saarg Posted October 7, 2020 Share Posted October 7, 2020 3 hours ago, Ryguy said: So I recently migrated my Letsencrypt instance to Swag, and all of my proxy confs seem to be working except for the Ombi one. I changed nothing in the subdomain conf file from what ws in place with Letsencrypt, but now the container wont start, and I get an Execution Error Code 403. Anyone overcome a similar problem? It's the ombi container not starting? If so, that shouldn't have anything to do with swag. Quote Link to comment
saarg Posted October 7, 2020 Share Posted October 7, 2020 2 hours ago, LoneTraveler said: Hello all, Just finished the house move, well physically moving everything anyway, and thought I would start with setting up the essentials, water, heating, Unraid. Everything is going well except that I'm unable to access any of my five proxied services (bitwarden, nextcloud, emby, radarr or sonarr) locally if I type in their public address. I can access them via their local port numbers, however if I enter eg bitwarden.mydomain.uk I receive back; This site can’t be reached The web page at https://bitwarden.mydomain.uk/ might be temporarily down or it may have moved permanently to a new web address. ERR_HTTP2_PROTOCOL_ERROR If I use my mobile, the pages can be accessed fine, just locally is the issue. The only difference from the other house is that I have moved from BT to Vodafone. I recall when I was initially setting Letsencrypt up, some people had an issue with "double NAT / hairpinning" which I'm wondering may be my issue. Before I set about replacing the supplied Vodafone router however, I wanted to double check with yourselves that I'm not missing something obvious (which wouldn't be the first time). 😂 The only changes I have made to the router are; *Updated the port forwarding rules for 80 & 443, *Disabled UPnP, *Ensured that my Unraid servers local address (192.168.1.149) was given an exception in the routers firewall. I have looked online for similar issues however people seem to have the opposite problem (unable to access externally). Any advice would be greatly appreciated as I'm up the wall with everything else going on and this would certainly help me out getting it to work. You need to disable that dmz as soon as possible as you have just opened the whole unraid server to the internet! Enable hairpining on your router and it should work inside your lan also. 1 Quote Link to comment
Mor9oth Posted October 7, 2020 Share Posted October 7, 2020 Quote Meanwhile, I found out that on the flash drive there is something like a cache of the container settings that also keeps the .xml of the deleted containers. Since I renamed the repository from "lets encrypt" to "swag" while also adding the new swag container, I guess something went wrong with the assignment. The renamed Let's encrypt: The original Swag: I guess because of the same name and because the my-letsencrypt.xml was the first file, it has priority. I found the XMLs on this Location on the Flash Drive: So in my opinion the fix must be to just erase the "my-letsencrypt.xml" file, right? Could someone please confirm this to me? Could someone please also explain a noob how to delete the my-letsencrypt.xml from my flash drive? 😀 Thank you for help! Quote Link to comment
Ryguy Posted October 7, 2020 Share Posted October 7, 2020 50 minutes ago, saarg said: It's the ombi container not starting? If so, that shouldn't have anything to do with swag. Correct. It will start up on bridge but not when connected to custom network. The only change was with the migration to swag that why I figured there must be some kind of conflict. Quote Link to comment
ytddewqf Posted October 7, 2020 Share Posted October 7, 2020 (edited) 7 hours ago, saarg said: You need to disable that dmz as soon as possible as you have just opened the whole unraid server to the internet! Enable hairpining on your router and it should work inside your lan also. 😲 Many thanks for the advice! This is what happens when a "non-IT" tinkers with Unraid. 😁 I'll have a look around on how to enable hairpining on Vodafone. 👍 Edited October 8, 2020 by LoneTraveler Quote Link to comment
Mor9oth Posted October 7, 2020 Share Posted October 7, 2020 Quote Well ... even removing the my-letsencrypt.xml did not work. Still the wrong icon! Quote Link to comment
Ryguy Posted October 7, 2020 Share Posted October 7, 2020 25 minutes ago, Mor9oth said: Edit the template. Click advanced settings and change the icon URL to https://raw.githubusercontent.com/linuxserver/docker-templates/linuxserver.io/img/linuxserver-ls-logo.png Quote Link to comment
