Tucubanito07 Posted September 28, 2019 Share Posted September 28, 2019 4 hours ago, Marshalleq said: Maybe something on the router / DNS side? The things is I have not changed anything with the router or dns. All I did was update letsencrypt. Quote Link to comment
vurt Posted September 28, 2019 Share Posted September 28, 2019 (edited) Since the latest update, my reverse proxies aren't working. I can confirm using external IP works, like http://external.ip/emby. I can ping mydomain.net. Internal IP of course works. The log doesn't indicate any problems. Brought to you by linuxserver.io We gratefully accept donations at: https://www.linuxserver.io/donate/ ------------------------------------- GID/UID ------------------------------------- User uid: 99 User gid: 100 ------------------------------------- [cont-init.d] 10-adduser: exited 0. [cont-init.d] 20-config: executing... [cont-init.d] 20-config: exited 0. [cont-init.d] 30-keygen: executing... using keys found in /config/keys [cont-init.d] 30-keygen: exited 0. [cont-init.d] 50-config: executing... Variables set: PUID=99 PGID=100 TZ=America/Los_Angeles URL=advurt.net SUBDOMAINS=www EXTRA_DOMAINS= ONLY_SUBDOMAINS=false DHLEVEL=4096 VALIDATION=dns DNSPLUGIN=cloudflare [email protected] STAGING= 4096 bit DH parameters present SUBDOMAINS entered, processing SUBDOMAINS entered, processing Sub-domains processed are: -d www.mydomain.net E-mail address entered: [email protected] dns validation via cloudflare plugin is selected Certificate exists; parameters unchanged; starting nginx creating GeoIP2 database [cont-init.d] 50-config: exited 0. [cont-init.d] 99-custom-files: executing... [custom-init] no custom files found exiting... [cont-init.d] 99-custom-files: exited 0. [cont-init.d] done. [services.d] starting services [services.d] done. Server ready Edited September 28, 2019 by vurt Quote Link to comment
Tucubanito07 Posted September 28, 2019 Share Posted September 28, 2019 There was an update that the Linux guys fix because now it works. I deleted subdomain www. And it works like a charm. Quote Link to comment
MothyTim Posted September 28, 2019 Share Posted September 28, 2019 16 hours ago, dandiodati said: Have you found a solution for this I also have been trying to solve it and tried these options without luck. One thing I found out is that you can manually test the websocket call via this command: curl --insecure --include --no-buffer --header "Connection: Upgrade" --header "Upgrade: websocket" --header "Host: example.com:80" --header "Origin: http://example.com:80" --header "Sec-WebSocket-Key: dGhlIHNhbXBsZSBub25jZQ==" --header "Sec-WebSocket-Version: 13" https://192.168.x.x:443/ (Found it on this page https://help.ubnt.com/hc/en-us/articles/115015690147-UNMS-Device-Discovery#blocking discover) And I noticed that the websocket call does not work going through the nginx proxy. I can make it work if I go directly to the unms server and port. And I also can access the UI, just the registry does not work due to the websocket calls not going though the nginx/letsencrypt reverse proxy. Any one else have any luck with unms ? This is the config I've ended up with after much eperimentation! Devices show up and I'm able to add them and manage them! Cheers, Tim # make sure that your dns has a cname set for unms and that your unms container is not using a base url server { listen 443 ssl; listen [::]:443 ssl; server_name unms.YOURDOMAIN.com; include /config/nginx/ssl.conf; client_max_body_size 0; # enable for ldap auth, fill in ldap details in ldap.conf #include /config/nginx/ldap.conf; location / { # enable the next two lines for http auth #auth_basic "Restricted"; #auth_basic_user_file /config/nginx/.htpasswd; # enable the next two lines for ldap auth #auth_request /auth; #error_page 401 =200 /login; include /config/nginx/proxy.conf; resolver 127.0.0.11 valid=30s; set $upstream_unms unms; proxy_pass https://$upstream_unms:443; proxy_cache off; proxy_store off; proxy_buffering off; proxy_set_header Host $http_host; proxy_set_header Upgrade $http_upgrade; proxy_set_header Connection "Upgrade"; proxy_set_header X-Real-IP $remote_addr; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; proxy_set_header X-Forwarded-Proto $scheme; proxy_set_header Referer ""; client_max_body_size 0; } } Quote Link to comment
xman111 Posted September 28, 2019 Share Posted September 28, 2019 (edited) hey guys, great forum. Just bought a domain to use with my server. Basically just using Letsencrypt to access Sonarr, Radarr, Nextcloud. Do i need to buy Positive SLL from Namecheap? i already did as i didn't know any better. I will never be running a website, etc.. just using it for domain name and custom email. Any help would be appreciated. Edited September 28, 2019 by xman111 Quote Link to comment
ijuarez Posted September 28, 2019 Share Posted September 28, 2019 hey guys, great forum. Just bought a domain to use with my server. Basically just using Letsencrypt to access Sonarr, Radarr, Nextcloud. Do i need to buy Positive SLL from Namecheap? i already did as i didn't know any better. I will never be running a website, etc.. just using it for domain name and custom email. Any help would be appreciated.You don't need an SSL letsencrypt will get one for youSent from my SM-N960U using Tapatalk Quote Link to comment
