Docker: Letsencrypt + Nginx not creating certificate

    • OMV 4.x
    • Resolved
    • Docker: Letsencrypt + Nginx not creating certificate

      New

      Hi,

      I followed @TechnoDadLife video on the docker for Letsencrypt and Nginx. I matched the configuration of the dockers (see images)
      Configuration:
      ibb.co/NTsqcP6
      ibb.co/VChsX4X
      ibb.co/9NLWpBK

      In my router I forwarded 443 -> 450 and 80-90. I can access OMV by ipofserverv:80 and ipofserver:443.

      But when it's supposed to create the certificate it gives me the following error when i enter: docker logs -f letsencrypt

      HTML Source Code

      1. -------------------------------------
      2. GID/UID
      3. -------------------------------------
      4. User uid: 1000
      5. User gid: 100
      6. -------------------------------------
      7. [cont-init.d] 10-adduser: exited 0.
      8. [cont-init.d] 20-config: executing...
      9. [cont-init.d] 20-config: exited 0.
      10. [cont-init.d] 30-keygen: executing...
      11. using keys found in /config/keys
      12. [cont-init.d] 30-keygen: exited 0.
      13. [cont-init.d] 50-config: executing...
      14. Variables set:
      15. PUID=1000
      16. PGID=100
      17. TZ=Europe/Amsterdam
      18. URL=duifje.duckdns.org
      19. SUBDOMAINS=plex,radarr,heimdall,sonarr,jackett,sabnzbd,transmission
      20. EXTRA_DOMAINS=
      21. ONLY_SUBDOMAINS=false
      22. DHLEVEL=2048
      23. VALIDATION=http
      24. DNSPLUGIN=
      25. EMAIL=tomduivenvoorden@gmail.com
      26. STAGING=
      27. 2048 bit DH parameters present
      28. SUBDOMAINS entered, processing
      29. SUBDOMAINS entered, processing
      30. Sub-domains processed are: -d plex.duifje.duckdns.org -d radarr.duifje.duckdns.org -d heimdall.duifje.duckdns.org -d sonarr.duifje.duckdns.org -d jackett.duifje.duckdns.org -d sabnzbd.duifje.duckdns.org -d transmission.duifje.duckdns.org
      31. E-mail address entered: tomduivenvoorden@gmail.com
      32. http validation is selected
      33. Generating new certificate
      34. Saving debug log to /var/log/letsencrypt/letsencrypt.log
      35. Plugins selected: Authenticator standalone, Installer None
      36. Obtaining a new certificate
      37. Performing the following challenges:
      38. http-01 challenge for duifje.duckdns.org
      39. http-01 challenge for heimdall.duifje.duckdns.org
      40. http-01 challenge for jackett.duifje.duckdns.org
      41. http-01 challenge for plex.duifje.duckdns.org
      42. http-01 challenge for radarr.duifje.duckdns.org
      43. http-01 challenge for sabnzbd.duifje.duckdns.org
      44. http-01 challenge for sonarr.duifje.duckdns.org
      45. http-01 challenge for transmission.duifje.duckdns.org
      46. Waiting for verification...
      47. Challenge failed for domain duifje.duckdns.org
      48. Challenge failed for domain heimdall.duifje.duckdns.org
      49. Challenge failed for domain jackett.duifje.duckdns.org
      50. Challenge failed for domain plex.duifje.duckdns.org
      51. Challenge failed for domain radarr.duifje.duckdns.org
      52. Challenge failed for domain sabnzbd.duifje.duckdns.org
      53. Challenge failed for domain sonarr.duifje.duckdns.org
      54. Challenge failed for domain transmission.duifje.duckdns.org
      55. http-01 challenge for duifje.duckdns.org
      56. http-01 challenge for heimdall.duifje.duckdns.org
      57. http-01 challenge for jackett.duifje.duckdns.org
      58. http-01 challenge for plex.duifje.duckdns.org
      59. http-01 challenge for radarr.duifje.duckdns.org
      60. http-01 challenge for sabnzbd.duifje.duckdns.org
      61. http-01 challenge for sonarr.duifje.duckdns.org
      62. http-01 challenge for transmission.duifje.duckdns.org
      63. Cleaning up challenges
      64. Some challenges have failed.
      65. IMPORTANT NOTES:
      66. - The following errors were reported by the server:
