Portainer linuxserver docker-swag invalid response

Help
1

Hi!

I'm trying to create a docker container with swag (Secure Web Application Gateway GitHub - linuxserver/docker-swag: Nginx webserver and reverse proxy with php support and a built-in Certbot (Let's Encrypt) client. It also contains fail2ban for intrusion prevention. ) using Portainer .

I checked with my modem and router and 443 and 80 ports are open and functional - tested with other container.

My variables:

PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin
PS1=$(whoami)@$(hostname):$(pwd)$
HOME=/root
TERM=xterm
DHLEVEL=2048
ONLY_SUBDOMAINS=false
AWS_CONFIG_FILE=/config/dns-conf/route53.ini
S6_BEHAVIOUR_IF_STAGE2_FAILS=2
PUID=1000
PGID=1000
TZ=America/Sao_Paulo
URL=keldorei.com
VALIDATION=http

Upon deploying the container, i got this message on log:

Certbot failed to authenticate some domains (authenticator: standalone). The Certificate Authority reported these problems:

Domain: keldorei.com

Type: unauthorized

Detail: Invalid response from http://keldorei.com/.well-known/acme-challenge/XDPlkRzbXIvMq7zypnAAjn4Db60oVdsYRwm6c-90r4Q [184.168.131.241]: "\n\n\n\n Keldorei</"

Hint: The Certificate Authority failed to download the challenge files from the temporary standalone webserver started by Certbot on port 80. Ensure that the listed domains point to this machine and that it can accept inbound connections from the internet.

I know this isn't LinuxServer.IO tech support, but i would be glad for any help.
Last night I've spent around 2 hours testing and fiddling around.

2

What is this doing?:

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN"
   "http://www.w3.org/TR/html4/strict.dtd">
<html>
<head>
  <title>Keldorei</title>
  <meta name="description" content="">
  <meta name="keywords" content="Keldorei;Sistemas">
</head>
<frameset rows="100%,*" border="0">
  <frame src="http://191.209.27.7/.well-known/acme-challenge/XDPlkRzbXIvMq7zypnAAjn4Db60oVdsYRwm6c-90r4Q" frameborder="0" />
</frameset>
</html>

[of course, I know, but do you?]

3

Thanks for the reply;

It seems that my 80 port is closed (as my browser tells), but when I point to my heimdal server (on the same portainer, but other port) it just works.

It leads me to believe that there's something amiss in my Portainer or docker image...

Probably some config in /config/nginx/site-confs/default file

I changed a little in hope to address this issue:

# redirect all traffic to https
 # server {
 #    listen 80 default_server;
 #    listen [::]:80 default_server;
 #    server_name _;
 #    return 301 https://$host$request_uri;
 #}
 
 # main server block
 server {
     listen 443 ssl http2 default_server;
     listen [::]:443 ssl http2 default_server;
 
     listen 80 default_server;
     listen [::]:80 default_server;

Should I just comment the 80 port?

I'm kinda new with linux servers and SSL and this is part of my newest homelab; I used to handle only with IIS and plain HTTP to my tests

4

A server block that listens to both 80 and 443 is not for the novice to implement.

But you also need to first address the multiple IP, and FRAMEing, issues:

Name:    keldorei.com
Address: 184.168.131.241

frame src="http://191.209.27.7/

5

oh....
this seems a problem with my GoDaddy account...
I got 2 DNS records to 184.168.131.241 and can't edit:
image

All I can edit:
-Nameservers (ns.domaincontrol.com)
-Import/Export Zone File (unix/windows)
-Forwarding ( where i put http://191.209.27.7 type 300 and forwarding with mask )

I'm considering migrating to cloudflare;
what are my options?

and thanks again!

6

First try turning off anything related to domain parking or such in GoDaddy control panel.
Where are you going to host this site (which IP)?

1 Like
7

I think I managed to deactivate domain parking
image

I'm self hosting at 191.209.27.7

And I just got it!

Thanks!
All I needed was unpark my domain!

I just need config my swag now

1 Like
8

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.