[Request/Done] Let's Encrypt Container


rix

Recommended Posts

Yeah, just realized that the zlib extension is added to the latest dev version and it should be released very soon.

In the meantime you can exec into the container and do "apk add --update php5-zlib" and after that it should work

 

Ran "Docker exec -it letsencrypt bash"

Ran "apk add --update php5-zlib"

Restarted Letsencrypt docker

 

All working, many thanks!!

Link to comment
  • 3 weeks later...

Hi guys,

 

Has anyone successfully got Zoneminder 100% working?  I have the following in my config and i can get to the zoneminder page, all seems to work inside and outside my network, but when i try to get zmNinja running it cant seem to see the API's (when outside my network).  is there anything i should be adding to get it working properly?

 

Thanks!

 

location /zm {
		include /config/nginx/proxy.conf;
		proxy_pass http://myunraidIP:8084/zm/;

 

Edited by blknitro11
Link to comment
6 hours ago, blknitro11 said:

Hi guys,

 

Has anyone successfully got Zoneminder 100% working?  I have the following in my config and i can get to the zoneminder page, all seems to work inside and outside my network, but when i try to get zmNinja running it cant seem to see the API's (when outside my network).  is there anything i should be adding to get it working properly?

 

Thanks!

 


location /zm {
		include /config/nginx/proxy.conf;
		proxy_pass http://myunraidIP:8084/zm/;

 

 

Try changing it to:

 

location /zm {
	include /config/nginx/proxy.conf;
    proxy_pass http://unraid_IP/;
    proxy_connect_timeout    300;
    proxy_send_timeout       300;
    proxy_read_timeout       300;
    send_timeout             300;
}

 

Edited by jrdnlc
Link to comment
16 hours ago, jrdnlc said:

 

Try changing it to:

 


location /zm {
	include /config/nginx/proxy.conf;
    proxy_pass http://unraid_IP/;
    proxy_connect_timeout    300;
    proxy_send_timeout       300;
    proxy_read_timeout       300;
    send_timeout             300;
}

 

adding this actually breaks it completely.

 

I see the following in the logs

nginx: [emerg] "proxy_send_timeout" directive is duplicate in /config/nginx/site-confs/default:42
nginx: [emerg] "proxy_read_timeout" directive is duplicate in /config/nginx/site-confs/default:43
nginx: [emerg] "send_timeout" directive is duplicate in /config/nginx/site-confs/default:44

as soon as i clear out those lines i can get to the interface again, but unfortunately i still get the API error in zmNinja.

Link to comment
On 9/15/2016 at 6:47 AM, aptalca said:

Fail2ban has emailing capability which can be set through the jail.local file, but the container also needs to be set up with the email client. I'll look into whether it's feasible.

 

What were your final conclusions on whether this is possible?

 

Would like to get some sort of warning if its possible.

 

Thanks in advance

Link to comment
On 2/28/2017 at 2:23 PM, blknitro11 said:

adding this actually breaks it completely.

 

I see the following in the logs


nginx: [emerg] "proxy_send_timeout" directive is duplicate in /config/nginx/site-confs/default:42
nginx: [emerg] "proxy_read_timeout" directive is duplicate in /config/nginx/site-confs/default:43
nginx: [emerg] "send_timeout" directive is duplicate in /config/nginx/site-confs/default:44

as soon as i clear out those lines i can get to the interface again, but unfortunately i still get the API error in zmNinja.

 

Anyone by chance have something else i can try?

 

Thanks!

Link to comment
21 hours ago, aptalca said:


Didn't look into it yet

 

Ok sure, np.

 

I was wondering if it was just a matter of adding email smtp settings to a config file or needed work to get the infrastructure in place to make it happen.

 

Or both :)

 

Edited by local.bin
Link to comment
 

Ok sure, np.

 

I was wondering if it was just a matter of adding email smtp settings to a config file or needed work to get the infrastructure in place to make it happen.

 

Or both

 

I just checked and "sendmail" is already included in the container. You should be able to set it up via the fail2ban config files as an action. I've never done it before so you'll have to follow a guide. Let me know if there are any changes to the image necessary

 

Edit: this post is in reference to the linuxserver version of the container not my old personal one

 

Link to comment
10 hours ago, aptalca said:

I just checked and "sendmail" is already included in the container. You should be able to set it up via the fail2ban config files as an action. I've never done it before so you'll have to follow a guide. Let me know if there are any changes to the image necessary

 

Edit: this post is in reference to the linuxserver version of the container not my old personal one

 

 

Cool ok thanks for clarifying, I will give it a try, thanks.

