 

Be sure to edit out any URL or passwords and wrap code/logs in the appropriate way on the forum.2019-06-02_15-16.thumb.png.c2b056989012233b2ac0f5b88c9c265d.png

Link to comment
59 minutes ago, CHBMB said:

Post in the nextcloud thread, and be sure to post all the config files you've edited so we can see.  As well as a detailed description of what you mean by "It doesn't work" Need to see nginx configs, config.php, screenshots of router port forwards.  Are you sure you have letsencrypt working?  I think you probably have with the error from LuaJit but a full docker run command and logs from startup are required to check.

 

Be sure to edit out any URL or passwords and wrap code/logs in the appropriate way on the forum.2019-06-02_15-16.thumb.png.c2b056989012233b2ac0f5b88c9c265d.png

 

 

so, what i found was that i was able to acess outside my network using my mobile phone on 4G or using VPN, but not from my local network (using the domain name), i am getting this, is this normal ? i can access nextcloud using local IP because i did not set 'overwritehost' => 'my domain' so i can use local ip, so why i can't access from my LAN using 'my domain' ?

 

ncloud1.JPG

Link to comment
23 minutes ago, Danuel said:

 

 

so, what i found was that i was able to acess outside my network using my mobile phone on 4G or using VPN, but not from my local network (using the domain name), i am getting this, is this normal ? i can access nextcloud using local IP because i did not set 'overwritehost' => 'my domain' so i can use local ip, so why i can't access from my LAN using 'my domain' ?

 

ncloud1.JPG

NAT reflection or Loopback NAT, same problem @Tucubanito07 has on the last page or two.

Link to comment
10 minutes ago, CHBMB said:

NAT reflection or Loopback NAT, same problem @Tucubanito07 has on the last page or two.

I want to let you guys know i got it working. I bought the Netgear Nighthawk X65 AC4000 Model #R8000P and it works like a charm. I am able to see nextcloud from my WAN and also on my LAN. Sucks i had to buy a new router but i needed one anyways so kind of workout. Thanks again @CHBMB

Link to comment

I am having well running Nextcloud and Let's Encrypt Docker (log is saying: [services.d] done and Server ready).

 

On March 1st the SSL Certificate was losing validity and now all my devices (macos, iphone, iPad) can't access Nextcloud anymore. After done some search I thought that I have to download the renewed key at /mnt/user/system/docker/appdata/letsencrypt/keys/letsencrypt

 

There are a couple of keys (cert.pem, fullchain.pem etc.) that are linked to e.g. /mnt/user/system/docker/appdata/letsencrypt/etc/letsencrypt/archive/myURL/cert.pem

 

Whatever file I am loading into one of my devices it is telling me that it was loosing validity March 1st.

Thanks for any help,

Link to comment

I am having well running Nextcloud and Let's Encrypt Docker (log is saying: [services.d] done and Server ready).

 

On March 1st the SSL Certificate was loosing validity and now all my devices (macos, iphone, iPad) can't access Nextcloud anymore. After done some search I thought that I have to download the renewed key at /mnt/user/system/docker/appdata/letsencrypt/keys/letsencrypt

 

There are a couple of keys (cert.pem, fullchain.pem etc.) that are linked to e.g. /mnt/user/system/docker/appdata/letsencrypt/etc/letsencrypt/archive/myURL/cert.pem

 

Whatever file I am loading into one of my devices it is telling me that it was loosing validity March 1st.

Thanks for any help.

Edited by EdgarWallace
Link to comment

Had the same weird issue with the NAT loopback, restarted the router and all is working.


Edit: Just checked again, doing the same thing again. I didn't update anything on my router or touch it any time lately. What would cause this on a USG3?

Edit 2: Restarted the router again just to check if it was a fluke, can connect locally now once again. Will report back later if this happens again.

Edit 3: Happened again, turned off uPnP and it allowed me to connected after provisioning.

 

Edited by slimshizn
Link to comment
On 6/4/2019 at 1:20 PM, EdgarWallace said:

I am having well running Nextcloud and Let's Encrypt Docker (log is saying: [services.d] done and Server ready).

 

On March 1st the SSL Certificate was loosing validity and now all my devices (macos, iphone, iPad) can't access Nextcloud anymore. After done some search I thought that I have to download the renewed key at /mnt/user/system/docker/appdata/letsencrypt/keys/letsencrypt

 

There are a couple of keys (cert.pem, fullchain.pem etc.) that are linked to e.g. /mnt/user/system/docker/appdata/letsencrypt/etc/letsencrypt/archive/myURL/cert.pem

 

Whatever file I am loading into one of my devices it is telling me that it was loosing validity March 1st.