Mor9oth Posted October 7, 2020 Share Posted October 7, 2020 Quote Edit the template. Click advanced settings and change the icon URL to https://raw.githubusercontent.com/linuxserver/docker-templates/linuxserver.io/img/linuxserver-ls-logo.png This was exactly what I have done. But It doesn't matter which Icon I put that way in. It does not change. Please take a look at what I have documented then you will see. Quote Link to comment
Spoonsy1480 Posted October 7, 2020 Share Posted October 7, 2020 Just trying to configure my server again after a mishap earlier, I had letsencrypt and changed to swag now I’m trying to start a fresh and I get this Saving debug log to /var/log/letsencrypt/letsencrypt.logPlugins selected: Authenticator standalone, Installer NoneObtaining a new certificateAn unexpected error occurred:The server will not issue certificates for the identifier :: Error creating new order :: Cannot issue for "lidarr": Domain name needs at least one dot (and 4 more problems. Refer to sub-problems for more information.)Please see the logfiles in /var/log/letsencrypt for more details.IMPORTANT NOTES:- Your account credentials have been saved in your Certbotconfiguration directory at /etc/letsencrypt. You should make asecure backup of this folder now. This configuration directory willalso contain certificates and private keys obtained by Certbot somaking regular backups of this folder is ideal.ERROR: Cert does not exist! Please see the validation error above. The issue may be due to incorrect dns or port forwarding settings. Please fix your settings and recreate the containerMy template isAny help would be grateful Sent from my iPhone using Tapatalk Quote Link to comment
aptalca Posted October 7, 2020 Share Posted October 7, 2020 39 minutes ago, Spoonsy1480 said: Just trying to configure my server again after a mishap earlier, I had letsencrypt and changed to swag now I’m trying to start a fresh and I get this Saving debug log to /var/log/letsencrypt/letsencrypt.log Plugins selected: Authenticator standalone, Installer None Obtaining a new certificate An unexpected error occurred: The server will not issue certificates for the identifier :: Error creating new order :: Cannot issue for "lidarr": Domain name needs at least one dot (and 4 more problems. Refer to sub-problems for more information.) Please see the logfiles in /var/log/letsencrypt for more details. IMPORTANT NOTES: - Your account credentials have been saved in your Certbot configuration directory at /etc/letsencrypt. You should make a secure backup of this folder now. This configuration directory will also contain certificates and private keys obtained by Certbot so making regular backups of this folder is ideal. ERROR: Cert does not exist! Please see the validation error above. The issue may be due to incorrect dns or port forwarding settings. Please fix your settings and recreate the container My template is Any help would be grateful Sent from my iPhone using Tapatalk The container thinks your url is set to "lidarr" Post a full log Quote Link to comment
Spoonsy1480 Posted October 8, 2020 Share Posted October 8, 2020 [s6-init] making user provided files available at /var/run/s6/etc...exited 0.[s6-init] ensuring user provided files have correct perms...exited 0.[fix-attrs.d] applying ownership & permissions fixes...[fix-attrs.d] done.[cont-init.d] executing container initialization scripts...[cont-init.d] 01-envfile: executing...[cont-init.d] 01-envfile: exited 0.[cont-init.d] 10-adduser: executing...-------------------------------------_ ()| | ___ _ __| | / __| | | / \| | \__ \ | | | () ||_| |___/ |_| \__/Brought to you by linuxserver.io-------------------------------------To support the app dev(s) visit:Certbot: https://supporters.eff.org/donate/support-work-on-certbotTo support LSIO projects visit:https://www.linuxserver.io/donate/-------------------------------------GID/UID-------------------------------------User uid: 99User gid: 100-------------------------------------[cont-init.d] 10-adduser: exited 0.[cont-init.d] 20-config: executing...[cont-init.d] 20-config: exited 0.[cont-init.d] 30-keygen: executing...using keys found in /config/keys[cont-init.d] 30-keygen: exited 0.