 

I know I asked for the nginx container to be updated from ubuntu variant to alpine, well now I have piwik fully setup I am trying with sogo and that needs a ubuntu install for sogo to be installed.

 

Rather than me learning apache, now I am used to nginx, I don't suppose there is any chance of the old config as a test container somehow? 

 

Tell me to get lost if I've crossed the line asking ;-) 

Link to comment
 
Cool ok thanks for clarifying, I will give it a try, thanks.
 
I know I asked for the nginx container to be updated from ubuntu variant to alpine, well now I have piwik fully setup I am trying with sogo and that needs a ubuntu install for sogo to be installed.
 
Rather than me learning apache, now I am used to nginx, I don't suppose there is any chance of the old config as a test container somehow? 
 
Tell me to get lost if I've crossed the line asking ;-) 


You're using the linuxserver letsencrypt version of nginx right?

First of all it'd be a lot less confusing if you post in that thread.

Second, I'm not entirely sure what you're asking regards Ubuntu. The LE container is based on Alpine Linux, if you're asking us to rewrite it basing it on Xenial then, nope, that's not going to happen as essentially that would mean rewriting the whole docker container from scratch.
Link to comment
5 minutes ago, CHBMB said:

 


You're using the linuxserver letsencrypt version of nginx right?

First of all it'd be a lot less confusing if you post in that thread.

Second, I'm not entirely sure what you're asking regards Ubuntu. The LE container is based on Alpine Linux, if you're asking us to rewrite it basing it on Xenial then, nope, that's not going to happen as essentially that would mean rewriting the whole docker container from scratch.

 

 

Relax; the reason i posted here was the question re email support in fail2ban was posted in this thread. Take a look in the other letsencrypt thread where I state that.

 

I am asking aptalca a question, as I asked if the nginx container could be updated to alpine from xenial and he kindly obliged.

 

I was merely asking if the 'old' xenial nginx container was still available, as sogo cannot be installed on alpine.

 

 

Link to comment
7 minutes ago, CHBMB said:

I'm perfectly relaxed, appreciate your concern, but seeing as we're all members of ls.io, I fail to see why I should leave my good friend aptalca to be your personal help. Maybe I'm trying to help him as much as you.....

 

 

 

Really no need to be rude.

 

I was asking a simple question based on my previous exchanges with aptalca and something he said he hadn't got around to trying.

 

I said I would try and report back if I had any success.

 

So far from 'personal help' as you call it, but rather me offering to 'help'.

Link to comment

I'm not being rude, I was trying to help answer your questions and rather than graciously respond you have the audacity to tell me to relax and that you were speaking to@aptalca. My attempts to help or answer your questions obviously weren't well received so I shall leave you to it from this point on....

 

EDIT:  And which bit of any of this is you offering to help in any way, shape or form?

Edited by CHBMB
Link to comment
1 minute ago, CHBMB said:

I'm not being rude, I was trying to help answer your questions and rather than graciously respond you have the audacity to tell me to relax and that you were speaking to@aptalca. My attempts to help or answer your questions obviously weren't well received so I shall leave you to it from this point on....

 

 

They weren't well received, as you chastised me for not posting in the correct forum, which was incorrect, as well as suggesting there was no way the base of a docker would be changed; where in fact it had been.

 

Your help has been very much appreciated in the other thread and has allowed me to setup LE,Nginx RP, Piwix and Nextcloud, so thanks.

 

' I shall leave you to it from this point on....' toys out ... sure OK, thanks anyway.

Link to comment
23 minutes ago, local.bin said:

 

 

They weren't well received, as you chastised me for not posting in the correct forum, which was incorrect, as well as suggesting there was no way the base of a docker would be changed; where in fact it had been.

 

Your help has been very much appreciated in the other thread and has allowed me to setup LE,Nginx RP, Piwix and Nextcloud, so thanks.

 

' I shall leave you to it from this point on....' toys out ... sure OK, thanks anyway.

Yes we changed the base from Xenial to Alpine, but quite frankly as you're posting in aptalca's LE support thread, when I assume you're using our LE container I wasn't chastising you, but suggesting we keep the support to one thread.  We're migrating as much as we can to Alpine, so nginx migration to Alpine was always on the cards, I was under the impression you were requesting a rebase of our LE version to Xenial, which is definitely not on the cards.  To be honest I'm totally confused about what version of nginx you're actually using.

