Hi!
I'm trying to create a docker container with swag (Secure Web Application Gateway GitHub - linuxserver/docker-swag: Nginx webserver and reverse proxy with php support and a built-in Certbot (Let's Encrypt) client. It also contains fail2ban for intrusion prevention. ) using Portainer .
I checked with my modem and router and 443 and 80 ports are open and functional - tested with other container.
My variables:
PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin
PS1=$(whoami)@$(hostname):$(pwd)$
HOME=/root
TERM=xterm
DHLEVEL=2048
ONLY_SUBDOMAINS=false
AWS_CONFIG_FILE=/config/dns-conf/route53.ini
S6_BEHAVIOUR_IF_STAGE2_FAILS=2
PUID=1000
PGID=1000
TZ=America/Sao_Paulo
URL=keldorei.com
VALIDATION=http
Upon deploying the container, i got this message on log:
Certbot failed to authenticate some domains (authenticator: standalone). The Certificate Authority reported these problems:
Domain: keldorei.com
Type: unauthorized
Detail: Invalid response from http://keldorei.com/.well-known/acme-challenge/XDPlkRzbXIvMq7zypnAAjn4Db60oVdsYRwm6c-90r4Q [184.168.131.241]: "\n\n\n\n Keldorei</"
Hint: The Certificate Authority failed to download the challenge files from the temporary standalone webserver started by Certbot on port 80. Ensure that the listed domains point to this machine and that it can accept inbound connections from the internet.
I know this isn't LinuxServer.IO tech support, but i would be glad for any help.
Last night I've spent around 2 hours testing and fiddling around.
rg305
July 30, 2021, 5:16pm
2
What is this doing?:
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN"
"http://www.w3.org/TR/html4/strict.dtd">
<html>
<head>
<title>Keldorei</title>
<meta name="description" content="">
<meta name="keywords" content="Keldorei;Sistemas">
</head>
<frameset rows="100%,*" border="0">
<frame src="http://191.209.27.7/.well-known/acme-challenge/XDPlkRzbXIvMq7zypnAAjn4Db60oVdsYRwm6c-90r4Q" frameborder="0" />
</frameset>
</html>
[of course, I know, but do you?]
Thanks for the reply;
It seems that my 80 port is closed (as my browser tells), but when I point to my heimdal server (on the same portainer, but other port) it just works.
It leads me to believe that there's something amiss in my Portainer or docker image...
Probably some config in /config/nginx/site-confs/default file
I changed a little in hope to address this issue:
# redirect all traffic to https
# server {
# listen 80 default_server;
# listen [::]:80 default_server;
# server_name _;
# return 301 https://$host$request_uri;
#}
# main server block
server {
listen 443 ssl http2 default_server;
listen [::]:443 ssl http2 default_server;
listen 80 default_server;
listen [::]:80 default_server;
Should I just comment the 80 port?
I'm kinda new with linux servers and SSL and this is part of my newest homelab; I used to handle only with IIS and plain HTTP to my tests
rg305
July 30, 2021, 5:47pm
4
A server block that listens to both 80 and 443 is not for the novice to implement.
But you also need to first address the multiple IP, and FRAMEing, issues:
Name: keldorei.com
Address: 184.168.131.241
frame src="http://191.209.27.7/
oh....
this seems a problem with my GoDaddy account...
I got 2 DNS records to 184.168.131.241 and can't edit:
All I can edit:
-Nameservers (ns.domaincontrol.com )
-Import/Export Zone File (unix/windows)
-Forwarding ( where i put http://191.209.27.7 type 300 and forwarding with mask )
I'm considering migrating to cloudflare;
what are my options?
and thanks again!
rg305
July 30, 2021, 7:17pm
6
First try turning off anything related to domain parking or such in GoDaddy control panel.
Where are you going to host this site (which IP)?
1 Like
I think I managed to deactivate domain parking
I'm self hosting at 191.209.27.7
And I just got it!
Thanks!
All I needed was unpark my domain!
I just need config my swag now
1 Like
system
Closed
August 29, 2021, 8:01pm
8
This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.