aptalca Posted May 15, 2015 Share Posted May 15, 2015 maraschino is not installing the following message is in the log during startup, followed by repeated missing maraschino.py messages Err http://archive.ubuntu.com/ubuntu/ trusty-updates/main patch amd64 2.7.1-4ubuntu1 404 Not Found [iP: 91.189.91.24 80] E: Failed to fetch http://archive.ubuntu.com/ubuntu/pool/main/p/patch/patch_2.7.1-4ubuntu1_amd64.deb 404 Not Found [iP: 91.189.91.24 80] E: Unable to fetch some archives, maybe run apt-get update or try with --fix-missing? i know this one, lol. needs an apt-get update before the apt-get install of git in the edge script or install script. I'm confused. I also have this issue and am unsure how to fix it. Dont know much about linux I'm afraid. I submitted a pull request to smdion's github repo with changes proposed by sparkly. He merged it last week. But he also needs to initiate a new build on docker hub before we can install the fixed version of the container Link to comment
ReverendDan Posted May 16, 2015 Share Posted May 16, 2015 Oh okay. Sounds good, thanks aptalca! Link to comment
Techn0mancer Posted May 18, 2015 Share Posted May 18, 2015 I'm having an issue with headphones (sort of). When I used to run headphones as a plug-in, I would be able to load mp3tag on my laptop to tweak the metadata. Now I'm being told that the file "cannot be opened for writing". Headphones is very spotty when it comes to embedding metadata even when provided with a release group id. The album I just added, literally no metadata was added except for album art embedded in each file. No artist, track titles, year, genre, track numbers.. I get that it's most likely just a "thing" with Headphones, but it would be great if I could fix it easily like I used to be able to Link to comment
j0nnymoe Posted May 19, 2015 Share Posted May 19, 2015 Hi, Little help with the Beets container, if beets askes me a question with what to do with a album tag, how do I respond to it? Cheers **Fixed this myself, found I have to run this command: docker exec -i -t Beets beet ** Link to comment
aitkinst Posted May 20, 2015 Share Posted May 20, 2015 This is a complete newb question I'm sure but since the docker thing is a completely new concept to me. I have found all my other apps which have gui pages but since beets is a command line program. How do you access the beets docker once its up and running? Do you ssh to it some how or something? Link to comment
PitViper401 Posted May 20, 2015 Share Posted May 20, 2015 This is a complete newb question I'm sure but since the docker thing is a completely new concept to me. I have found all my other apps which have gui pages but since beets is a command line program. How do you access the beets docker once its up and running? Do you ssh to it some how or something? I'm trying to figure this out as well. I've managed to get PuTTY installed and used SSH to connect to my tower. I tried using the "docker exec Beets beets" command from the docker repo but this gives me an error docker-exec: failed to exec: exec: "beets": executable file not found in $PATH looking in my appdata/Beets, I found a file beets.sh which lead me to try docker exec Beets /config/beets.sh which spits out a whole mess of text, which are mostly errors. Link to comment
BRiT Posted May 21, 2015 Share Posted May 21, 2015 This is a complete newb question I'm sure but since the docker thing is a completely new concept to me. I have found all my other apps which have gui pages but since beets is a command line program. How do you access the beets docker once its up and running? Do you ssh to it some how or something? I'm trying to figure this out as well. I've managed to get PuTTY installed and used SSH to connect to my tower. I tried using the "docker exec Beets beets" command from the docker repo but this gives me an error docker-exec: failed to exec: exec: "beets": executable file not found in $PATH looking in my appdata/Beets, I found a file beets.sh which lead me to try docker exec Beets /config/beets.sh which spits out a whole mess of text, which are mostly errors. you need to pass it a directory to work on. #!/bin/bash # # beets music tagger - post-processing script # # Author: Rich Manton (overbyrn) # Date: 29-04-13 # # $1 - Fullpath of directory to be processed. eg./mnt/user/downloads/some.artist_some.album Link to comment
PitViper401 Posted May 21, 2015 Share Posted May 21, 2015 you need to pass it a directory to work on. You're right, and I also feel like an idiot, I just noticed the command is "docker exec Beets beet" I've been trying "docker exec Beets beets" Everything seems to work now, so I'm off to get this all set up. Link to comment