[cont-init.d] 50-config: executing...Variables set:PUID=99PGID=100TZ=America/Los_AngelesURL=myipaddressSUBDOMAINS=www,EXTRA_DOMAINS=radarr,sonarr,plex,lidarr,nzbget,ONLY_SUBDOMAINS=falseVALIDATION=httpDNSPLUGIN=EMAIL=MyemailSTAGING=falseSUBDOMAINS entered, processingSUBDOMAINS entered, processingSub-domains processed are: -d www.myipaddressEXTRA_DOMAINS entered, processingExtra domains processed are: -d radarr -d sonarr -d plex -d lidarr -d nzbgetE-mail address entered: myemailhttp validation is selectedDifferent validation parameters entered than what was used before. Revoking and deleting existing certificate, and an updated one will be createdGenerating new certificateSaving debug log to /var/log/letsencrypt/letsencrypt.logPlugins selected: Authenticator standalone, Installer NoneObtaining a new certificateAn unexpected error occurred:The server will not issue certificates for the identifier :: Error creating new order :: Cannot issue for "lidarr": Domain name needs at least one dot (and 4 more problems. Refer to sub-problems for more information.)Please see the logfiles in /var/log/letsencrypt for more details.IMPORTANT NOTES:- Your account credentials have been saved in your Certbotconfiguration directory at /etc/letsencrypt. You should make asecure backup of this folder now. This configuration directory willalso contain certificates and private keys obtained by Certbot somaking regular backups of this folder is ideal.ERROR: Cert does not exist! Please see the validation error above. The issue may be due to incorrect dns or port forwarding settings. Please fix your settings and recreate the containerThis is my logSent from my iPhone using Tapatalk Quote Link to comment
saarg Posted October 8, 2020 Share Posted October 8, 2020 3 hours ago, Spoonsy1480 said: [s6-init] making user provided files available at /var/run/s6/etc...exited 0. [s6-init] ensuring user provided files have correct perms...exited 0. [fix-attrs.d] applying ownership & permissions fixes... [fix-attrs.d] done. [cont-init.d] executing container initialization scripts... [cont-init.d] 01-envfile: executing... [cont-init.d] 01-envfile: exited 0. [cont-init.d] 10-adduser: executing... ------------------------------------- _ () | | ___ _ __ | | / __| | | / \ | | \__ \ | | | () | |_| |___/ |_| \__/ Brought to you by linuxserver.io ------------------------------------- To support the app dev(s) visit: Certbot: https://supporters.eff.org/donate/support-work-on-certbot To support LSIO projects visit: https://www.linuxserver.io/donate/ ------------------------------------- GID/UID ------------------------------------- User uid: 99 User gid: 100 ------------------------------------- [cont-init.d] 10-adduser: exited 0. [cont-init.d] 20-config: executing... [cont-init.d] 20-config: exited 0. [cont-init.d] 30-keygen: executing... using keys found in /config/keys [cont-init.d] 30-keygen: exited 0. [cont-init.d] 50-config: executing... Variables set: PUID=99 PGID=100 TZ=America/Los_Angeles URL=myipaddress SUBDOMAINS=www, EXTRA_DOMAINS=radarr,sonarr,plex,lidarr,nzbget, ONLY_SUBDOMAINS=false VALIDATION=http DNSPLUGIN= EMAIL=Myemail STAGING=false SUBDOMAINS entered, processing SUBDOMAINS entered, processing Sub-domains processed are: -d www.myipaddress EXTRA_DOMAINS entered, processing Extra domains processed are: -d radarr -d sonarr -d plex -d lidarr -d nzbget E-mail address entered: myemail http validation is selected Different validation parameters entered than what was used before. Revoking and deleting existing certificate, and an updated one will be created Generating new certificate Saving debug log to /var/log/letsencrypt/letsencrypt.log Plugins selected: Authenticator standalone, Installer None Obtaining a new certificate An unexpected error occurred: The server will not issue certificates for the identifier :: Error creating new order :: Cannot issue for "lidarr": Domain name needs at least one dot (and 4 more problems. Refer to sub-problems for more information.) Please see the logfiles in /var/log/letsencrypt for more details. IMPORTANT NOTES: - Your account credentials have been saved in your Certbot configuration directory at /etc/letsencrypt. You should make a secure backup of this folder now. This configuration directory will also contain certificates and private keys obtained by Certbot so making regular backups of this folder is ideal. ERROR: Cert does not exist! Please see the validation error above. The issue may be due to incorrect dns or port forwarding settings. Please fix your settings and recreate the container This is my log Sent from my iPhone using Tapatalk The subdomains go in the subdomain field and not extra domain field. Quote Link to comment
aptalca Posted October 8, 2020 Share Posted October 8, 2020 Also, url should be a domain name, not ip address Quote Link to comment
