April 30, 20179 yr In the other (incorrect) thread I was asked to check the A record. A DNS lookup shows it's ok. I'm using dns-o-matic to keep dns host record up to date.
April 30, 20179 yr 1 hour ago, dalben said: I do have some dlink webcams that are exposed to the intraweb via the dlink myhome software but there is no port forwarding of 443 required for that. I reckon that's the problem. The dlink software, is it using https? Might not have opened the ports but what about uPnP, may be doing it without you realising it?
April 30, 20179 yr 1 hour ago, CHBMB said: I reckon that's the problem. The dlink software, is it using https? Might not have opened the ports but what about uPnP, may be doing it without you realising it? Doing some reading DLink are a bit vague on how the webcams make it to their server. I'll deregister the cameras and see what happens when then.
May 1, 20179 yr Does anyone know how to add additional lop level domains after this docker app has been configured? ie example.com AND example.org. If any commands need to be run or scripts modified I can do that, just need a little direction. Thanks! edit- I'm referring to the letsencrypt portion of this (not nginx) Edited May 1, 20179 yr by harperbrett
May 1, 20179 yr Does anyone know how to add additional lop level domains after this docker app has been configured? ie example.com AND example.org. If any commands need to be run or scripts modified I can do that, just need a little direction. Thanks! edit- I'm referring to the letsencrypt portion of this (not nginx)This container only supports one domain.You could redirect the org to the com, though, if they are pointing to the same web folder
May 1, 20179 yr Hello Thanks for maintaining this wonderful docker. I have a minecraft server running and use a tool called overview which creates a "google maps" like map. This tool runs on a ubuntu VM and outputs all files in a folder. Now to share that I'd like to use the nginx webserver. My question now is whats the best way to mount that folder within the docker to be able to share it?
May 1, 20179 yr Hello Thanks for maintaining this wonderful docker. I have a minecraft server running and use a tool called overview which creates a "google maps" like map. This tool runs on a ubuntu VM and outputs all files in a folder. Now to share that I'd like to use the nginx webserver. My question now is whats the best way to mount that folder within the docker to be able to share it?Is the vm on unraid? You can probably do a 9p share in the vm, save into that folder and map that for this container
May 1, 20179 yr 1 hour ago, aptalca said: Is the vm on unraid? You can probably do a 9p share in the vm, save into that folder and map that for this container No the VM runs on my esxi host on 192.168.178.201 and unraid is 192.168.178.200.
May 1, 20179 yr No the VM runs on my esxi host on 192.168.178.201 and unraid is 192.168.178.200.Then you can cifs mount an unraid share in the vm and map that same folder to the docker container
May 4, 20179 yr nextcloud need xmlreader and zip module, can you add xmlreader and zip module? thank you
May 4, 20179 yr php has been updated to 7.14 I believe so a lot of dependencies have changed.Sent from my LG-H815 using Tapatalk
May 5, 20179 yr Security question - what is more secure - using .htaccess for authentication or using each app built-in authentication? Sent from my LG-K430 using Tapatalk
May 5, 20179 yr In my personal opinion, htpasswd with a fail2ban rule that prevents brute force attempts by banning after so many tries On my company server, I even have a recidive rule set up so if any fail2ban rule does 3 10min bans in a 3hr period, they get banned for a week
May 5, 20179 yr In my personal opinion, htpasswd with a fail2ban rule that prevents brute force attempts by banning after so many tries On my company server, I even have a recidive rule set up so if any fail2ban rule does 3 10min bans in a 3hr period, they get banned for a week But isn't passing htpasswd for one site (using brute, social eng, whatever) opens up all your sites to the attacker?Using every specific app built in authentication enables different passwords to different systems.Or am I missing something?Sent from my LG-K430 using Tapatalk
May 5, 20179 yr You can create a different .htpasswd for each service if you wish. I think the main thing you're "missing" is that nginx's implementation of .htpasswd is likely to be far more secure than that of "app x" which is why I'd generally advocate the same as @aptalca
May 6, 20179 yr Sorry to bother you again... I'm trying to run nextcloud in your nginx docker. When I try to access the site it would not open the site but would download the index.php file. My nginx config: server { listen 80; server_name cloud.XXX.ch; return 301 https://$server_name$request_uri; } server { listen 443 ssl; server_name cloud.XXX.ch; root /config/www/cloud; index index.php index.html; access_log /var/log/nginx/cloud.example.com.access.log; error_log /var/log/nginx/cloud.example.com.error.log; client_max_body_size 0; underscores_in_headers on; ssl on; ssl_certificate /config/keys/letsencrypt/fullchain.pem; ssl_certificate_key /config/keys/letsencrypt/privkey.pem; ssl_stapling on; ssl_stapling_verify on; location / { proxy_headers_hash_max_size 512; proxy_headers_hash_bucket_size 64; proxy_set_header Host $host; proxy_set_header X-Forwarded-Proto $scheme; proxy_set_header X-Real-IP $remote_addr; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; add_header Front-End-Https on; } } Can you find the reason behind this?