damonq Posted May 21, 2015 Share Posted May 21, 2015 Headphones Re-Encoding help please, Trying to set up lame/ffmpeg to re-encode flac to mp3 Using headphones docker with EDGE =1 variable Setting up with lame for post-processing give following log entry, 2015-05-21 07:14:35 WARNING Lame cannot encode .flac format for /downloads/Lana Del Rey - Ultraviolence (2014) [HDTracls 24-44,1]/12 - Black Beauty.flac, [glow=red,2,300]use ffmpeg[/glow] Using ffmpeg give the following log entries: 2015-05-21 07:54:12 ERROR One or more files failed to encode. Ensure you have the latest version of ffmpeg installed. 2015-05-21 07:54:12 ERROR Encoder raised an exception. Traceback (most recent call last): File "/opt/headphones/headphones/music_encoder.py", line 241, in command_map return command(*args) File "/opt/headphones/headphones/music_encoder.py", line 341, in command stderr=subprocess.PIPE) File "/usr/lib/python2.7/subprocess.py", line 710, in __init__ errread, errwrite) File "/usr/lib/python2.7/subprocess.py", line 1327, in _execute_child raise child_exception OSError: [Errno 13] Permission denied Just to rule out any possibilites set permissions on transcode and download directories to 777 and nobody:users Using codecs included in binhex's madsonic docker if that may make a difference (build: ffmpeg-2.4-64bit-static.tar.xz version: 2.4) any help or suggestions are appreciated thanks in advance, Link to comment
ironicbadger Posted May 25, 2015 Share Posted May 25, 2015 Just trying out upstatsboard with a completely stock config but I get an error others have had: root@epsilon:/mnt/user/appdata/upstats/config# cat config.js var config = module.exports = { // What mode do you want to run? // - normal: // Nothing is outputted to the console. // Logs are stored in logs/debug.log // NO debugging code is logged. // - debug: // Logs are displayed in the console as well as logged to file logs/debug.log // Debug logs are store and displayed as well. "runningMode": "debug", // Server Settings. "host": "0.0.0.0", "port": 8024, //"webRoot": "", // Allow UpsBoard check for new updates on startup and every 12 hours. "checkForUpdates": true, // Optional, If you want to stop the page requesting updates. "debugStopUpdating": false, // Optional, If you want to log the http requests. "logHttpRequests": true, // Required, Pick a username and password, On first run the password will get encrypted. "username": "admin", "userPassword": "[$2a$10$TXQLkx5aGtuUHusl050BM.jcwXGuDR0kr9gMT8.is7Y.WmIILdpTe]", // Optional, Either url, path, or email address(Gravatar) for user avatar. //"userAvatar": "", // Optional, If you want to include Google Analytics //"googleAnalyticsId": "", //"googleAnalyticsUrl": "", "drives": { "Label":{ "remote": false, "location": "/", // Optional, If your drive is on a machine running something other than linux. // Support Operating Systems: // mac & linux "os": "linux", // Required, if this is a remote drive. "host": "", "port": 22, "username": "", // One of the following are required. // "password": "", //// ssh-agent for linux // "sshAgent": true, //// Public/Private Key // "privateKey": "", // Absolute location of key. // "passphrase": "", // If public key, then leave empty. // Optional, Allow you to specify a total drive space. // Format: // (Size)(Unit) // Size: Any whole number. // Unit: Can be any of the following: // B, KB, MB, GB, TB, PB, EB // Example: // total: "5TB", total: "", // Optional, If you want to give the drive a different icon. icon: "" } }, "memory": { "Label": { // This allows you to display on bottom bar, when you have multiple memory monitors. "default": true, // Optional, If your getting the memory of a machine running something other than linux. // Support Operating Systems: // linux "os": "linux", // Required, if this is a remote server. "host": "", "port": 22, "username": "", // One of the following are required. // "password": "", //// ssh-agent for linux // "sshAgent": true, //// Public/Private Key // "privateKey": "", // Absolute location of key. // "passphrase": "", // If public key, then leave empty. } }, "bandwidthServers": { "Label": { // This allows you to display on bottom bar, when you have multiple bandwidth monitors. "default": true, // [Download, Upload] "maxSpeed": [100, 100], "remote": false, // Optional, Allow you specify if you have a bandwidth cap/limit. // Format: Download,Upload:10TB = If you bandwidth includes both upload and download, 10 terabytes is the cap. // Example: Upload:20TB = Only have a cap on your upload of 20 terabytes. // Download:20TB = Only have a cap on your download of 20 terabytes. // Download,Upload:250GB = Your whole connection is capped at 250 gigabytes. "cap": "", // Optional, Select the interface to to watch "interface": "eth0", // Optional, Select the path of vnStat, if not at the default location. "vnstatPath": "/path/to/vnstat", // Optional, Allows you specify the directory of the vnstat, if it is not at the default location. "vnstatDBDirectory": "/path/to/database/directory", // Required, if this