      67. Domain: duifje.duckdns.org
      68. Type: unauthorized
      69. Detail: Invalid response from
      70. http://duifje.duckdns.org/.well-known/acme-challenge/11rkcdbzoB7osKGY0dwVCY3HM4cWTmOI3xHBEvn4rsg
      71. [82.217.235.54]: "<!DOCTYPE
      72. html>\n<html>\n\t<head>\n\t\t<title>openmediavault - HTTP 404
      73. error</title>\n\t\t<meta charset=\"UTF-8\">\n\t\t<meta
      74. http-equiv=\"X-U"
      75. Domain: heimdall.duifje.duckdns.org
      76. Type: unauthorized
      77. Detail: Invalid response from
      78. http://heimdall.duifje.duckdns.org/.well-known/acme-challenge/Cn1ty0p5AeM6_20E-T9iTYyoeH4nUyvC9NOKg4hukQY
      79. [82.217.235.54]: "<!DOCTYPE
      80. html>\n<html>\n\t<head>\n\t\t<title>openmediavault - HTTP 404
      81. error</title>\n\t\t<meta charset=\"UTF-8\">\n\t\t<meta
      82. http-equiv=\"X-U"
      83. Domain: jackett.duifje.duckdns.org
      84. Type: unauthorized
      85. Detail: Invalid response from
      86. http://jackett.duifje.duckdns.org/.well-known/acme-challenge/H5ObybFYzhOnJ8pHcUG79IJqm4MRsm9mYxSHyFks5fc
      87. [82.217.235.54]: "<!DOCTYPE
      88. html>\n<html>\n\t<head>\n\t\t<title>openmediavault - HTTP 404
      89. error</title>\n\t\t<meta charset=\"UTF-8\">\n\t\t<meta
      90. http-equiv=\"X-U"
      91. Domain: plex.duifje.duckdns.org
      92. Type: unauthorized
      93. Detail: Invalid response from
      94. http://plex.duifje.duckdns.org/.well-known/acme-challenge/g6bd7-GkWDE6lrZQerB7shTBJMUxcn6At-2RQyKieHE
      95. [82.217.235.54]: "<!DOCTYPE
      96. html>\n<html>\n\t<head>\n\t\t<title>openmediavault - HTTP 404
      97. error</title>\n\t\t<meta charset=\"UTF-8\">\n\t\t<meta
      98. http-equiv=\"X-U"
      99. Domain: radarr.duifje.duckdns.org
      100. Type: unauthorized
      101. Detail: Invalid response from
      102. http://radarr.duifje.duckdns.org/.well-known/acme-challenge/oITGRf4H2YoYpr0gnB2YrlEv1un_pzD8dOrjhTD42Oc
      103. [82.217.235.54]: "<!DOCTYPE
      104. html>\n<html>\n\t<head>\n\t\t<title>openmediavault - HTTP 404
      105. error</title>\n\t\t<meta charset=\"UTF-8\">\n\t\t<meta
      106. http-equiv=\"X-U"
      107. Domain: sabnzbd.duifje.duckdns.org
      108. Type: unauthorized
      109. Detail: Invalid response from
      110. http://sabnzbd.duifje.duckdns.org/.well-known/acme-challenge/G9UQ4G9rsJdRovh2nX7NZpRpzVzjwYMlU1Hd8WtdL00
      111. [82.217.235.54]: "<!DOCTYPE
      112. html>\n<html>\n\t<head>\n\t\t<title>openmediavault - HTTP 404
      113. error</title>\n\t\t<meta charset=\"UTF-8\">\n\t\t<meta
      114. http-equiv=\"X-U"
      115. Domain: sonarr.duifje.duckdns.org
      116. Type: unauthorized
      117. Detail: Invalid response from
      118. http://sonarr.duifje.duckdns.org/.well-known/acme-challenge/FDzP5NpQqOzBSQ_6-HpqUFNul7uJRupPp7zKzaPOMHg
      119. [82.217.235.54]: "<!DOCTYPE
      120. html>\n<html>\n\t<head>\n\t\t<title>openmediavault - HTTP 404
      121. error</title>\n\t\t<meta charset=\"UTF-8\">\n\t\t<meta
      122. http-equiv=\"X-U"
      123. Domain: transmission.duifje.duckdns.org
      124. Type: unauthorized
      125. Detail: Invalid response from
      126. http://transmission.duifje.duckdns.org/.well-known/acme-challenge/YhrwxOphWJbcLJq6n049v4PLLnCEW5AOTicgCURDgIE
      127. [82.217.235.54]: "<!DOCTYPE
      128. html>\n<html>\n\t<head>\n\t\t<title>openmediavault - HTTP 404
      129. error</title>\n\t\t<meta charset=\"UTF-8\">\n\t\t<meta
      130. http-equiv=\"X-U"
      131. To fix these errors, please make sure that your domain name was
      132. entered correctly and the DNS A/AAAA record(s) for that domain
      133. contain(s) the right IP address.
      134. ERROR: Cert does not exist! Please see the validation error above. The issue may be due to incorrect dns or port forwarding settings. Please fix your settings and recreate the container
      Display All
      Any ideas on what's wrong?
    • New