shooga Posted October 8, 2020 Share Posted October 8, 2020 I'm using this container successfully as a proxy for several other containers and also for a VM running Home Assistant. I modified the included config so that it would work with the VM and it seems fine except for websockets in some of the hassio add-ons. Websockets work fine via the local IP address, but not via the proxy. Is there a reason that I can't simply add the necessary websocket config lines to the / location? That seems to kill the whole thing. As it is, I have tried to add another location for the base url of the add-on that I'm trying to enable websockets for (esphome here, but I've also tried vscode). It's not working and I believe it's most likely because I'm not configuring the proxy correctly. Proxy config is below. Any help would be greatly appreciated! server { listen 443 ssl; listen [::]:443 ssl; server_name homeassistant.*; include /config/nginx/ssl.conf; client_max_body_size 0; location / { include /config/nginx/proxy.conf; resolver 127.0.0.11 valid=30s; set $upstream_app 192.168.1.205; set $upstream_port 8123; set $upstream_proto http; proxy_pass $upstream_proto://$upstream_app:$upstream_port; } location /api/websocket { resolver 127.0.0.11 valid=30s; set $upstream_app 192.168.1.205; set $upstream_port 8123; set $upstream_proto http; proxy_pass $upstream_proto://$upstream_app:$upstream_port; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; proxy_set_header Host $host; proxy_http_version 1.1; proxy_set_header Upgrade $http_upgrade; proxy_set_header Connection "upgrade"; } location /a0d7b954_esphome/ { resolver 127.0.0.11 valid=30s; set $upstream_app 192.168.1.205; set $upstream_port 8123; set $upstream_proto http; proxy_pass $upstream_proto://$upstream_app:$upstream_port; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; proxy_set_header Host $host:443; proxy_http_version 1.1; proxy_set_header Upgrade $http_upgrade; proxy_set_header Connection "upgrade"; } } Quote Link to comment
bigmak Posted October 8, 2020 Share Posted October 8, 2020 (edited) 1 hour ago, shooga said: I'm using this container successfully as a proxy for several other containers and also for a VM running Home Assistant. I modified the included config so that it would work with the VM and it seems fine except for websockets in some of the hassio add-ons. Websockets work fine via the local IP address, but not via the proxy. Is there a reason that I can't simply add the necessary websocket config lines to the / location? That seems to kill the whole thing. As it is, I have tried to add another location for the base url of the add-on that I'm trying to enable websockets for (esphome here, but I've also tried vscode). It's not working and I believe it's most likely because I'm not configuring the proxy correctly. Proxy config is below. Any help would be greatly appreciated! server { listen 443 ssl; listen [::]:443 ssl; server_name homeassistant.*; include /config/nginx/ssl.conf; client_max_body_size 0; location / { include /config/nginx/proxy.conf; resolver 127.0.0.11 valid=30s; set $upstream_app 192.168.1.205; set $upstream_port 8123; set $upstream_proto http; proxy_pass $upstream_proto://$upstream_app:$upstream_port; } location /api/websocket { resolver 127.0.0.11 valid=30s; set $upstream_app 192.168.1.205; set $upstream_port 8123; set $upstream_proto http; proxy_pass $upstream_proto://$upstream_app:$upstream_port; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; proxy_set_header Host $host; proxy_http_version 1.1; proxy_set_header Upgrade $http_upgrade; proxy_set_header Connection "upgrade"; } location /a0d7b954_esphome/ { resolver 127.0.0.11 valid=30s; set $upstream_app 192.168.1.205; set $upstream_port 8123; set $upstream_proto http; proxy_pass $upstream_proto://$upstream_app:$upstream_port; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; proxy_set_header Host $host:443; proxy_http_version 1.1; proxy_set_header Upgrade $http_upgrade; proxy_set_header Connection "upgrade"; } } Did you try dropping the slash after esphome? Also, why do you have :443 after proxy_set_header Host? My configuration is otherwise the same except I do not have the proxy_set_header x-forwarded... set. See mine below. Note that /endpoint/ui is for Node-RED. # make sure that your dns has a cname set for homeassistant and that your homeassistant container is not using a base url server { listen 443 ssl; listen [::]:443 ssl; server_name homeassistant.