is a remote server. "host": "", "port": 22, "username": "", // One of the following are required. // "password": "", //// ssh-agent for linux // "sshAgent": true, //// Public/Private Key // "privateKey": "", // Absolute location of key. // "passphrase": "", // If public key, then leave empty. } }, "services": { "Service Name": { "host": "", "port": 80, // Optional, This allows you to put a link on the button. "url": "", // Optional, Require the user to be logged in before they can see the link "loginRequired": false } }, "sabnzbd": { // Set to True if you want to disable sabnzbd from upsboard. "disable": false, // Optional, Allow user to logged out and use sabnzbd "anyoneCanUse": false, "protocol": "http://", "host": "", "port": 8080, "webRoot": "", "apiKey": "" }, "sickbeard": { // Set to True if you want to disable sickbeard from upsboard. "disable": false, "protocol": "http://", "host": "", "port": 8081, "webRoot": "", "apiKey": "" }, "plex": { "protocol": "http://", "host": "", "port": 32400, "username": "", "password": "", "recentTVSection": 2, "recentMovieSection": 1 }, // Optional, Forecast.io Api "weather": { "apiKey": "", "lat": "", "long": "", "useFahrenheit": true } }; config.version = 2; config.salt = "$2a$10$TXQLkx5aGtuUHusl050BM."; Link to comment
danioj Posted June 3, 2015 Share Posted June 3, 2015 Sean, Thank you very much for posting this repository. I just installed reverse proxy and have it up and running in no time at all. Your instructions as well as the setup are excellent. A quick question thought if I may. I notice that in your setup you always include the port number of the application that you are accessing. e.g to access CP: www.domainname.com:5050/couchpotato this shows ipaddress:5050/couchpotato easy BUT is there a way to drop the port? So I could have something like this: www.domainname.com/couchpotato and through forwarding and config in the background its still shows the application on port 5050 of the server? Hope this questions makes sense! Ta Daniel Link to comment
CHBMB Posted June 3, 2015 Share Posted June 3, 2015 Sean, Thank you very much for posting this repository. I just installed reverse proxy and have it up and running in no time at all. Your instructions as well as the setup are excellent. A quick question thought if I may. I notice that in your setup you always include the port number of the application that you are accessing. e.g to access CP: www.domainname.com:5050/couchpotato this shows ipaddress:5050/couchpotato easy BUT is there a way to drop the port? So I could have something like this: www.domainname.com/couchpotato and through forwarding and config in the background its still shows the application on port 5050 of the server? Hope this questions makes sense! Ta Daniel It's configured that way to tell Apache where to find Couchpotato. When you go to domainname.com/couchpotato it will redirect that request to IPADDRESS:5050/Couchpotato Link to comment
danioj Posted June 3, 2015 Share Posted June 3, 2015 It's configured that way to tell Apache where to find Couchpotato. When you go to domainname.com/couchpotato it will redirect that request to IPADDRESS:5050/Couchpotato Interesting. I have just tried that example and it does not work. My config includes: ProxyPass /cp http://192.168.1.2:5050/couchpotato ProxyPassReverse /cp http://192.168.1.2:5050/couchpotato So I am expecting that when I go to http://www.domainname.com/cp what I am presented with is the couch potato interface but all i get is a 404 /cp not found. Interestingly when I open 5050 on the router and drop the /cp from the ProxyPass lines its does work! BUT - I don't want to have to expose the application to the world. Sort of defeats the objective for me really - otherwise id just open the port and go to www.domain.com:port I am trying to achieve getting the routing and forwarding done server side and presenting the application to the world as if it was part of the web site. Then I can password protect access using apache and never having to expose the app to the world or have a whole range of ports open on my router. Id like to just get away with 80 and 443 and server all my apps running on all sorts of different ports via a proxy. Link to comment
CHBMB Posted June 3, 2015 Share Posted June 3, 2015 I am trying to achieve getting the routing and forwarding done server side and presenting the application to the world as if it was part of the web site. Then I can password protect access using apache and never having to expose the app to the world or have a whole range of ports open on my router. Id like to just get away with 80 and 443 and server all my apps running on all sorts of different ports via a proxy. Here's my proxy-config.conf section for couchpotato (You can ignore all the auth stuff and require user lines at the moment - but would recommend setting it all up before you put couchpotato internet facing. <Location /couch> ProxyPass http://192.168.1.1:5050/couch ProxyPassReverse http://192.168.1.1:5050/couch AuthUserFile /config/.htpasswd AuthType Basic AuthName "CouchPotato" Require user CHBMB </Location> And my settings in couchpotato. Link to comment
