Wong Posted August 2, 2020 Share Posted August 2, 2020 (edited) I have followed 2 of SpaceivanderOne videos as shown in the two links below: I manage to get my LetsEncrypte to work with the log as shown below: I am using my own domain of protech.my and I have set the cname to be nextcloud.protech.my Problem: when I try to access my url, it stated "The site can't be reached. nextcloud.protech.my took too long to respond." Could anyone help me to solve what is cause of this ? I am still a newbie to this. 1) 2) Brought to you by linuxserver.io ------------------------------------- To support the app dev(s) visit: Certbot: https://supporters.eff.org/donate/support-work-on-certbot To support LSIO projects visit: https://www.linuxserver.io/donate/ ------------------------------------- GID/UID ------------------------------------- User uid: 99 User gid: 100 ------------------------------------- [cont-init.d] 10-adduser: exited 0. [cont-init.d] 20-config: executing... [cont-init.d] 20-config: exited 0. [cont-init.d] 30-keygen: executing... using keys found in /config/keys [cont-init.d] 30-keygen: exited 0. [cont-init.d] 50-config: executing... Variables set: PUID=99 PGID=100 TZ=Asia/Singapore URL=protech.my SUBDOMAINS=wildcard EXTRA_DOMAINS= ONLY_SUBDOMAINS=true VALIDATION=dns DNSPLUGIN=cloudflare EMAIL=*********@gmail.com STAGING= SUBDOMAINS entered, processing Wildcard cert for only the subdomains of protech.my will be requested E-mail address entered: [email protected] dns validation via cloudflare plugin is selected Certificate exists; parameters unchanged; starting nginx Starting 2019/12/30, GeoIP2 databases require personal license key to download. Please retrieve a free license key from MaxMind, and add a new env variable "MAXMINDDB_LICENSE_KEY", set to your license key. [cont-init.d] 50-config: exited 0. [cont-init.d] 60-renew: executing... The cert does not expire within the next day. Letting the cron script handle the renewal attempts overnight (2:08am). [cont-init.d] 60-renew: exited 0. [cont-init.d] 99-custom-files: executing... [custom-init] no custom files found exiting... [cont-init.d] 99-custom-files: exited 0. [cont-init.d] done. [services.d] starting services [services.d] done. nginx: [alert] detected a LuaJIT version which is not OpenResty's; many optimizations will be disabled and performance will be compromised (see https://github.com/openresty/luajit2 for OpenResty's LuaJIT or, even better, consider using the OpenResty releases from https://openresty.org/en/download.html) Server ready Edited August 3, 2020 by Wong Topic Solved Quote Link to comment
Energen Posted August 2, 2020 Share Posted August 2, 2020 Have you opened the port on your router? Quote Link to comment
Wong Posted August 2, 2020 Author Share Posted August 2, 2020 @Energen I did try port forwarding port 80 to 180 and 443 to 1443. However, whenever I forward port 80 to 180, I was unable to load Unraid on my browser so as Nextcloud. I attached the port of my docker and router as well for reference. I am not sure if I done it correctly. Also, I was under the impression that if we use DNS verification as shown by Ed (Spaceinvader) as port 80 is been blocked by ISP, do we still have to port forward in our router? I also try using the Window Network Diagnose, I attached the error report below as well. Quote Link to comment
Danuel Posted August 2, 2020 Share Posted August 2, 2020 are you using cloudflare ? Quote Link to comment
Wong Posted August 2, 2020 Author Share Posted August 2, 2020 @Danuel Yes, I followed exactly according to Space Invader video. I have my registrar changed to the Cloudflare NS and added a new record of CNAME pointing to my duckdns.org domain with the setting changed from Proxied to DNS only. However, I will be also contacting the ISP people to ask them about their port forwarding policy tomorrow to see if they are able to configure for me. And I will update the forum. However, I am open to try any possible solution. Quote Link to comment
Danuel Posted August 2, 2020 Share Posted August 2, 2020 (edited) 2 hours ago, Wong said: @Danuel Yes, I followed exactly according to Space Invader video. I have my registrar changed to the Cloudflare NS and added a new record of CNAME pointing to my duckdns.org domain with the setting changed from Proxied to DNS only. However, I will be also contacting the ISP people to ask them about their port forwarding policy tomorrow to see if they are able to configure for me. And I will update the forum. However, I am open to try any possible solution. well, what i have done in close flare i enabled proxyed and i used a wildcard but you have to use a A name if your IP is static and if is dynamic a CNAME Edited August 2, 2020 by Danuel Quote Link to comment