May 6, 20179 yr I don't understand what you're trying to do? 1. Reverse proxy our Nextcloud container with this one? 2. Install Nextcloud into this container? If it's the first then wait for me to finish my guide. If it's the 2nd then you're on your own, configuring nginx for each individual app people want to install is way beyond what we're able to support. We support getting the container up and running. Advanced config is past that.
May 7, 20179 yr 18 hours ago, CHBMB said: I don't understand what you're trying to do? 1. Reverse proxy our Nextcloud container with this one? 2. Install Nextcloud into this container? If it's the first then wait for me to finish my guide. If it's the 2nd then you're on your own, configuring nginx for each individual app people want to install is way beyond what we're able to support. We support getting the container up and running. Advanced config is past that. Would have been the 2nd. Was hoping you've seen this problem before...
May 7, 20179 yr Would have been the 2nd. Was hoping you've seen this problem before...You did not set up your php processor (php-fpm) in your config so nginx doesn't know what to do with it. It just serves it as is
May 11, 20179 yr Hello I created letsencrypt container with 3 different subdomains (pydio and nextcloud included). Then I followed latest article to run nextcloud behind nginx reverese proxy. for nextcloud it is working but with pydio (2 different config files) it fails with : SSL_do_handshake() failed (SSL: error:140770FC:SSL routines:SSL23_GET_SERVER_HELLO:unknown .... I am wondering how you differ the subdomain keys? Because in keys folder is only a link to one folder mydomain.com and in config file we have these lines each: ssl_certificate /config/keys/letsencrypt/fullchain.pem; ssl_certificate_key /config/keys/letsencrypt/privkey.pem; do I have to do something different? Thank
May 11, 20179 yr The keys work for all the subdomains you specify. Your issue is reverse proxying pydio, which I have no experience of tbh.
May 12, 20179 yr Homer-S, can you include the rest of the error? A lot of the time that error is pointing out an incorrect IP but that part doesn't seem to be included here.Sent from my iPad using Tapatalk
May 12, 20179 yr For anyone that wants to get this working with cloudflare enabled. First toggle your the cloud icon for you domains in the DNS section so that they are grey and DNS only is enabled. Then install Letsencrypt and generate your certs. Once that is done go back to cloudflare crypto section and change the SSL cert from flexible to full strict and wait for it to issue, its says it can take up to 24 hours but mine was done in about 20 minutes. After all has been completed and working fine toggle the clouds back to original setting in DNS in the cloudflare panel.
May 12, 20179 yr 6 hours ago, Malykai said: Homer-S, can you include the rest of the error? A lot of the time that error is pointing out an incorrect IP but that part doesn't seem to be included here. Sorry, for sure I can. Quote SSL_do_handshake() failed (SSL: error:140770FC:SSL routines:SSL23_GET_SERVER_HELLO:unknown protocol) while SSL handshaking to upstream, client: XX.174.239.197, server: pydio.XX.myadress.de, request: "GET / HTTP/1.1", upstream: "https://192.168.100.10:84/", host: "pydio.XX.myadress.de" Is there a way to check if all three subdomains are included in keys? I found my mistake!!! wrong: proxy_pass https://192.168.100.10:84/; correct: proxy_pass http://192.168.100.10:84/; That was the reason for SSL error Thanks anyway Edited May 12, 20179 yr by Homer-S
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.