 

1.  Aptalca's LE

2. Linuxserver.io's LE

3. Linuxserver.io's Nginx

The last two I actually can help with as we all have access to the repositories, the first by aptalca's own admission, is no longer going to be supported going forward.  So if it's either of the last two then I think I raised a valid point.  

 

Bear in mind, you're the one asking for help here, and I'm the one using my spare time to respond.   I'm not throwing my toys out the pram here, but I think you could have responded a little better initially, especially as you've already found out that I can indeed be most helpful.  I tend to do the bulk of support for ls.io and the only reason I haven't been doing so much recently is because my wife has just had a baby, which as a result has left the other members of ls.io doing more support as well as what they already do, and I'm trying to reduce that where I can.

 

It's easy to misread people's intentions over the internet, and I feel you have misread mine a great deal.

 

I respect NAS and if he or anyone else here think I owe you an apology then it'll be forthcoming, but to be honest I'm not sure I do at the moment.  I'm going to leave it here as this is just not productive to either of us.  And quite frankly the whole episode I have found just a little upsetting when my original intention was to help you.   Hell I'd even have thrown a tagged ubuntu nginx up on docker hub for you if that would have helped.

Edited by CHBMB
  • Upvote 1
Link to comment
16 minutes ago, CHBMB said:

I have found just a little upsetting when my original intention was to help you.

 

Same here; I suggested I would try and configure sendmail myself, rather than asking for help. Reporting back in the forum when successful.

 

With regards to the other, probably best just forgotten.

 

Thanks.

 

Link to comment

I'm having trouble with the reverse proxy side of this container.

I have started a small web site using one of the free templates from HTML5 up. working fine .

Learning how to modify the templates.

I have added this to the default sites-config.

         location ^~ /myfah/ {
        include /config/nginx/proxy.conf;
        proxy_pass http://192.168.1.xx:7396;
    }

I added a (herf) link to /myfah

And when I click the link I get an  HTTP ERROR 403  

Access to xxxxxxxxx.duckdns.org was denied.

I'm trying this without the password file (to be added later).

Did create a htpasswd file ( no dot.) will add later.

I"am getting an error in the log

nginx: [emerg] "location" directive is not allowed here in /config/nginx/site-confs/default:56

If you need more info I will try to get it.

Should I delete the whole thing and start over?

Any help would be appreciated. 

default

 

Edited by spazmc
Link to comment
2 hours ago, spazmc said:

I'm having trouble with the reverse proxy side of this container.

I have started a small web site using one of the free templates from HTML5 up. working fine .

Learning how to modify the templates.

I have added this to the default sites-config.

         location ^~ /myfah/ {
        include /config/nginx/proxy.conf;
        proxy_pass http://192.168.1.xx:7396;
    }

I added a (herf) link to /myfah

And when I click the link I get an  HTTP ERROR 403  

Access to xxxxxxxxx.duckdns.org was denied.

I'm trying this without the password file (to be added later).

Did create a htpasswd file ( no dot.) will add later.

I"am getting an error in the log

nginx: [emerg] "location" directive is not allowed here in /config/nginx/site-confs/default:56

If you need more info I will try to get it.

Should I delete the whole thing and start over?

Any help would be appreciated. 

default

 

Did you try to go to the full address: https://XXXXX.duckdns.org/myfah ?

Try removing the trailing slash in your default config after myfah

Also, does whatever you are trying to proxy allow you to set a base url so you can proxy_pass http://192.168.1.xx:7396/myfah ?

 

The error in the log doesn't make sense to me. Did you make changes to your default site config since then? I don't see a location statement at line 56

Link to comment

Yes I have made changes to the config file.

(whatever you are trying to proxy allow you to set a base url so you can proxy_pass http://192.168.1.xx:7396/myfah ? )

Now you have lost me.

I'm trying to link it to a docker (folding at home). Does that make a difference. What the docker is running?

I'm not grasping how it is linking the server at 443 to my intranet on the port 80 side. real port 8080.

request off to router bounces back to other docker?

 

Link to comment
Yes I have made changes to the config file.
(whatever you are trying to proxy allow you to set a base url so you can proxy_pass http://192.168.1.xx:7396/myfah ? )
Now you have lost me.
I'm trying to link it to a docker (folding at home). Does that make a difference. What the docker is running?
I'm not grasping how it is linking the server at 443 to my intranet on the port 80 side. real port 8080.
request off to router bounces back to other docker?
 

You didn't answer all of my questions.

I would suggest reading some guides online about nginx reverse proxy especially with regards to the base url and subdomain methods
Link to comment

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.

Guest
Reply to this topic...

×   Pasted as rich text.   Restore formatting

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.