Wong Posted August 3, 2020 Author Share Posted August 3, 2020 @Danuel My Public IP is dynamic but my private IP for my Unraid is static. I assume you are saying that if my Public IP is static then I use A else if my Public IP is dynamic then I should use CNAME, right? Quote Link to comment
testdasi Posted August 3, 2020 Share Posted August 3, 2020 3 hours ago, Wong said: @Danuel My Public IP is dynamic but my private IP for my Unraid is static. I assume you are saying that if my Public IP is static then I use A else if my Public IP is dynamic then I should use CNAME, right? You have your own domain, there's no need to use duckdns with Cloudflare. Try this: Get an API code from Cloudflare then go to the Unraid app store and look for the Cloudflare docker and use the API and domain info to set up Cloudflare DDNS with the docker. You can use A record with dynamic IP and even DDNS with static IP. CNAME has nothing to do with whether you have static or dynamic IP. A record points your root domain to a certain IP. (e.g. protech.my to 123.456.789.012). You can manually change your A record when your dynamic IP changes but obviously that's not the most convenient thing to do. DDNS detects your dynamic IP and repoint a certain subdomain to a certain IP when the IP changes. (e.g. www.protech.my to 123.456.789.012). It only works with subdomain but theoretically if you own the root domain then the DDNS service can also update the root domain A record for you automatically as well (but that's not necessarily always the case). If you have static IP then DDNS would work too, it just never changes the IP. CNAME points a certain subdomain to another domain / subdomain (e.g. www.protech.my to protech.my) The most common use of CNAME is to point "www" to the root domain. If you have any subdomain that you want to setup with a reverse proxy, you have to use CNAME so it points to either your root domain or your DDNS subdomain. 1 Quote Link to comment
Danuel Posted August 3, 2020 Share Posted August 3, 2020 1 hour ago, testdasi said: You have your own domain, there's no need to use duckdns with Cloudflare. Try this: Get an API code from Cloudflare then go to the Unraid app store and look for the Cloudflare docker and use the API and domain info to set up Cloudflare DDNS with the docker. You can use A record with dynamic IP and even DDNS with static IP. CNAME has nothing to do with whether you have static or dynamic IP. A record points your root domain to a certain IP. (e.g. protech.my to 123.456.789.012). You can manually change your A record when your dynamic IP changes but obviously that's not the most convenient thing to do. DDNS detects your dynamic IP and repoint a certain subdomain to a certain IP when the IP changes. (e.g. www.protech.my to 123.456.789.012). It only works with subdomain but theoretically if you own the root domain then the DDNS service can also update the root domain A record for you automatically as well (but that's not necessarily always the case). If you have static IP then DDNS would work too, it just never changes the IP. CNAME points a certain subdomain to another domain / subdomain (e.g. www.protech.my to protech.my) The most common use of CNAME is to point "www" to the root domain. If you have any subdomain that you want to setup with a reverse proxy, you have to use CNAME so it points to either your root domain or your DDNS subdomain. Well ya, that how i understand, did not worked for me with A record, and only if i enabled proxyed Quote Link to comment
testdasi Posted August 3, 2020 Share Posted August 3, 2020 1 hour ago, Danuel said: Well ya, that how i understand, did not worked for me with A record, and only if i enabled proxyed Disabling proxy will use normal DNS process which has a lag between your update of the A record and when it's effective so perhaps that was why it didn't work for you. Enabling it means it always routes through Cloudflare first (you can run DNS check and you will see Cloudflare IP instead of your actual IP). That means any update to the A record (you might even say it's a "virtual" A record) on Cloudflare would be effective practically immediately. The whole point of using Cloudflare DNS is its proxy capability so your actual IP isn't revealed (e.g. avoid DDOS) so there is really no reason to disable it. Quote Link to comment
Wong Posted August 3, 2020 Author Share Posted August 3, 2020 @testdasi @Danuel Alright. I have downloaded the Cloudflare ddns by oznu. The docker has added an A record in my Cloudflare account. However, do I still require to do port forwarding? 80 -> 180 and 443 -> 1443 in my router? I have attached the outcome when I try to access nextcloud.protech.my which is suppose to direct me to my Nextcloud docker. However, it is still not working. Stated Error 522. Connection timed out. Quote Link to comment