CHBMB Posted June 3, 2015 Share Posted June 3, 2015 I am trying to achieve getting the routing and forwarding done server side and presenting the application to the world as if it was part of the web site. Then I can password protect access using apache and never having to expose the app to the world or have a whole range of ports open on my router. Id like to just get away with 80 and 443 and server all my apps running on all sorts of different ports via a proxy. This should help you, most of the stuff is working, in general there are two components to getting things to work, one is the proxyconfig.conf and the second is the application itself, some applications need some config files editing, plexrequests needs to be on a subdomain etc. Here's my proxyconfig.conf - it's very much a work in progress that's ongoing, it also redirects all traffic on port 80 to 443. <VirtualHost *:443> ServerName server.com ServerAdmin webmaster@localhost DocumentRoot /var/www SSLEngine on SSLProtocol All -SSLv2 -SSLv3 SSLCipherSuite AES128+EECDH:AES128+EDH SSLCertificateFile /config/ssl.crt SSLCertificateKeyFile /config/decryptedssl.key SSLCertificateChainFile /config/sub.class1.server.ca.pem SSLProxyEngine On SSLProxyVerify none SSLProxyCheckPeerCN off SSLProxyCheckPeerName off SSLProxyCheckPeerExpire off ProxyRequests off #<Location /> # AuthType Basic # AuthName "Website" # AuthUserFile /config/.htpasswd # Require valid-user # Order allow,deny # Allow from all #</Location> <Location /couch> ProxyPass http://192.168.1.1:5050/couch ProxyPassReverse http://192.168.1.1:5050/couch AuthUserFile /config/.htpasswd AuthType Basic AuthName "CouchPotato" Require user chbmb </Location> <Location /cherrymusic> ProxyPass http://192.168.1.101:8070/cherrymusic ProxyPassReverse http://192.168.1.101:8070/cherrymusic AuthUserFile /config/.htpasswd AuthType Basic AuthName "Music" Require chbmb </Location> <Location /deluge> RequestHeader append X-Deluge-Base "/deluge/" ProxyPass http://192.168.1.1:8112 ProxyPassReverse http://192.168.1.1:8112 AuthUserFile /config/.htpasswd AuthType Basic AuthName "Deluge" Require user chbmb </Location> <Location /guacamole> ProxyPass http://192.168.1.1:8082/guacamole max=20 flushpackets=on ProxyPassReverse http://192.168.1.1:8082/guacamole AuthUserFile /config/.htpasswd AuthType Basic AuthName "Guacamole" Require user chbmb </Location> <Location /nzbget> ProxyPass http://192.168.1.1:6789/nzbget ProxyPassReverse http://192.168.1.1:6789/nzbget AuthUserFile /config/.htpasswd AuthType Basic AuthName "NZBGet" Require user chbmb </Location> <Location /nzbmegasearch> ProxyPass http://192.168.1.1:5000 ProxyPassReverse http://192.168.1.1:5000 AuthUserFile /config/.htpasswd AuthType Basic AuthName "NZBMegaSearch" Require user chbmb </Location> <Location /owncloud> ProxyPass https://192.168.1.1:8000 ProxyPassReverse https://192.168.1.1:8000 </Location> <Location /sonarr> ProxyPass http://192.168.1.1:8989/sonarr ProxyPassReverse http://192.168.1.1:8989/sonarr AuthUserFile /config/.htpasswd AuthType Basic AuthName "Sonarr" Require user chbmb </Location> <Directory "/var/www/adminer/> AuthType Basic AuthName "Adminer" AuthUserFile /config/.htpasswd Require valid-user AllowOverride All Options FollowSymlinks Order allow,deny Allow from all </Directory> <Directory "/var/www/books/"> AuthType Basic AuthName "Library" AuthUserFile /config/.htpasswd Require valid-user AllowOverride None Order allow,deny Allow from all </Directory> <Directory "/var/www/freshrss/"> AuthType Basic AuthName "FreshRSS" AuthUserFile /config/.htpasswd Require valid-user AllowOverride None Order allow,deny Allow from all </Directory> <Directory "/var/www/lychee/"> AuthType Basic AuthName "Photos" AuthUserFile /config/.htpasswd Require valid-user AllowOverride None Order allow,deny Allow from all </Directory> <Directory "/var/www/php"> Options FollowSymLinks DirectoryIndex index.php AuthType Basic AuthName "phpMyAdmin" AuthUserFile /config/.htpasswd Require user chbmb Order allow,deny Allow from all </Directory> <Directory "/var/www/phpservermonitor/"> AuthType Basic AuthName "PHPServerMonitor" AuthUserFile /config/.htpasswd Require valid-user AllowOverride None Order allow,deny Allow from all </Directory> #<Directory /var/www/sonerezh> # Options -Indexes # AllowOverride All # <IfModule mod_authz_core.c> # Require all granted # </IfModule> #</Directory> <Directory "/var/www/wallabag/"> AuthType Basic AuthName "Wallabag" AuthUserFile /config/.htpasswd Require valid-user AllowOverride None Order allow,deny Allow from all </Directory> <Directory /var/www/wordpress> Options Indexes FollowSymLinks MultiViews AuthType Basic AuthName "Wordpress" AuthUserFile /config/.htpasswd Require user chbmb AllowOverride None Order allow,deny Allow from all </Directory> </VirtualHost> <VirtualHost *:80> ServerName server.com ServerAdmin webmaster@localhost <Location /> Order deny,allow Deny from all </Location> RewriteEngine On RewriteRule ^/?