Thanks for any help.

Seems that Let's Encrypt didn't renew the certificate. I was searching but didn't found anything that is showing how to solve that renewal issue.

 

Any hint?

Link to comment
4 hours ago, EdgarWallace said:

I fixed my issue with:

  1. open console of letsencrypt container
  2. run command: certbot renew

First time ever letsencrypt wasn't doing the certificate renewal process automatically. Anyone has experienced the same? Is there anything I can do about it?

 

 

You should not run that command yourself. It might screw things up instead of solving it.

Add a subdomain and it will trigger a renewal.

Link to comment
12 hours ago, saarg said:

 

You should not run that command yourself. It might screw things up instead of solving it.

Add a subdomain and it will trigger a renewal.

Thanks a lot @saarg

 

I don't understand why the certificate wasn't renewed this time (March 1s). It was always working in the past. E.g. cert1.pem - cert6.pem are available in the respective directory but cert7.pem was missing and added with my manual action.

 

Subdomain was always defined as (no changes from my side were made since ages):

I am using this container only for Nextcloud and I am accessing it via https://myurl.com/index.php/login

Link to comment
6 hours ago, EdgarWallace said:

Thanks a lot @saarg

 

I don't understand why the certificate wasn't renewed this time (March 1s). It was always working in the past. E.g. cert1.pem - cert6.pem are available in the respective directory but cert7.pem was missing and added with my manual action.

 

Subdomain was always defined as (no changes from my side were made since ages):




I am using this container only for Nextcloud and I am accessing it via https://myurl.com/index.php/login

 

I think this belongs in the letsencrypt thread and not nextcloud as it hasn't anthing to do with the nextcloud container. So please move the conversation there.

I'll anser you here now though.

 

It's impossible for us to know what happened without any logs and saying it was working isn't helpful either.

I don't know the inner working of letsencrypt, but it sounds wrong that you have so many certs. Or is this something you are modifying? I see you talked about adding certs to your devices earlier, but do not know what is the purpose of it.

 

As for adding a subdomain, that is to trigger a change in the config so the certs are renewed. Then you can change it back.

 

Please answer in the letsencrypt thread, as it belongs there.

Link to comment
On 6/6/2019 at 4:09 PM, saarg said:

 

I think this belongs in the letsencrypt thread and not nextcloud as it hasn't anthing to do with the nextcloud container. So please move the conversation there.

I'll anser you here now though.

 

It's impossible for us to know what happened without any logs and saying it was working isn't helpful either.

I don't know the inner working of letsencrypt, but it sounds wrong that you have so many certs. Or is this something you are modifying? I see you talked about adding certs to your devices earlier, but do not know what is the purpose of it.

 

As for adding a subdomain, that is to trigger a change in the config so the certs are renewed. Then you can change it back.

 

Please answer in the letsencrypt thread, as it belongs there.

@trurl, thanks for your help in moving that into the correct thread.

 

@saarg, I have never modified anything within the container because it was running as expected - until March 1st.

 

I read, that letsencrypt is producing these file one after one e.g. /mnt/user/system/docker/appdata/letsencrypt/etc/letsencrypt/live/myurl.com/cert.pem is pointing towards the correct file in /mnt/user/system/docker/appdata/letsencrypt/etc/letsencrypt/archive/myurl.com/cert7.pem so having many of these files seems to be fine.

 

I was asking mainly if there is a known issue with the container, because the log it isn't showing anything unusual. However, I might have overlooked something so it is attached now. 

 

Thanks for your help.

 

 

 

Edited by EdgarWallace
Link to comment
3 hours ago, EdgarWallace said:

@trurl, thanks for your help in moving that into the correct thread.

 

@saarg, I have never modified anything within the container because it was running as expected - until March 1st.

 

I read, that letsencrypt is producing these file one after one e.g. /mnt/user/system/docker/appdata/letsencrypt/etc/letsencrypt/live/myurl.com/cert.pem is pointing towards the correct file in /mnt/user/system/docker/appdata/letsencrypt/etc/letsencrypt/archive/myurl.com/cert7.pem so having many of these files seems to be fine.

 

I was asking mainly if there is a known issue with the container, because the log it isn't showing anything unusual. However, I might have overlooked something so it is attached now. 

 

Thanks for your help.

 

 

letsencrypt.log 16.11 kB · 0 downloads

Do you shut down your server at night? There should be a renewal attempt every night at 2:08am

Link to comment

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.

Guest
Reply to this topic...

×   Pasted as rich text.   Restore formatting

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.