testdasi Posted August 3, 2020 Share Posted August 3, 2020 32 minutes ago, Wong said: @testdasi @Danuel Alright. I have downloaded the Cloudflare ddns by oznu. The docker has added an A record in my Cloudflare account. However, do I still require to do port forwarding? 80 -> 180 and 443 -> 1443 in my router? I have attached the outcome when I try to access nextcloud.protech.my which is suppose to direct me to my Nextcloud docker. However, it is still not working. Stated Error 522. Connection timed out. One thing at a time. Yes you must have port-forwarding for it to work. Once you set up port-forwarding, start the Lets-encrypt docker test protech.my to make sure you arrive at the default NGINX page (e.g. instead of cloudflare error) Then go to nginx config folder and do the .conf file Quote Link to comment
Wong Posted August 3, 2020 Author Share Posted August 3, 2020 @testdasi Yup I manage to arrive at the NGINX page. And what configuration I have to do in the .conf file to relate to my Nextcloud. Quote Link to comment
testdasi Posted August 3, 2020 Share Posted August 3, 2020 41 minutes ago, Wong said: @testdasi Yup I manage to arrive at the NGINX page. And what configuration I have to do in the .conf file to relate to my Nextcloud. If you use the lsio docker then in the nginx config should have a lot of ".sample" files. Look for nextcloud.subdomain.conf.sample and rename to nextcloud.subdomain.conf and then open it in an editor and follow the instructions. If you aren't sure how to do the config then ask in the letsencrypt support topic. 1 Quote Link to comment
Wong Posted August 3, 2020 Author Share Posted August 3, 2020 @testdasi @Danuel Thank you very much for your guys help. I manage to connected to my NextCloud. To anyone reading the post, this forum is solved on 4/8/2020. Thanks again guys. Much appreciated. Quote Link to comment
Danuel Posted August 3, 2020 Share Posted August 3, 2020 (edited) 8 minutes ago, Wong said: @testdasi @Danuel Thank you very much for your guys help. I manage to connected to my NextCloud. To anyone reading the post, this forum is solved on 4/8/2020. Thanks again guys. Much appreciated. happy that you finally manage made it work Edited August 3, 2020 by Danuel Quote Link to comment
Wong Posted August 6, 2020 Author Share Posted August 6, 2020 (edited) @testdasi@Danuel I just release I didn't pass the NextCloud thru Let's Encrypt. Basically, I port forwarded directly to my Nextcloud IP. that why it work. Could you guys share me your nextcloud.subdomain.conf file how you guys configure? I tried exactly like the spaceInvader video but it is not working. It always stuck at the Let's Encrypt web UI only. I have posted in the Let's Encrypt support forum already. But if you guys got a sample you could share it would be helpful for me to learn. Edited August 6, 2020 by Wong Quote Link to comment
Danuel Posted August 6, 2020 Share Posted August 6, 2020 7 minutes ago, Wong said: @testdasi@Danuel I just release I didn't pass the NextCloud thru Let's Encrypt. Basically, I port forwarded directly to my Nextcloud IP. that why it work. Could you guys share me your nextcloud.subdomain.conf file how you guys configure? I tried exactly like the spaceInvader video but it is not working. It always stuck at the Let's Encrypt web UI only. I have posted in the Let's Encrypt support forum already. But if you guys got a sample you could share it would be helpful for me to learn. i just changed the subdomain server_name nextcloud.*; nextcloud.subdomain.conf Quote Link to comment
Wong Posted August 17, 2020 Author Share Posted August 17, 2020 Final message: To anyone who is reading this, the thread has been solve. Please note that whenever saving the config or subdomain.conf file, please make sure it is not save in text file even though the extension is not shown in window. I change the save as file type as all type. In window 10, the icon of the config file should not look like a text file if you done it correctly. Quote Link to comment
Bifrost Systems Posted December 1, 2021 Share Posted December 1, 2021 HAVING SAME ISSUES. FOLLOWED SI TO a T and seem to be stuck on port forward I've followed every single step and still can't get this to work. I'm using Cloudflare DNS on unraid, got my api and everything going. I can see the swag instance on my LAN, but I can't see it connected to my subdomain on Cloudflare. I get the Error 522, that the host is down. I've got a netgear router, and the only port forward option is to tell the server to forward 1443. I've done all the settings, internal to external same, different, etc. What am I doing wrong here? Quote Link to comment
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.