(.*) https://server.com/$1 [R=301,L] </VirtualHost> <VirtualHost *:443> ServerName requests.server.com ServerAdmin webmaster@localhost DocumentRoot /var/www SSLEngine on SSLProtocol All -SSLv2 -SSLv3 SSLCipherSuite AES128+EECDH:AES128+EDH SSLCertificateFile /config/requests/ssl.crt SSLCertificateKeyFile /config/requests/decryptedssl.key SSLCertificateChainFile /config/requests/sub.class1.server.ca.pem SSLProxyEngine On SSLProxyVerify none SSLProxyCheckPeerCN off SSLProxyCheckPeerName off SSLProxyCheckPeerExpire off ProxyRequests Off ProxyPreserveHost On ProxyPass / http://192.168.1.1:3000/ ProxyPassReverse / http://192.168.1.1:3000/ </VirtualHost> #PlexRequests <VirtualHost *:80> ServerName requests.server.com ServerAdmin webmaster@localhost <Location /> Order deny,allow Deny from all </Location> RewriteEngine On RewriteRule ^/?(.*) https://requests.server.com/$1 [R=301,L] </VirtualHost> Link to comment
danioj Posted June 4, 2015 Share Posted June 4, 2015 I am trying to achieve getting the routing and forwarding done server side and presenting the application to the world as if it was part of the web site. Then I can password protect access using apache and never having to expose the app to the world or have a whole range of ports open on my router. Id like to just get away with 80 and 443 and server all my apps running on all sorts of different ports via a proxy. This should help you, most of the stuff is working, in general there are two components to getting things to work, one is the proxyconfig.conf and the second is the application itself, some applications need some config files editing, plexrequests needs to be on a subdomain etc. Here's my proxyconfig.conf - it's very much a work in progress that's ongoing, it also redirects all traffic on port 80 to 443. <VirtualHost *:443> ServerName server.com ServerAdmin webmaster@localhost DocumentRoot /var/www SSLEngine on SSLProtocol All -SSLv2 -SSLv3 SSLCipherSuite AES128+EECDH:AES128+EDH SSLCertificateFile /config/ssl.crt SSLCertificateKeyFile /config/decryptedssl.key SSLCertificateChainFile /config/sub.class1.server.ca.pem SSLProxyEngine On SSLProxyVerify none SSLProxyCheckPeerCN off SSLProxyCheckPeerName off SSLProxyCheckPeerExpire off ProxyRequests off #<Location /> # AuthType Basic # AuthName "Website" # AuthUserFile /config/.htpasswd # Require valid-user # Order allow,deny # Allow from all #</Location> <Location /couch> ProxyPass http://192.168.1.1:5050/couch ProxyPassReverse http://192.168.1.1:5050/couch AuthUserFile /config/.htpasswd AuthType Basic AuthName "CouchPotato" Require user chbmb </Location> <Location /cherrymusic> ProxyPass http://192.168.1.101:8070/cherrymusic ProxyPassReverse http://192.168.1.101:8070/cherrymusic AuthUserFile /config/.htpasswd AuthType Basic AuthName "Music" Require chbmb </Location> <Location /deluge> RequestHeader append X-Deluge-Base "/deluge/" ProxyPass http://192.168.1.1:8112 ProxyPassReverse http://192.168.1.1:8112 AuthUserFile /config/.htpasswd AuthType Basic AuthName "Deluge" Require user chbmb </Location> <Location /guacamole> ProxyPass http://192.168.1.1:8082/guacamole max=20 flushpackets=on ProxyPassReverse http://192.168.1.1:8082/guacamole AuthUserFile /config/.htpasswd AuthType Basic AuthName "Guacamole" Require user chbmb </Location> <Location /nzbget> ProxyPass http://192.168.1.1:6789/nzbget ProxyPassReverse http://192.168.1.1:6789/nzbget AuthUserFile /config/.htpasswd AuthType Basic AuthName "NZBGet" Require user chbmb </Location> <Location /nzbmegasearch> ProxyPass http://192.168.1.1:5000 ProxyPassReverse http://192.168.1.1:5000 AuthUserFile /config/.htpasswd AuthType Basic AuthName "NZBMegaSearch" Require user chbmb </Location> <Location /owncloud> ProxyPass https://192.168.1.1:8000 ProxyPassReverse https://192.168.1.1:8000 </Location> <Location /sonarr> ProxyPass http://192.168.1.1:8989/sonarr ProxyPassReverse http://192.168.1.1:8989/sonarr AuthUserFile /config/.htpasswd AuthType Basic AuthName "Sonarr" Require user chbmb </Location> <Directory "/var/www/adminer/> AuthType Basic AuthName "Adminer" AuthUserFile /config/.htpasswd Require valid-user AllowOverride All Options FollowSymlinks Order allow,deny Allow from all </Directory> <Directory "/var/www/books/"> AuthType Basic AuthName "Library" AuthUserFile /config/.htpasswd Require valid-user AllowOverride None Order allow,deny Allow from all </Directory> <Directory "/var/www/freshrss/"> AuthType Basic AuthName "FreshRSS" AuthUserFile /config/.htpasswd