SeveredBox53 Posted March 8, 2019 Share Posted March 8, 2019 27 minutes ago, Kyubey said: How could you set up in a double reverse proxy with a vps like in this image? What's the purpose of the second reverse proxy? (Between the internet and the router) Wouldn't a regular proxy be better in that spot? Quote Link to comment
225redstick Posted March 10, 2019 Share Posted March 10, 2019 getting this on my domain and subdomain (cnames 😞 do i need to edit config files next??? Quote Link to comment
SpaceInvaderOne Posted March 11, 2019 Author Share Posted March 11, 2019 13 hours ago, 225redstick said: getting this on my domain and subdomain (cnames 😞 do i need to edit config files next??? Yep that will be because there is no config file that uses that subdomain. Just edit a config file to direct to whichever container you want to access from outside. Quote Link to comment
mfjonesy Posted March 13, 2019 Share Posted March 13, 2019 Has anyone been able to get this all working with Cloudflare DNS in front of everything? I've got it working perfectly if I disable routing through Cloudflare but I'd really like to be able to use Cloudflare's access system to authenticate users as well as the built in DDOS protection. Right now I'm using the NginxProxyManager docker from CA and connecting over HTTPS works like a charm. However if I enable a subdomain to route through Cloudflare then I get this error. I've disabled universal SSL in cloudflare and have the SSL setting to "off". Has anyone been able to get this working? Thanks Quote Link to comment
mfjonesy Posted March 13, 2019 Share Posted March 13, 2019 I got it working! I just followed the Cloudflare settings posted here. https://community.letsencrypt.org/t/integrating-letsencrypt-with-cloudflare-on-manually-possible/77046/2 Quote Link to comment
tola5 Posted March 13, 2019 Share Posted March 13, 2019 Really great work as always. I got it working just 2 question 1 I can go nextcloud.XXXX.XX and it work if I try too open it the docker or use the local ip it also go there when I look on the traffic in pfsense with ntopng it look like all data go out and ind = use my internet speed can I do so for the local it don't go that way around. 2 are there a way so you can use www. before just people often think that Quote Link to comment
hgelpke Posted March 13, 2019 Share Posted March 13, 2019 Is there a way to use subdomains to access virtual machines? Quote Link to comment
JonathanM Posted March 13, 2019 Share Posted March 13, 2019 1 hour ago, hgelpke said: Is there a way to use subdomains to access virtual machines? What do you mean by that? You can use subdomains to access pretty much anything you can access with a web browser. Quote Link to comment
Brandan Posted March 15, 2019 Share Posted March 15, 2019 (edited) Hey all, I am trying to set up LetsEncrypt but LetsEncrypt keeps giving me the message "Challenge failed for domain xxxx.duckdns.org". I have my ports forwarded correctly and have even tried re-forwarding port 80 to say my unraid web server just to test that it's accessible from the full dns/port number and that's fine (then deleted that forward). Question - Am I supposed to be able to access the http webpage of the letsencrypt docker regardless of any certs being issued? I'm just trying to make sure I can even access that port internally first. Otherwise, can an ISP block port 80 depending on the kind of request? I was obviously able to access the webpage of my server via port 80 but wasn't sure if there was anything LetsEncrypt does that could be getting blocked? If anyone has any idea's I could try to troubleshoot, it would be much appreciated! Edit: This is working now. I decided to call my ISP anyway to at least see if they could see anything trying to connect. Turns out port 80 / 443 was blocked. I assumed it wasn't as I was able to remotely connect over port 80 to other services. They said it could have been Hairpin NAT on my router basically working it out for me. As a general lesson I guess - always call your ISP FIRST to make sure that those ports are going to be open on their side before you go any further. Edited March 15, 2019 by Brandan Quote Link to comment
225redstick Posted March 18, 2019 Share Posted March 18, 2019 On 3/11/2019 at 5:50 AM, SpaceInvaderOne said: Yep that will be because there is no config file that uses that subdomain. Just edit a config file to direct to whichever container you want to access from outside. I would love a future video explaining editing out configs to point to subdomains, I still find that confusing as my goal is to limit my ports that are exposed. Do i edit/replace the default config file, this is the part I'm struggling with, how to set this up. Thanks again Quote Link to comment
225redstick Posted March 18, 2019 Share Posted March 18, 2019 Or do you have a good example letsencrypt default config file to share that i could use as a template for my subdomains pointing to radarr, sonarr, plex etc.? Quote Link to comment
