Fma965 Posted July 16, 2018 Author Posted July 16, 2018 23 hours ago, RockDawg said: Since I am getting the nginx 404 page, doesn't that mean that the request is getting through to the Letsencrypt container and therefore my port forwarding is working correctly? yes Quote
RockDawg Posted July 16, 2018 Posted July 16, 2018 20 minutes ago, Fma965 said: yes So then my issue has to be with nginx configuration then, right? Then I don't understand what's wrong because I took your default fie and changed all you IP references mine and saved it. Quote
jang430 Posted July 17, 2018 Posted July 17, 2018 @Fma965, Actually, restarted everything, except for letsencrypt docker app It was a gross oversight! After restarting, Deluge is working already. Can't get Sonarr to work yet. Will keep trying. At least I know it's working already. BTW, can OpenVPN Server and Letsencrypt (with NginX reverse proxy) docker container both be up at the same time? Meaning, even with Reverse Proxy running, I can still VPN into the NAS and manage it? Quote
RockDawg Posted July 17, 2018 Posted July 17, 2018 (edited) Well I managed to fix my issues. Unfortunately, I don't know what fixed it. I just started from scratch, reinstalled the container and reconfigured. I could swear I did everything the same but this time it worked. I hate that because you don't learn anything that way. Glad it's working though. Thanks for the guide @Fma965! Edited July 17, 2018 by RockDawg Quote
RockDawg Posted July 17, 2018 Posted July 17, 2018 I do have another question. I decided get a domain (myserver.com) from namecheap.comrather than use the one I have at duckdns. I have it set up to to work with my dynamic IP and it knows my current IP. So I edit the Letsencrypt container simply changing the Domain Name field from mydomain.duckdns.org to myserver.com. Now the log shows the following error: Failed authorization procedure. www.myserver.com (http-01): urn:ietf:params:acme:error:connection :: The server could not connect to the client to verify the domain :: Fetching http://www.myserver.com/.well-known/acme-challenge/frBvtzHSCyTZlFDxm6HDnxMdRiFCKLCCF8fzciyZfP4: Error getting validation data and Error getting validation data If I simply change the domain back to my duckdns one it gives no error and it gets certs. So it's not a port issue. Any idea why I can't get certs for me new domain? Quote
RockDawg Posted July 17, 2018 Posted July 17, 2018 Now it appears that I've played around with things too much and my duckdns domain has been given too many certificates and now it won't validate! What the heck do I do now?! One step forward. Two steps back. Quote
Fma965 Posted July 18, 2018 Author Posted July 18, 2018 On 7/17/2018 at 4:11 PM, RockDawg said: Now it appears that I've played around with things too much and my duckdns domain has been given too many certificates and now it won't validate! What the heck do I do now?! One step forward. Two steps back. You have to wait now before it will let you cert again, most likely your DNS hadn't propogated across the net so letsnecrypt wasn't going to the correct domain/ip 1 Quote
RockDawg Posted July 19, 2018 Posted July 19, 2018 Thanks. Everything is mostly working now but one thing I notice is the if I type myserver.com/app or www.myserver.com/app inside my network, both are redircted to HTTPS and show the secure symbol. Outside my network (cell phone on cellular network), myserver.com/app connects without being redirected to HTTPS and, obviously, doesn't show the secure symbol. On the the other hand, www.myserver.com/app doesn't connect at all. How do I fix that? Quote
RockDawg Posted July 21, 2018 Posted July 21, 2018 Additionally, there is usually a 30-40 second delay when accessing the apps. After typing the address and hitting enter it just sits there for 30-40 seconds and the the page will usually load quickly like it should. Sometimes it never loads the page and it will just say request timed out. Once the page is loaded I can usually try that one again or some of the others and they will load just fine. If I try again later, I will either get the delay or the timeout. Any ideas what could be going on? Quote