Require valid-user AllowOverride None Order allow,deny Allow from all </Directory> <Directory "/var/www/lychee/"> AuthType Basic AuthName "Photos" AuthUserFile /config/.htpasswd Require valid-user AllowOverride None Order allow,deny Allow from all </Directory> <Directory "/var/www/php"> Options FollowSymLinks DirectoryIndex index.php AuthType Basic AuthName "phpMyAdmin" AuthUserFile /config/.htpasswd Require user chbmb Order allow,deny Allow from all </Directory> <Directory "/var/www/phpservermonitor/"> AuthType Basic AuthName "PHPServerMonitor" AuthUserFile /config/.htpasswd Require valid-user AllowOverride None Order allow,deny Allow from all </Directory> #<Directory /var/www/sonerezh> # Options -Indexes # AllowOverride All # <IfModule mod_authz_core.c> # Require all granted # </IfModule> #</Directory> <Directory "/var/www/wallabag/"> AuthType Basic AuthName "Wallabag" AuthUserFile /config/.htpasswd Require valid-user AllowOverride None Order allow,deny Allow from all </Directory> <Directory /var/www/wordpress> Options Indexes FollowSymLinks MultiViews AuthType Basic AuthName "Wordpress" AuthUserFile /config/.htpasswd Require user chbmb AllowOverride None Order allow,deny Allow from all </Directory> </VirtualHost> <VirtualHost *:80> ServerName server.com ServerAdmin webmaster@localhost <Location /> Order deny,allow Deny from all </Location> RewriteEngine On RewriteRule ^/?(.*) https://server.com/$1 [R=301,L] </VirtualHost> <VirtualHost *:443> ServerName requests.server.com ServerAdmin webmaster@localhost DocumentRoot /var/www SSLEngine on SSLProtocol All -SSLv2 -SSLv3 SSLCipherSuite AES128+EECDH:AES128+EDH SSLCertificateFile /config/requests/ssl.crt SSLCertificateKeyFile /config/requests/decryptedssl.key SSLCertificateChainFile /config/requests/sub.class1.server.ca.pem SSLProxyEngine On SSLProxyVerify none SSLProxyCheckPeerCN off SSLProxyCheckPeerName off SSLProxyCheckPeerExpire off ProxyRequests Off ProxyPreserveHost On ProxyPass / http://192.168.1.1:3000/ ProxyPassReverse / http://192.168.1.1:3000/ </VirtualHost> #PlexRequests <VirtualHost *:80> ServerName requests.server.com ServerAdmin webmaster@localhost <Location /> Order deny,allow Deny from all </Location> RewriteEngine On RewriteRule ^/?(.*) https://requests.server.com/$1 [R=301,L] </VirtualHost> Really appreciate your help. I am getting there (I think) but have hit another issue. Rather than go ALL in with the config I am going step by step to understand. So to start at the moment I am just trying to serve the file in my web root over ssl. <VirtualHost *:1443> ServerName domain.com ServerAlias domain.com ServerAdmin [email protected] DocumentRoot /web SSLEngine on SSLProtocol All -SSLv2 SSLCipherSuite ALL:!ADH:!EXPORT:!SSLv2:RC4+RSA:+HIGH:+MEDIUM SSLCertificateFile /config/filename.crt SSLCertificateKeyFile /config/domain.com.key SSLCertificateChainFile /config/filename.crt </VirtualHost> <VirtualHost *:1080> ServerName domain.com ServerAlias domain.com ServerAdmin [email protected] DocumentRoot /web ErrorLog ${APACHE_LOG_DIR}/error.log CustomLog ${APACHE_LOG_DIR}/access.log combined </VirtualHost> Note: I have replaced the names of the files with <filename> and the name of my domain to <domain.com> everything else is exactly as is. When I run with just <VirtualHost *:1080> everything works fine. Web server serves the web page all good. When I add the <VirtualHost *:1443> section for SSL I start to get the following error in the docker log: *And it just repeats over and over again! /config/ MODIFY proxy-config.conf File in Config Folder Changed, Restarted Setting up watches. Watches established. * Stopping web server apache2 * * Stopping web server apache2 * * Stopping web server apache2 * * Stopping web server apache2 * * Stopping web server apache2 * * Stopping web server apache2 * * Stopping web server apache2 * * Stopping web server apache2 * * Stopping web server apache2 * /config/ MODIFY proxy-config.conf File in Config Folder Changed, Restarted Setting up watches. Watches established. * Stopping web server apache2 * * Stopping web server apache2 * * Stopping web server apache2 * One thing I have noticed is that I don't have a *.pem file. I did not generate my certificate I bought it from GoDaddy. I did this because it was almost free so I thought why not. But when I generated the certificate using their web site they have given me a 2 x *.crt files (one which is the certificate and one is what they are calling a bundle file) and their instructions say to put that as the SSLCertificateChainFile. I also specified a password to the key file when I created it on my server. Can you see where I am going wrong? Link to comment