*; include /config/nginx/ssl.conf; client_max_body_size 0; location / { include /config/nginx/proxy.conf; resolver 127.0.0.11 valid=30s; set $upstream_app 192.168.1.31; set $upstream_port 8123; set $upstream_proto http; proxy_pass $upstream_proto://$upstream_app:$upstream_port; } location /api/websocket { resolver 127.0.0.11 valid=30s; set $upstream_app 192.168.1.31; set $upstream_port 8123; set $upstream_proto http; proxy_pass $upstream_proto://$upstream_app:$upstream_port; proxy_set_header Host $host; proxy_http_version 1.1; proxy_set_header Upgrade $http_upgrade; proxy_set_header Connection "upgrade"; } location /api/hassio_ingress { resolver 127.0.0.11 valid=30s; set $upstream_app 192.168.1.31; set $upstream_port 8123; set $upstream_proto http; proxy_pass $upstream_proto://$upstream_app:$upstream_port; proxy_set_header Host $host; proxy_http_version 1.1; proxy_set_header Upgrade $http_upgrade; proxy_set_header Connection "upgrade"; } location /endpoint/ui { resolver 127.0.0.11 valid=30s; set $upstream_app 192.168.1.31; set $upstream_port 1880; set $upstream_proto http; proxy_pass $upstream_proto://$upstream_app:$upstream_port; proxy_set_header Host $host; proxy_http_version 1.1; proxy_set_header Upgrade $http_upgrade; proxy_set_header Connection "upgrade"; } } Edited October 8, 2020 by bigmak fixed some tab/space issues in code block Quote Link to comment
shooga Posted October 8, 2020 Share Posted October 8, 2020 Thanks @bigmakfor the response. I had added :443 while trying different things I found in my research - it didn't work and I've removed it now. Turns out I didn't need to add a location for esphome specifically (/a0d7b954_esphome), but needed to add the /api/hassio_ingress location. Saw that in your config and thought it was worth a try. That fixed it! Now it works for esphome and vscode. Thanks again! Just to be clear for anyone else looking for help, this is the section that I needed to add. Maybe it's in the latest config sample with the container, but it wasn't in mine. location /api/hassio_ingress { resolver 127.0.0.11 valid=30s; set $upstream_app 192.168.1.205; set $upstream_port 8123; set $upstream_proto http; proxy_pass $upstream_proto://$upstream_app:$upstream_port; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; proxy_set_header Host $host; proxy_http_version 1.1; proxy_set_header Upgrade $http_upgrade; proxy_set_header Connection "upgrade"; } Quote Link to comment
Muff Posted October 8, 2020 Share Posted October 8, 2020 (edited) Hi, Anyone else getting this error? I've googled around a bit but couldn't find an answer. I've also check the files in the container but couldn't find anything about "sslforfree" The error message is: nginx: [emerg] cannot load certificate "/config/sslforfree/cert.pem": BIO_new_file() failed (SSL: error:02001002:system library:fopen:No such file or directory:fopen('/config/sslforfree/cert.pem','r') error:2006D080:BIO routines:BIO_new_file:no such file) My old letsencrypt container dosn't give this error message every 0.5 second. And I've reintalled swag as well (delete container > delete swag folder under appdata > install swag) Edited October 8, 2020 by Muff Quote Link to comment
aptalca Posted October 8, 2020 Share Posted October 8, 2020 3 hours ago, shooga said: Thanks @bigmakfor the response. I had added :443 while trying different things I found in my research - it didn't work and I've removed it now. Turns out I didn't need to add a location for esphome specifically (/a0d7b954_esphome), but needed to add the /api/hassio_ingress location. Saw that in your config and thought it was worth a try. That fixed it! Now it works for esphome and vscode. Thanks again! Just to be clear for anyone else looking for help, this is the section that I needed to add. Maybe it's in the latest config sample with the container, but it wasn't in mine. location /api/hassio_ingress { resolver 127.0.0.11 valid=30s; set $upstream_app 192.168.1.205; set $upstream_port 8123; set $upstream_proto http; proxy_pass $upstream_proto://$upstream_app:$upstream_port; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; proxy_set_header Host $host; proxy_http_version 1.1; proxy_set_header Upgrade $http_upgrade; proxy_set_header Connection "upgrade"; } You shouldn't need that. The latest updates to nginx.conf and proxy.conf auto enable websockets when needed. Quote Link to comment
aptalca Posted October 8, 2020 Share Posted October 8, 2020 2 hours ago, Muff said: Hi, Anyone else getting this error? I've googled around a bit but couldn't find an answer. I've also check the files in the container but couldn't find anything about "sslforfree" The error message is: nginx: [emerg] cannot load certificate "/config/sslforfree/cert.pem": BIO_new_file() failed (SSL: error:02001002:system library:fopen:No such file or directory:fopen('/config/sslforfree/cert.pem','r') error:2006D080:BIO routines:BIO_new_file:no such file) My old letsencrypt container dosn't give this error message every 0.5 second. And I've reintalled swag as well (delete container > delete swag folder under appdata > install swag) Looks like you modified your confs and referenced a custom cert. Our image does not use such a cert out of the box. Quote Link to comment