SeveredBox53 Posted March 18, 2019 Share Posted March 18, 2019 1 hour ago, 225redstick said: Or do you have a good example letsencrypt default config file to share that i could use as a template for my subdomains pointing to radarr, sonarr, plex etc.? If you install the letsencrypt docker from linuxserver then it should come with template config files for radarr sonarr and plex. It should be in the proxy conf folder in the appdata folder for letsencrypt I can upload a template for you later if you need it. Quote Link to comment
SpaceInvaderOne Posted March 18, 2019 Author Share Posted March 18, 2019 Heres what to do if your isp blocks port 80 and you cant use http authentication to create your certificates. Also how to make a wildcard certificate. Quote Link to comment
225redstick Posted March 19, 2019 Share Posted March 19, 2019 9 hours ago, SeveredBox53 said: If you install the letsencrypt docker from linuxserver then it should come with template config files for radarr sonarr and plex. It should be in the proxy conf folder in the appdata folder for letsencrypt I can upload a template for you later if you need it. I see these, but not sure what do do with them. Do i copy/move them to each app folder or copy the text of each and put them all in the letsencrypt default config file? Quote Link to comment
SeveredBox53 Posted March 19, 2019 Share Posted March 19, 2019 1 hour ago, 225redstick said: I see these, but not sure what do do with them. Do i copy/move them to each app folder or copy the text of each and put them all in the letsencrypt default config file? No you don't need to copy them out of that folder. You just need to edit the file and put your website name where it is in the template. Ex. plex.thisismyrandomexamplewebpage.edu Make sure you enable viewing file extensions cause the templates are all inactive by default. To activate the file rename it from subdomain.radarr.config.sample to subdomain.radarr.config 1 Quote Link to comment
eric.ruck Posted March 23, 2019 Share Posted March 23, 2019 Awesome Vid, got this all up and running quickly and on the first try. Everything working great accessing from outside with phones and tablets. HOWEVER , now when I launch the WebUI for Letsencrypt I get an error page that says "Welcome to our server - website currently being setup under this address" I have restarted the containers, tried different browsers but still cannot get into the WebUI. Any ideas or help would be greatly appreciated. Quote Link to comment
carefreepastor Posted March 30, 2019 Share Posted March 30, 2019 Thank you for the excellent second video about using Cloudflare to workaround a closed port 80, which is the case with Cox. After purchasing a domain name from GoDaddy, I have Let's Encrypt running as a docker now using dns and the log shows that it started properly (log image enclosed). My current problem, however, relates to Home Assistant docker accessing the cert file so that it will open in https. I have mucked around for more than two weeks without coming up with a solution. And, yes, I did watch the first video about setting up Let's Encrypt with dockers other than Home Assistant. i have read many, many postings and videos about how to use Let's Encrypt with Home Assistant; nothing I have attempted as a result of these how-to's has allowed me to use Let's Encrypt to successfully access Home Assistant with https. I am at a total loss and obviously need careful guidance to straighten things out. I would be happy to uninstall the version of Home Assistant which I now have installed and start over. Quote Link to comment
McMeanF Posted April 2, 2019 Share Posted April 2, 2019 (edited) Hi So I can access my Nextcloud server using the app on my phone or a web browser from outside my network using the url of https://servername.domain.com (obviously not the real details) but when I try to use the Nextcloud app on my Windows machine it can't find the url so I have to try and use the internal private IP followed by the port number (xx.xx.xx.xx:444) but this won't let me log in and of course won't be accessible from outside my network. As Nextcloud runs of my Unraid machine which has a DNS resolver hostname of UNRAID (again, not real name) if I type UNRAID.MYDOMAIN.COM I get to the login of my Unraid server via HTTPS. If I then add another hostname to the resolver of say NEXTCLOUD it will still take me to the Unraid login page unless I put the ports after.... How do I get https://mynextcloud.mydomain.com to resolve internally and externally for use with the desktop app, without having to enter the ports and that gumph.....? TIA And love the videos Edited April 2, 2019 by McMeanF spelling mistake Quote Link to comment
JonathanM Posted April 2, 2019 Share Posted April 2, 2019 1 hour ago, McMeanF said: How do I get https://mynextcloud.mydomain.com to resolve internally and externally for use with the desktop app https://en.wikipedia.org/wiki/Hairpinning Your router needs to be able to redirect the requests properly. Google your router model along with hairpinning / reflection / loopback Quote Link to comment
