Hi everyone,
I’m trying to set up a reverse proxy to access my ombi container from outside my network and I’m struggling hard. I’ve had my unRAID server running on a Dell Poweredge R710 for years but I’m still really green when it comes to networking. I’m going to include screenshots and logs of everything I think is relevant, but I am SURE I’ll be missing something so please let me know and I’ll provide it.
My domain is:
onrayombi.duckdns.org
I ran this command:
I launched the docker container with these settings (going to type them out because I’m a LE newb and can only upload 1 image)
http: 180
https: 1443
Domain Name: duckdns.org
Subdomain: onrayombi
Only Subdomains: true
Here are my Netgear Nighthawk C7000v2 Firmware (V1.02.04) Port Forwarding settings:
It produced this output:
[s6-init] making user provided files available at /var/run/s6/etc…exited 0.
[s6-init] ensuring user provided files have correct perms…exited 0.
[fix-attrs.d] applying ownership & permissions fixes…
[fix-attrs.d] done.
[cont-init.d] executing container initialization scripts…
[cont-init.d] 10-adduser: executing…
_ ()
| | ___ _ __
| | / | | | /
| | _ \ | | | () |
|| |/ || __/
Brought to you by linuxserver.io
We gratefully accept donations at:
https://www.linuxserver.io/donate/
GID/UID
User uid: 99
User gid: 100
[cont-init.d] 10-adduser: exited 0.
[cont-init.d] 20-config: executing…
[cont-init.d] 20-config: exited 0.
[cont-init.d] 30-keygen: executing…
generating self-signed keys in /config/keys, you can replace these with your own keys if required
Generating a RSA private key
…+++++
…+++++
writing new private key to ‘/config/keys/cert.key’
[cont-init.d] 30-keygen: exited 0.
[cont-init.d] 50-config: executing…
Variables set:
PUID=99
PGID=100
TZ=America/New_York
URL=duckdns.org
SUBDOMAINS=onrayombi
EXTRA_DOMAINS=
ONLY_SUBDOMAINS=true
DHLEVEL=2048
VALIDATION=http
DNSPLUGIN=
EMAIL=mcintyrehh@gmail.com
STAGING=
Created donoteditthisfile.conf
Creating DH parameters for additional security. This may take a very long time. There will be another message once this process is completed
Generating DH parameters, 2048 bit long safe prime, generator 2
This is going to take a long time
…+…+…+…+…+…+…+…+…+…+…+…+…+.+…+…+…+…+…+…+…+…+…+…+…+…+…+…+…+…+…+…+…+…+…+…+…+…+…+…+…+…+…+…+…+…+…+…+…+…+…+…+…+…+…+…+…+…+…+…+…+…+…+…+…+…+…+…+…+…+…+…+…+…+…+…+…+…+…+…+…+…+…+…+…+…+…+…+…+…+…+…+…+…+…+…+…+…+…+…+…+…+…+…+…+…+…+…+…+…+…+…+…+…+…+…+…+…+…+…+…+…+…++++++++
DH parameters successfully created - 2048 bits
SUBDOMAINS entered, processing
SUBDOMAINS entered, processing
Only subdomains, no URL in cert
Sub-domains processed are: -d onrayombi.duckdns.org
E-mail address entered: mcintyrehh@gmail.com
http validation is selected
Generating new certificate
Saving debug log to /var/log/letsencrypt/letsencrypt.log
Plugins selected: Authenticator standalone, Installer None
Obtaining a new certificate
Performing the following challenges:
http-01 challenge for onrayombi.duckdns.org
Waiting for verification…
Challenge failed for domain onrayombi.duckdns.org
http-01 challenge for onrayombi.duckdns.org
Cleaning up challenges
Some challenges have failed.
IMPORTANT NOTES:
- The following errors were reported by the server:
Domain: onrayombi.duckdns.org
Type: connection
Detail: Fetching
http://onrayombi.duckdns.org/.well-known/acme-challenge/hIF_JgQHoxZlv4NIlZJ3Cb7etBl-4j1KE7JI2YwkKRs:
Timeout during connect (likely firewall problem)
To fix these errors, please make sure that your domain name was
entered correctly and the DNS A/AAAA record(s) for that domain
contain(s) the right IP address. Additionally, please check that
your computer has a publicly routable IP address and that no
firewalls are preventing the server from communicating with the
client. If you’re using the webroot plugin, you should also verify
that you are serving files from the webroot path you provided.
- Your account credentials have been saved in your Certbot
configuration directory at /etc/letsencrypt. You should make a
secure backup of this folder now. This configuration directory will
also contain certificates and private keys obtained by Certbot so
making regular backups of this folder is ideal.
ERROR: Cert does not exist! Please see the validation error above. The issue may be due to incorrect dns or port forwarding settings. Please fix your settings and recreate the container
[cont-finish.d] executing container finish scripts…
[cont-finish.d] done.
[s6-finish] waiting for services.
[s6-finish] sending all processes the TERM signal.
[s6-finish] sending all processes the KILL signal and exiting.
[s6-init] making user provided files available at /var/run/s6/etc…exited 0.
[s6-init] ensuring user provided files have correct perms…exited 0.
[fix-attrs.d] applying ownership & permissions fixes…
[fix-attrs.d] done.
[cont-init.d] executing container initialization scripts…
[cont-init.d] 10-adduser: executing…
usermod: no changes
My web server is (include version):
Nginx? Not sure about this
The operating system my web server runs on is (include version):
unRAID Version 6.7.2
My hosting provider, if applicable, is:
Optimum? Not sure here
I can login to a root shell on my machine (yes or no, or I don’t know):
Yes (I think so?)
I’m using a control panel to manage my site (no, or provide the name and version of the control panel):
unRAID GUI
The version of my client is (e.g. output of certbot --version or certbot-auto --version if you’re using Certbot):
certbot 0.38.0