Mor9oth Posted October 9, 2020 Share Posted October 9, 2020 On 10/7/2020 at 10:53 PM, Mor9oth said: This was exactly what I have done. But It doesn't matter which Icon I put that way in. It does not change. Please take a look at what I have documented then you will see. Finally, I solved it. So for everybody who has the same Problems with showing up the old Let's Encrypt Icon here is the solution: Go to advanced view and copy the correct image-url to the clipboard Rename the Image-URL to something that does not exist and save it. Then you will see that the icon is missing Go back to the advanced view and paste the correct image-url At least this worked for me. But maybe the steps further (removing the old .xml) could also do have an impact on this. Here I documented everything that I did: Quote Link to comment
kuhnamatata Posted October 10, 2020 Share Posted October 10, 2020 13 hours ago, Mor9oth said: Finally, I solved it. So for everybody who has the same Problems with showing up the old Let's Encrypt Icon here is the solution: Go to advanced view and copy the correct image-url to the clipboard Rename the Image-URL to something that does not exist and save it. Then you will see that the icon is missing Go back to the advanced view and paste the correct image-url At least this worked for me. But maybe the steps further (removing the old .xml) could also do have an impact on this. Here I documented everything that I did: Yup, I had the same problem and had to delete the old my-letsencrypt.xml to get it to change the icon. Thanks for posting Quote Link to comment
muhu Posted October 11, 2020 Share Posted October 11, 2020 (edited) Hi, I did a search for this error and the only solution i could find was to delete the old conf files and let the docker container redownload by restarting it. But the error still remains: "nginx: [alert] detected a LuaJIT version which is not OpenResty's; many optimizations will be disabled and performance will be compromised (see https://github.com/openresty/luajit2 for OpenResty's LuaJIT or, even better, consider using the OpenResty releases from https://openresty.org/en/download.html)" Any help would be very appreciated ... i am an unRaid newbie [cont-init.d] 50-config: exited 0. [cont-init.d] 60-renew: executing... The cert does not expire within the next day. Letting the cron script handle the renewal attempts overnight (2:08am). [cont-init.d] 60-renew: exited 0. [cont-init.d] 99-custom-files: executing... [custom-init] no custom files found exiting... [cont-init.d] 99-custom-files: exited 0. [cont-init.d] done. [services.d] starting services [services.d] done. nginx: [alert] detected a LuaJIT version which is not OpenResty's; many optimizations will be disabled and performance will be compromised (see https://github.com/openresty/luajit2 for OpenResty's LuaJIT or, even better, consider using the OpenResty releases from https://openresty.org/en/download.html) Edited October 11, 2020 by Syed Quote Link to comment
JonathanM Posted October 11, 2020 Share Posted October 11, 2020 2 hours ago, Syed said: Any help would be very appreciated ... i am an unRaid newbie https://forums.unraid.net/topic/51808-support-linuxserverio-swag-secure-web-application-gateway-nginxphpcertbotfail2ban/?do=findComment&comment=895908 1 Quote Link to comment
td00 Posted October 11, 2020 Share Posted October 11, 2020 Hey All - I've got this up and running for a while now - great image thanks. Just a question though, it it possible to have a wild card URL entry? Kind of like the way google does with *.google.com? My current setup just has this: URL=topleveldomain.com SUBDOMAINS=portainer,sonarr,radarr But when I click to view the cert in the browser it seems that it sets portainer.topleveldomain.com as the URL and the rest in the SAN where they should be. Was just looking to see if possible to clean up. Currently, my topleveldomain doesn't point to anything if that makes a difference? Quote Link to comment
thunderclap Posted October 11, 2020 Share Posted October 11, 2020 I'm having an interesting problem with LetsEncrypt. Two issues I've experienced I would like to try and resolve: if I use use DNS through Cloudflare my subdomains become unbearably slow. If I do the subdomains through my registrar and forego Cloudflare, anytime I add or remove a subdomain LetsEncrypt reports a firewall/timeout error for several hours rendering my subdomains inaccessible. Does anyone know why this is happening? Quote Link to comment
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.