      edit again docker and;

      change network mode to bridge
      and
      name to letsencrypt

      and only subdomains for true

      and confirm that your docker user have UID = 1000
      OMV 4.1.11 x64 on a HP T510, 16GB CF as Boot Disk & 32GB SSD 2,5" disk for Data, 4 GB RAM, CPU VIA EDEN X2 U4200 is x64 at 1GHz

      Post: HPT510 SlimNAS ; HOWTO Install Pi-Hole ; HOWTO install MLDonkey ; HOHTO Install ZFS-Plugin ; OMV_OldGUI ; ShellinaBOX ;
      Dockers: MLDonkey ; PiHole ; weTTY
      Videos: @TechnoDadLife
    • New

      the reported error means that internet can't reach to your letsencrypt docker.

      revise your router and post the 443 config to be sure that redirect to NAS IP:450 and same for port 80

      PD: Post some that confim that user docker use ID 1000

      In my case is 1001:

      Source Code

      1. uid=1000(raulfg) gid=100(users) grupos=100(users),27(sudo),114(ssh),119(webdav-users)
      2. root@PDNS:~# id 1001
      3. uid=1001(dockuser) gid=100(users) grupos=100(users),2001(mldonkey),2002(Dockusers)
      OMV 4.1.11 x64 on a HP T510, 16GB CF as Boot Disk & 32GB SSD 2,5" disk for Data, 4 GB RAM, CPU VIA EDEN X2 U4200 is x64 at 1GHz

      Post: HPT510 SlimNAS ; HOWTO Install Pi-Hole ; HOWTO install MLDonkey ; HOHTO Install ZFS-Plugin ; OMV_OldGUI ; ShellinaBOX ;
      Dockers: MLDonkey ; PiHole ; weTTY
      Videos: @TechnoDadLife
    • New

      your router is not well configured.

      you need to route port 80 external to port 90 on internal, exactly the opposite that you do.


      and same for port 450

      PD: Please delete your actual 4 rules and create only 2 well configured.
      OMV 4.1.11 x64 on a HP T510, 16GB CF as Boot Disk & 32GB SSD 2,5" disk for Data, 4 GB RAM, CPU VIA EDEN X2 U4200 is x64 at 1GHz

      Post: HPT510 SlimNAS ; HOWTO Install Pi-Hole ; HOWTO install MLDonkey ; HOHTO Install ZFS-Plugin ; OMV_OldGUI ; ShellinaBOX ;
      Dockers: MLDonkey ; PiHole ; weTTY
      Videos: @TechnoDadLife
    • Users Online 1

      1 Guest