xman111 Posted September 28, 2019 Share Posted September 28, 2019 3 hours ago, ijuarez said: You don't need an SSL letsencrypt will get one for you Sent from my SM-N960U using Tapatalk thanks man, appreciate the quick response. Quote Link to comment
vurt Posted September 28, 2019 Share Posted September 28, 2019 (edited) EDIT: Back to normal with the new version. @Tucubanito07 thanks for the heads-up. Edited September 28, 2019 by vurt Quote Link to comment
xman111 Posted September 30, 2019 Share Posted September 30, 2019 guys, just got Letsencrypt working with sonarr, radarr, nextcloud. What I am confused about is can anyone just go to my page at radarr.mydomain.cc and get into my system? or even worse nextcloud.mydomain.cc? It's great for me to get to it from anywhere, just want to check how safe it is facing outward as I normally only use OpenVPN. Quote Link to comment
saarg Posted September 30, 2019 Share Posted September 30, 2019 1 hour ago, xman111 said: guys, just got Letsencrypt working with sonarr, radarr, nextcloud. What I am confused about is can anyone just go to my page at radarr.mydomain.cc and get into my system? or even worse nextcloud.mydomain.cc? It's great for me to get to it from anywhere, just want to check how safe it is facing outward as I normally only use OpenVPN. Everyone can access that address, so it's good to set a password and/or activate fail2ban or other security measures. Do not leave any services open if you reverse proxy them. Quote Link to comment
xman111 Posted September 30, 2019 Share Posted September 30, 2019 3 minutes ago, saarg said: Everyone can access that address, so it's good to set a password and/or activate fail2ban or other security measures. Do not leave any services open if you reverse proxy them. thanks for the response. i guess i will have to look into this further. Someone would have to guess the address first thought i guess. i might just turn off the reverse proxy on a few things. Quote Link to comment
Spoonsy1480 Posted September 30, 2019 Share Posted September 30, 2019 thanks for the response. i guess i will have to look into this further. Someone would have to guess the address first thought i guess. i might just turn off the reverse proxy on a few things.Radarr, sonarr have username and passwords you can set not sure about nextcloud Sent from my iPhone using Tapatalk Quote Link to comment
xman111 Posted September 30, 2019 Share Posted September 30, 2019 if someone got into my radarr page, there woudln't be anyway someone could get into my server or shares though right? Quote Link to comment
Spoonsy1480 Posted September 30, 2019 Share Posted September 30, 2019 if someone got into my radarr page, there woudln't be anyway someone could get into my server or shares though right?No one get into shares and next cloud has a passcode Sent from my iPhone using Tapatalk Quote Link to comment
xman111 Posted September 30, 2019 Share Posted September 30, 2019 (edited) 1 minute ago, Spoonsy1480 said: No one get into shares and next cloud has a passcode thanks dude.. Edited September 30, 2019 by xman111 Quote Link to comment
SliMat Posted September 30, 2019 Share Posted September 30, 2019 Hi - I hope someone can help... I have been trying to setup a reverse proxy (following SpaceInvader Ones excellent video)... but when I create a docker network called "ProxyNet" - it doesn't appear in the config page for setting up LetsEncrypt. Its definitely there as I can view it from terminal, but it just isnt listed in the drop down box. I am using UnRAID 6.5.0. Attached are a couple of pictures, one showing the options I have in the LetsEncrypt setup page and one showing "ProxyNet" exists when I list the docker networks in terminal. Any thoughts? Thanks Quote Link to comment
j0nnymoe Posted September 30, 2019 Share Posted September 30, 2019 1 hour ago, SliMat said: Hi - I hope someone can help... I have been trying to setup a reverse proxy (following SpaceInvader Ones excellent video)... but when I create a docker network called "ProxyNet" - it doesn't appear in the config page for setting up LetsEncrypt. Its definitely there as I can view it from terminal, but it just isnt listed in the drop down box. I am using UnRAID 6.5.0. Attached are a couple of pictures, one showing the options I have in the LetsEncrypt setup page and one showing "ProxyNet" exists when I list the docker networks in terminal. Any thoughts? Thanks Update to latest unraid first, then come if you have the same issue. Quote Link to comment
SliMat Posted September 30, 2019 Share Posted September 30, 2019 46 minutes ago, j0nnymoe said: Update to latest unraid first, then come if you have the same issue. Thanks - but I am reluctant to upgrade as the server is an HP DL380p G8 in a remote datacenter and when I upgraded to the latest version I had massive problems (no mouse or keyboard control in ILO) ending up with the machine falling over and I had to drive to the DC, remove it, roll back to 6.5.0 to get it working then drive it back to the DC. Apart from changing the onboard P420i RAID controller to work in HBA mode rather than RAID I have done nothing to comfort me that I won't get the same problem again if I upgrade. All I have on the machine, which I am using, is a number of VMs (Ubuntu Webservers / Exchange Server), then 2 dockers MariaDB and NextCloud. But am keen to get reverse proxy working. Thanks - any other pointers would be well appreciated. Quote Link to comment