danioj Posted June 4, 2015 Share Posted June 4, 2015 Really appreciate your help. I am getting there (I think) but have hit another issue. Rather than go ALL in with the config I am going step by step to understand. So to start at the moment I am just trying to serve the file in my web root over ssl. <VirtualHost *:1443> ServerName domain.com ServerAlias domain.com ServerAdmin [email protected] DocumentRoot /web SSLEngine on SSLProtocol All -SSLv2 SSLCipherSuite ALL:!ADH:!EXPORT:!SSLv2:RC4+RSA:+HIGH:+MEDIUM SSLCertificateFile /config/filename.crt SSLCertificateKeyFile /config/domain.com.key SSLCertificateChainFile /config/filename.crt </VirtualHost> <VirtualHost *:1080> ServerName domain.com ServerAlias domain.com ServerAdmin [email protected] DocumentRoot /web ErrorLog ${APACHE_LOG_DIR}/error.log CustomLog ${APACHE_LOG_DIR}/access.log combined </VirtualHost> Note: I have replaced the names of the files with <filename> and the name of my domain to <domain.com> everything else is exactly as is. When I run with just <VirtualHost *:1080> everything works fine. Web server serves the web page all good. When I add the <VirtualHost *:1443> section for SSL I start to get the following error in the docker log: *And it just repeats over and over again! /config/ MODIFY proxy-config.conf File in Config Folder Changed, Restarted Setting up watches. Watches established. * Stopping web server apache2 * * Stopping web server apache2 * * Stopping web server apache2 * * Stopping web server apache2 * * Stopping web server apache2 * * Stopping web server apache2 * * Stopping web server apache2 * * Stopping web server apache2 * * Stopping web server apache2 * /config/ MODIFY proxy-config.conf File in Config Folder Changed, Restarted Setting up watches. Watches established. * Stopping web server apache2 * * Stopping web server apache2 * * Stopping web server apache2 * One thing I have noticed is that I don't have a *.pem file. I did not generate my certificate I bought it from GoDaddy. I did this because it was almost free so I thought why not. But when I generated the certificate using their web site they have given me a 2 x *.crt files (one which is the certificate and one is what they are calling a bundle file) and their instructions say to put that as the SSLCertificateChainFile. I also specified a password to the key file when I created it on my server. Can you see where I am going wrong? The more I am reading I feel like this issue might be that I have added a passphrase to the .key file. Now I have more issues though. I used this command to remove the passphrase: openssl rsa -in domain.com.key -out new.key But get this error: unable to load Private Key 47441533537152:error:0906D06C:PEM routines:PEM_read_bio:no start line:pem_lib.c:696:Expecting: ANY PRIVATE KEY I am thinking that this must been that something is wrong with my key file I guess - if I can't even load it to remove the passphrase. Maybe this is causing apache to crap out when I add the ssl virtual host to the config file. I did check the format of the keyfile and it looks ok to me. Well - it is the .key file which was produced when I run the csr generator anyway. -----BEGIN CERTIFICATE REQUEST----- <keydatahere> -----END CERTIFICATE REQUEST----- Sigh. I am getting out of my depth! Link to comment
CHBMB Posted June 4, 2015 Share Posted June 4, 2015 First of all are you forwarding 443 on your router to 1443 on your Unraid box and 80 on your router to 1080 on your Unraid box? Second thing is I then created a php.info file and put it in the /web folder and just confirmed I could access my website on port 80 without SSL. I then gradually added configs to my setup on port 80 until that was working then migrated to 443. Made it a lot easier to identify where the problems were occurring when you do things in a stepwise manner. I generated my SSL via the StartSSL website following the instructions on smdion's website so I can't help you with that one as you're using GoDaddy. Link to comment
CHBMB Posted June 4, 2015 Share Posted June 4, 2015 Oh, and at the moment Apache isn't running because of your SSL issues, so until you either remove it from the equation for the time being or fix it I don't see any point in trying to sort anything else out. Currently at work and on my phone so sorry for the brief replies. Link to comment
danioj Posted June 4, 2015 Share Posted June 4, 2015 First of all are you forwarding 443 on your router to 1443 on your Unraid box and 80 on your router to 1080 on your Unraid box? Second thing is I then created a php.info file and put it in the /web folder and just confirmed I could access my website on port 80 without SSL. I then gradually added configs to my setup on port 80 until that was working then migrated to 443. Made it a lot easier to identify where the problems were occurring when you do things in a stepwise manner. I generated my SSL via the StartSSL website following the instructions on smdion's website so I can't help you with that one as you're using GoDaddy. Don't worry about the ports, I have forwarding on