snake382 Posted July 23, 2018 Posted July 23, 2018 On 6/6/2017 at 8:04 PM, Forusim said: Solved the issue with the help of this guide https://www.linuxserver.io/2017/05/10/installing-nextcloud-on-unraid-with-letsencrypt-reverse-proxy/ As I found out it is possible to use sub-subdomains like "https://cloud.mysubdomain.duckdns.org". No need to change the web configs of the applications any more. As a bonus I get now A+ instead of A from https://scan.nextcloud.com/ how do you realize that? Currently I have a domain with duckdns.org that refers to my NAS but I can not create sub-subdomains with duckdns.org. Nextcloud works very well locally with Mariadb but can not access from outside, I followed the link you give but I do not understand the end. Quote
aptalca Posted July 23, 2018 Posted July 23, 2018 3 hours ago, snake382 said: how do you realize that? Currently I have a domain with duckdns.org that refers to my NAS but I can not create sub-subdomains with duckdns.org. Nextcloud works very well locally with Mariadb but can not access from outside, I followed the link you give but I do not understand the end. You can use sub-subdomains with duckdns. They all automatically forward to your main subdomain ip. You do need to add those to your subdomains variable in the container settings, though Quote
snake382 Posted July 24, 2018 Posted July 24, 2018 (edited) What container ? Letsencrypt ? i have try to add in my container letsencrypt but i don't work ... everything works well locally until the point explained to reach nextcloud outside my local network. If anyone could guide me by posting a simplified procedure with screen I start on unraid thank you. Edited July 24, 2018 by snake382 Quote
Forusim Posted July 27, 2018 Posted July 27, 2018 (edited) On 7/24/2018 at 11:16 AM, snake382 said: What container ? Letsencrypt ? i have try to add in my container letsencrypt but i don't work ... everything works well locally until the point explained to reach nextcloud outside my local network. If anyone could guide me by posting a simplified procedure with screen I start on unraid thank you. Actually it pretty straight forward, here my configs: /mnt/cache/appdata/letsencrypt/nginx/site-confs/yourdomain.duckdns.org # listening on port 80 disabled by default, remove the "#" signs to enable # redirect all traffic to https #server { # listen 80; # server_name _; # return 301 https://$host$request_uri; #} # main server block server { listen 443 ssl http2; server_name cloud.yourdomain.duckdns.org; root /config/www; index index.html index.htm index.php; ssl_certificate /config/keys/letsencrypt/fullchain.pem; ssl_certificate_key /config/keys/letsencrypt/privkey.pem; ssl_dhparam /config/nginx/dhparams.pem; ssl_ciphers 'ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES256-GCM-SHA384:DHE-RSA-AES128-GCM-SHA256:DHE-DSS-AES128-GCM-SHA256:kEDH+AESGCM:ECDHE-RSA-AES128-SHA256:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA:ECDHE-ECDSA-AES128-SHA:ECDHE-RSA-AES256-SHA384:ECDHE-ECDSA-AES256-SHA384:ECDHE-RSA-AES256-SHA:ECDHE-ECDSA-AES256-SHA:DHE-RSA-AES128-SHA256:DHE-RSA-AES128-SHA:DHE-DSS-AES128-SHA256:DHE-RSA-AES256-SHA256:DHE-DSS-AES256-SHA:DHE-RSA-AES256-SHA:AES128-GCM-SHA256:AES256-GCM-SHA384:AES128-SHA256:AES256-SHA256:AES128-SHA:AES256-SHA:AES:CAMELLIA:DES-CBC3-SHA:!aNULL:!eNULL:!EXPORT:!DES:!RC4:!MD5:!PSK:!aECDH:!EDH-DSS-DES-CBC3-SHA:!EDH-RSA-DES-CBC3-SHA:!KRB5-DES-CBC3-SHA'; ###Extra Settings### ssl_prefer_server_ciphers on; ssl_session_cache shared:SSL:10m; ### Add HTTP Strict Transport Security ### add_header Strict-Transport-Security "max-age=63072000; includeSubdomains"; add_header Front-End-Https on; client_max_body_size 0; location / { include /config/nginx/proxy.conf; proxy_max_temp_file_size 2048m; proxy_pass https://<nextclouddockerip>:443/; } } You may have to change the root of nextcloud webserver: /mnt/cache/appdata/nextcloud/nginx/site-confs/default # Path to the root of your installation root /config/www/nextcloud/; /mnt/cache/appdata/nextcloud/www/nextcloud/config/config.php <?php $CONFIG = array ( 'memcache.local' => '\\OC\\Memcache\\APCu', 'datadirectory' => '/data', 'instanceid' => '<instance>', 'passwordsalt' => '<salt>', 'secret' => '<secret>', 'trusted_domains' => array ( 0 => '<nextclouddockerip>', 1 => 'cloud.yourdomain.duckdns.org', ), 'overwriteprotocol' => 'https', 'overwritehost' => 'cloud.yourdomain.duckdns.org', 'overwrite.cli.url' => 'https://cloud.yourdomain.duckdns.org', 'version' => '12.0.6.1', 'dbtype' => 'mysql', 'dbname' => 'nextcloud', 'dbhost' => '<mariadbdockerip>:3306', 'dbport' => '', 'dbtableprefix' => 'oc_', 'dbuser' => 'oc_admin', 'dbpassword' => '<pw>', 'installed' => true, 'theme' => '', 'loglevel' => 2, 'maintenance' => false, ); Of course you have to edit your LetsEncrypt docker: Domain Name: yourdomain.duckdns.org Subdomain(s): cloud Edited July 27, 2018 by Forusim Quote