xman111 Posted September 30, 2019 Share Posted September 30, 2019 1 hour ago, SliMat said: Thanks - but I am reluctant to upgrade as the server is an HP DL380p G8 in a remote datacenter and when I upgraded to the latest version I had massive problems (no mouse or keyboard control in ILO) ending up with the machine falling over and I had to drive to the DC, remove it, roll back to 6.5.0 to get it working then drive it back to the DC. Apart from changing the onboard P420i RAID controller to work in HBA mode rather than RAID I have done nothing to comfort me that I won't get the same problem again if I upgrade. All I have on the machine, which I am using, is a number of VMs (Ubuntu Webservers / Exchange Server), then 2 dockers MariaDB and NextCloud. But am keen to get reverse proxy working. Thanks - any other pointers would be well appreciated. wow, that sucks.. Quote Link to comment
j0nnymoe Posted September 30, 2019 Share Posted September 30, 2019 1 hour ago, SliMat said: Thanks - but I am reluctant to upgrade as the server is an HP DL380p G8 in a remote datacenter and when I upgraded to the latest version I had massive problems (no mouse or keyboard control in ILO) ending up with the machine falling over and I had to drive to the DC, remove it, roll back to 6.5.0 to get it working then drive it back to the DC. Apart from changing the onboard P420i RAID controller to work in HBA mode rather than RAID I have done nothing to comfort me that I won't get the same problem again if I upgrade. All I have on the machine, which I am using, is a number of VMs (Ubuntu Webservers / Exchange Server), then 2 dockers MariaDB and NextCloud. But am keen to get reverse proxy working. Thanks - any other pointers would be well appreciated. I would say that your issue isn't a container issue but a bug within unraid 6.5 itself, I would contact lime tech about it or search the forum to see if someone else has had this issue (I suspect someone has). Quote Link to comment
slimshizn Posted October 1, 2019 Share Posted October 1, 2019 On 9/17/2019 at 10:06 AM, phreeq said: Did yours renew after adding the line? I'm asking because mine is failing renewal and I do have the dns_cloudflare_credentials = /config/dns-conf/cloudflare.ini line in the conf file. **Update** I found that my cloudflare.ini file didn't have my data in it. I had a problem with all of my dockers due to a bad upgrade to my cache drive a while back, so I guess the problem was me. I'll check back in tomorrow to see if the renewal goes right. Just am seeing this after an extended time off of the forums. Yes it did happen to work and continues to do so. Not sure why that had happened but backed up as soon as I had it working correctly just in case. (Do weekly backups regularly) 1 Quote Link to comment
phreeq Posted October 1, 2019 Share Posted October 1, 2019 Just am seeing this after an extended time off of the forums. Yes it did happen to work and continues to do so. Not sure why that had happened but backed up as soon as I had it working correctly just in case. (Do weekly backups regularly)After all the headaches I had, I did start doing weekly backups for my containers. Learned that lesson the hard way Sent from my ONEPLUS A5010 using Tapatalk Quote Link to comment
Marshalleq Posted October 1, 2019 Share Posted October 1, 2019 1 hour ago, slimshizn said: Just am seeing this after an extended time off of the forums. Yes it did happen to work and continues to do so. Not sure why that had happened but backed up as soon as I had it working correctly just in case. (Do weekly backups regularly) Just catching up on this, are you saying people using cloudflare for DNS need to add an extra line? (Trying to go back through the thread to find).... Quote Link to comment
SliMat Posted October 1, 2019 Share Posted October 1, 2019 (edited) 12 hours ago, xman111 said: wow, that sucks.. Yep 🙄 14 hours ago, j0nnymoe said: Update to latest unraid first, then come if you have the same issue. OK, I consider this solved now... not ideal, but in case anyone else finds this thread @j0nnymoe seems to be correct. I also had an HP Microserver running 6.5.0 at home, because it had the same issues with the new version as the machine in the DC... so, as it's here and I can easily access it, I just upgraded from 6.5.0 to 6.7.2 and now I do see the custom network in the settings for LetsEncrypt - so this certainly does look like a bug with 6.5.0. I will monitor this machine and see if it behaves with 6.7.2! So, it looks like I'll have to schedule a visit to the DC and then try the upgrade on the DC machine the night before - that way if I lose connection I will be able to pop in the next day to fix it, rather than having it offline while I wait for a slot to get in 😑 Thanks for the advice @j0nnymoe Edited October 1, 2019 by SliMat Quote Link to comment
xman111 Posted October 1, 2019 Share Posted October 1, 2019 hey guys, how to i stop an app from using letsencrypt? i have about 5 apps using it but there are a few that aren't really needed. I deleted the sub domains on the properties of the letsencrypt container but everything keeps working. Funny is was pretty hard to get it working, seems equally as hard to stop it from working, lol. Quote Link to comment
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.