McMeanF Posted April 4, 2019 Share Posted April 4, 2019 Thanks for the reply I'm using PfSense as my router, and have taken a different route. I'm now using HAProxy on PFSense as my reverse proxy, and then using the ACME Letsencrypt package for TLS certs. I've got it all working nicely internally and externally now. Cheers Quote Link to comment
carefreepastor Posted April 8, 2019 Share Posted April 8, 2019 On 3/29/2019 at 5:10 PM, carefreepastor said: Thank you for the excellent second video about using Cloudflare to workaround a closed port 80, which is the case with Cox. After purchasing a domain name from GoDaddy, I have Let's Encrypt running as a docker now using dns and the log shows that it started properly (log image enclosed). My current problem, however, relates to Home Assistant docker accessing the cert file so that it will open in https. I have mucked around for more than two weeks without coming up with a solution. And, yes, I did watch the first video about setting up Let's Encrypt with dockers other than Home Assistant. i have read many, many postings and videos about how to use Let's Encrypt with Home Assistant; nothing I have attempted as a result of these how-to's has allowed me to use Let's Encrypt to successfully access Home Assistant with https. I am at a total loss and obviously need careful guidance to straighten things out. I would be happy to uninstall the version of Home Assistant which I now have installed and start over. I still need help with this Quote Link to comment
olemal Posted April 9, 2019 Share Posted April 9, 2019 Good Morning. So am trying to get Nextcloud to work with Letsencrypt using Spaceinvaders guide. Note nextcloud works before configuring letsencrypt. When trying to connect to my sub domain its getting 502 Bad gateway. In the ngnix log: 2019/04/09 08:49:58 [error] 353#353: *162 connect() failed (111: Connection refused) while connecting to upstream, client: 10.0.0.1, server: cloud.*, request: "GET /apps/files/ HTTP/2.0", upstream: "https://172.18.0.4:444/apps/files/", host: "cloud.mydomain.com" Nextcloud docker: changed network to custom changed port to 444 NextCloud config.php 1 => 'cloud.mydomain.com', 'trusted_proxies' => ['letsencrypt'], ( tried with and without this line. ) 'overwrite.cli.url' => 'https://cloud.mydomain.com', 'overwritehost' => 'cloud.mydomain.com', 'overwriteprotocol' => 'https', nextcloud.subdomain.conf just changed nextcloud.* to cloud.* I have it working with ombi just cant seem to figure it out with nextcloud. Quote Link to comment
boostdd Posted April 13, 2019 Share Posted April 13, 2019 (edited) Hey folks, I followed SpaceInvader's video and it's "working". Since I'm using this for Ombi, I'm looking to keep the end-user process as simple as possible. I have my own (easy to remember) domain, and Ideally, I'd prefer not to use a sub-domain. I currently have a single CNAME record of www. It was the only way I could think of to get my DuckDNS configured on my domain's DNS. How can I set this up without the need of a subdomain, non-www URL, and redirect to HTTPS? I want folks to type in SimpleURL.com (non-www URL) and it redirects them to https://SimpleURL.com. I'm new to this process, especially NGINX. So any help with getting this configured would be amazing! EDIT: I was able to get HTTP to redirect to HTTPS by adding this to my Ombi CONF file. Now I just need to figure out a way to get non-www URL working. server { listen 80 default_server; listen [::]:80 default_server; server_name _; return 301 https://$host$request_uri; } EDIT-II: I set up a redirect on my domain, and that seems to be working, sorta. I set up SimpleURL.com redirect to www.SimpleURL.com. So when my friends and family enter SimpleURL.com, it now takes them to https://www.SimpleURL.com. So, in theory, it's working. Edited April 15, 2019 by boostdd Quote Link to comment
Edward Del Grosso Posted May 4, 2019 Share Posted May 4, 2019 Could someone provide a templete or give an idea how I can host multiple websites of my own making. I have this setup. Do I need to somehow configure the ngiinx in this container for additional sites or add and additional nginx server on the proxy network? Quote Link to comment
Ricin Posted May 5, 2019 Share Posted May 5, 2019 First off thank you SpaceInvaderOne for the amazing videos helped me no end of times. I want to run a Bitwarden internally on Unraid which is fine i can do that no problem. But I also want to use Brave as its based on Chrome. Out of the box it will not work for a home server of Bitwarden. Due to something about how Chrome handles HTTPS. I installed Bitwarden on Unraid works great with Firefox but as I say I use Brave. It will work if I use a Reverse Proxy such as LetsEncrypt in your great video. Thing is I do not want to open any ports on my router I do not need outside access to Bitwarden. I would all be handled internally on the LAN. But I do need to have it working under HTTPS. As far as I can tell I can only use LetsEncrypt if it opens port 443 on my router or have I misunderstood that. Can I can I follow your video for the reverse proxy and leave 443 closed and still have HTTPS on the LAN ? Thanks for any help. Quote Link to comment
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.