barajas.uriel Posted August 6, 2018 Posted August 6, 2018 How would I go about setting up NZBGet as a subfolder? location /nzb { include /config/nginx/proxy.conf; proxy_pass http://192.168.1.3:6789/; } I either get the 404 error or I get this Quote
Random.Name Posted August 26, 2018 Posted August 26, 2018 well i recently moved and now i have a new ISP, router and so on. I managed to get almost everything working, exept letsencryt/ nginx. all my reverse proxys seem to be down, and i can't reach anything via my public domain. I went through the site-configs and changed the ip adresses to the new one, but i have no idea what else i need to do I get only "Site can't be reached" messages, so it seems like nothing is working. Ports are open. Any ideas? Quote
david279 Posted August 26, 2018 Posted August 26, 2018 well i recently moved and now i have a new ISP, router and so on. I managed to get almost everything working, exept letsencryt/ nginx. all my reverse proxys seem to be down, and i can't reach anything via my public domain. I went through the site-configs and changed the ip adresses to the new one, but i have no idea what else i need to do [emoji32] I get only "Site can't be reached" messages, so it seems like nothing is working. Ports are open. Any ideas?Is your new isp blocking port 80 or 443?Sent from my SM-G955U using Tapatalk 1 Quote
Random.Name Posted August 26, 2018 Posted August 26, 2018 40 minutes ago, david279 said: Is your new isp blocking port 80 or 443? Sent from my SM-G955U using Tapatalk does not seem like it, port 443 is open as far as i can see. Quote
JonathanM Posted August 26, 2018 Posted August 26, 2018 54 minutes ago, Random.Name said: does not seem like it, port 443 is open as far as i can see. How did you come to that conclusion? Does your new IP respond to pings externally? Does your domain properly resolve to that IP? Quote
Random.Name Posted August 26, 2018 Posted August 26, 2018 (edited) 22 minutes ago, jonathanm said: How did you come to that conclusion? Does your new IP respond to pings externally? Does your domain properly resolve to that IP? i checked for open ports with http://canyouseeme.org/ and for 443 i get an open port message. i checked for pings with https://ping.eu/ping/ the packages get lost, but the ip seems to be right. Also my VPN connction works just fine... Edited August 26, 2018 by Random.Name Quote
JonathanM Posted August 26, 2018 Posted August 26, 2018 Wait, have you tried actually connecting from an external address, or are you just trying to connect from inside the same network? Quote
Random.Name Posted August 27, 2018 Posted August 27, 2018 sorry for the late reply. It got quite late over here. i tried connecting to it via my smartphone (wifi off) and it did not work... today after a few hours of sleep everything seems to be just fine and running. V>ery strange, but i will not complain Quote
adammerkley Posted October 10, 2018 Posted October 10, 2018 (edited) I'm on Cox residential. Is there no way for me to do this since port 80 is blocked? I've tried to go around this by circumventing DuckDNS and registering a domain, and using CloudFlare as my name server, but I still can't figure out how to make DNS Validation work. Edited October 10, 2018 by adammerkley Quote
aptalca Posted October 10, 2018 Posted October 10, 2018 1 hour ago, adammerkley said: I'm on Cox residential. Is there no way for me to do this since port 80 is blocked? I've tried to go around this by circumventing DuckDNS and registering a domain, and using CloudFlare as my name server, but I still can't figure out how to make DNS Validation work. It's all explained in the docker image description on both github and docker hub 1 Quote
adoucette Posted October 10, 2018 Posted October 10, 2018 12 hours ago, adammerkley said: I'm on Cox residential. Is there no way for me to do this since port 80 is blocked? I've tried to go around this by circumventing DuckDNS and registering a domain, and using CloudFlare as my name server, but I still can't figure out how to make DNS Validation work. I'm on COX residential as well. Please refer to these posts as to how I was able to get it set up (per aptalca's excellent dockers and documentation!) and Hope it helps! 1 Quote
adammerkley Posted October 11, 2018 Posted October 11, 2018 (edited) Thank for the replies. Got LetsEncrypt DNS verification to work after messing around with various security settings on CloudFlare. Edited October 11, 2018 by adammerkley Quote
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.