my router working fine. All works to web pages on port 80. No problem. When I am not using ssl all works fine. I generated my ssl keys by executing the following: openssl req -new -newkey rsa:2048 -nodes -keyout yourdomain.key -out yourdomain.csr I then pasted the full CSR into the SSL enrollment form in your account which generated the 2 *.crt files I have. Instructions I followed were here: https://support.godaddy.com/help/article/5269/generating-a-certificate-signing-request-csr-apache-2-x# Oh, and at the moment Apache isn't running because of your SSL issues, so until you either remove it from the equation for the time being or fix it I don't see any point in trying to sort anything else out. Currently at work and on my phone so sorry for the brief replies. I have noticed that the .key file that I generated is identical in content to the .csr file. As in they are both formatted as such: -----BEGIN CERTIFICATE REQUEST----- <keydatahere> -----END CERTIFICATE REQUEST----- I almost feel like the .key file should have the following format: -----BEGIN PRIVATE KEY----- <keydatahere> -----END PRIVATE KEY----- BUT - that is what the command created so I guess it can't be wrong. I wish I had never added this damn passphrase to the file. I am guessing what the issue is here. I feel that apache2 doesn't start because it can't read the .key file because I have added a passphrase and I can't use a passphrase with the docker. But that doesn't explain why the command to decrypt it doesn't / can't read the .key file either! I am lost here! I really don't want to have to reissue the certificate with the provider unless I know what the problem is. Anyone at all? P.S. Man there is ALLOT of crap about ssl on the web! Link to comment
danioj Posted June 4, 2015 Share Posted June 4, 2015 I am lost here! I really don't want to have to reissue the certificate with the provider unless I know what the problem is. Anyone at all? P.S. Man there is ALLOT of crap about ssl on the web! Well, I have fixed the ssl part of the equation. I might just leave it there for the night. It turns out the .key file that I created was buggered. I created a new CSR and resubmitted to my certificate vendor who re-issued and then I no longer got the apache restarting error. I had my setup as such: Docker port: 80 and 443 bridged to port 1080 and 1443 on the host. Then had the router with ports 80 and 443 open forwarding to host 1080 and 1443. Seemed to work with http just not https. Seen as though the only thing I was bothered about was not messing with Unraid GUI port I just changed the docker port mapping back to 443 and forwarded the router 443 port straight through and it works fine. For some reason the port forwarding works with http just not https (with https it just hung). Anyway - non issue now. It's working! Time to finish the day on a high and go to bed. Thanks for all your help so far CHBMB. Link to comment
CHBMB Posted June 4, 2015 Share Posted June 4, 2015 Yeah I have my webui on port 80 and Apache on ports 81/443 and nginx on ports 82/444 (Haven't set up Nginx yet but want to at some point) To give you some hope with it all I need to admit I had no experience with Apache or Nginx at all until February and only a limited exposure to IIS on Windows following tutorials online, I'm not an IT professional either. It gets easier as you go. Smdion was very helpful for me when I was just starting, also the beauty of docker is you can read about Apache configs on Ubuntu or other distros and apply that here. Well done mate! Link to comment
smdion Posted June 10, 2015 Author Share Posted June 10, 2015 Hey Everyone Updated to phusion .16, I also have some more spare time so let me know of any annoying bugs and I'll squash them. Thanks to all who have been supporting in my absence. Link to comment
CHBMB Posted June 12, 2015 Share Posted June 12, 2015 Just trying out upstatsboard with a completely stock config but I get an error others have had: ironicbadger, did you ever get this figured out? I'm wrestling with it and not getting anywhere. If so would you mind posting your config? Thanks Sean, if you're still around then the link in your build thread to the config.js isn't working either. Link to comment
smdion Posted June 12, 2015 Author Share Posted June 12, 2015 Just trying out upstatsboard with a completely stock config but I get an error others have had: ironicbadger, did you ever get this figured out? I'm wrestling with it and not getting anywhere. If so would you mind posting your config? Thanks Sean, if you're still around then the link in your build thread to the config.js isn't working either. I'll see if I can find my old config.js. The developer of UpStatsBoard kinda disappeared and I've moved on to HTPC-Manager. The config.js is REALLY stupid picky. Let me do some digging in my backups. Link to comment
Recommended Posts