Config redirection issue - certs pointing to Modem

My domain is: matchett-tech.com

I created the CNAME in my Domain hosting account and ensured they were pointing back to my public IP using a Wildcard.

I updated the Letsencrypt docker in UnRaid to match the CNAMEs created and can confirm that the docker is return a Server Ready result, indicating that the Sub-domains have been configured correctly and working.

I updated the config files for Sonarr and Radarr to again match the CNAMEs, but every time I try to visit the site page, it redirects me to my modem login page not the webpage for Sonarr or Radarr as expected.

2 Likes

I see your nginx server, so it’s probably only affecting you because you’re on the internal side of your NAT.

You probably need to re-assign the port used by your modem’s admin interface.

Once you do that, you should be able to see nginx, like I do.

2 Likes

Hi @xxbigfoot11xx

you are misunderstanding something. There is no CNAME - https://check-your-website.server-daten.de/?q=matchett-tech.com

Host Type IP-Address is auth. ∑ Queries ∑ Timeout
matchett-tech.com A 122.148.241.118 Perth/Western Australia/Australia (AU) - Vocus PTY LTD Hostname: 122-148-241-118.sta.wbroadband.net.au yes 1 0
AAAA yes
www.matchett-tech.com A 122.148.241.118 Perth/Western Australia/Australia (AU) - Vocus PTY LTD Hostname: 122-148-241-118.sta.wbroadband.net.au yes 1 0
AAAA yes
*.matchett-tech.com A 122.148.241.118 yes
AAAA yes
CNAME yes

There are two A records (non-www and www) and a wildcard A with the same domain name.

But that’s ok, a CNAME isn’t required.

Critical: There is a wrong certificate:

CN=tv.matchett-tech.com
	02.08.2020
	31.10.2020
expires in 86 days	movie.matchett-tech.com, ombi.matchett-tech.com, torrent.matchett-tech.com, tv.matchett-tech.com - 4 entries

so both connections are insecure.

But there is no redirect to your ip visible, so it’s only an internal problem.

PS: If it is a home pc: What happens, if your provider changes your ip address?

2 Likes

I have a static IP from my ISP.

Below is a screenshot from my hosting site with the CNAME added. What would i have to change to get it to work?

2 Likes

If you have a static ip, you don’t have the problem.

Your CNAME definitions are ok.

What’s the subdomain with the problem? Check that subdomain with “check-your-website”.

2 Likes

It’s all of the subdomains. TV is meant to redirect me to Sonarr, Movie to Radarr and Ombi to Ombit.

I’ve updated the config files as specified in the setup video I watched and it’s not redirecting me to the correct IP and port.

2 Likes

There are only T-results - timeouts:

Domainname Http-Status redirect Sec. G
http://tv.matchett-tech.com/ 122.148.241.118 -14 10.017 T
Timeout - The operation has timed out
https://tv.matchett-tech.com/ 122.148.241.118 -14 10.020 T
Timeout - The operation has timed out
http://tv.matchett-tech.com/.well-known/acme-challenge/check-your-website-dot-server-daten-dot-de 122.148.241.118 -14 10.020 T
Timeout - The operation has timed out

So the problem is only an internal problem. May be a wrong vHost definition.

Your main domain:

Server: nginx/1.18.0

See nginx -T to check your config.

2 Likes

I’m running Letsencrypt as a docker container in Unraid. running that command doesn’t return any values.

Would you know what else i can do? Sorry, i’m new to all this.

1 Like

Then you should not use such a

Use a simpler solution.

2 Likes

Your third A record is pointless, it applies to the fourth level domain matchett-tech.com.matchett-tech.com

Your CNAMEs are also pointless, your second A record does the same thing more efficiently (one less dns query).

(You can probably find a more efficient way to write the second A record, @ as IP? or move to an ANAME record to @ – see your dns docs – ANAME is similar to CNAME but only carries A and AAAA records over, not all the others, not CAA, especially.)

2 Likes

Please explain how else someone is meant to learn new things without try and failing at them? I am just asking for some assistance with this, no need to be condescending.

2 Likes

running an acme client inside a docker container is a painful process even for expert users. really. it’s an utter mess of shared volumes and more bullshit. probably acme.sh can do it in a less painful way, but it’s painful nonetheless.

2 Likes

I don’t know how docker works. I don’t know what Unraid is. Never used one of these tools / environments. This is a Letsencrypt forum. If you have trouble with one or with the combination of such solutions, please ask in a specialized forum.

And if something complex doesn’t work. “Use a simpler solution” is always the better way.

Create a solution with a standard nginx. Then you can add the next step.

2 Likes

My mistake, i’ll ask someone that knows that they are talking about. Thanks for the help.

HEY.

what the hell?

not everyone here is an expert on everything and nobody here has any duty to answer anybody’s questions. what do you think you’re doing?

2 Likes

Your cname needs to be edited to point at the site you want. So example my.ddns.com etc or wherever. Then you configure ddns to point at your IP, then setup the client that updates your IP, but in your case that won’t be necessary since you have a static IP. One last thing the ports will need to be added. Say you wanted to have people login to your server via login like you would just add www.mysite.com:8080 for example…nobody really notices since they’re clicking a link. Second option you can port forward from your free ddns to the correct port. I hope this helps…

1 Like

I said it in my last post, i’ll ask someone that knows about unraid and docker… don’t get sensitive

Thank you. I have gotten them all working now, but i’m unable to access internall. Would you know why that is?

Everything works as expected outside the network, but internally it fails.
.

Sorry, I can’t be of use here…

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.