Posts by doogleaelf

    ok .. I did finally get it to work. I deleted everything... docker, poortainer, all the images... the whole #!.

    I only used docker-compose and the .yml file following the instructions from ....


    how to nextcloud with letsencrypt using omv and docker compose


    Not sure if any of this helped but I cleared my browser cache and waited a bit after restarting nextcloud.


    I want to thank Soma for the above link and now I'm off to do what I really wanted to do in the first place .... Plex!!!!


    I'm sure I'll have some issues with that. I use NFS shares from 2 WDMyclouds . One is the older 4.xx firmware and the other has the new OS 5 on it. Seems they are both happy using NFS v4. The new OS 5 has a newer version of Twonky:

    WD MyCloud v5.12.108 Twonky Server 8.5.2-3

    WD MyCloud v04.05.00-342 Twonky Version: 7.2.9-15


    You can tell if you have a older Mycloud by looking at the end of the PN:

    -00 = Gen1 <<< do not try to upgrade to OS5 >>>

    -10 = Gen2 <<< can be ugraded to OS5 >>>


    The newer Twonky made a difference ... I have an 2013 Sony BD/DLNA player that kinda limps along. With the higher resolution videos it struggled. With the newer twonky several videos that barely sorta played cleaned right up and ran fine.

    Kevin

    I tried using

    [How-To] Nextcloud with Letsencrypt using OMV and docker-compose


    and it failed.

    I noticed with that document all they did was rename nextcloud.subdomain.conf.sample to nextcloud.subdomain.conf I did only that... did not edit the file. ... and no UNLIKE what the document states, it DID NOT DELETE nextcloud.subdomain.conf.sample. I could not even get the nextcloud create user/database page to come up. It simply goes: fun1sys.duckdns.org refused to connect. So beats the hell out of me. I think I'll just take a break from it all and look somewhere else for a solution.

    ok so here is where I'm at. I deleted everything, recreated it all again, this time using a single compose file which created all the containers; swag, nextcloud, nextclouddb. edited the proxy conf file in the swag folder. made the following change: line 20 >> fun1sys.*

    Was able to locally complete the installation of nextcloud, but the admin login hanged and then timed out. edited the config.php file and added the following info:

    1 => 'fun1sys.duckdns.org',

    'overwrite.cli.url' => 'https://fun1sys.duckdns.org',

    'overwritehost' => 'fun1sys.duckdns.org',

    'overwriteprotocol' => 'https',


    As soon as I did that and restarted the nextcloud container I could no longer access the nextcloud web page either locally or remotely. I would get the following error: fun1sys.duckdns.org refused to connect.


    Here is the complete Docker compose file ( i will add as attachment also)

    =================================================================================================

    version: "2"

    services:

    nextcloud:

    image: ghcr.io/linuxserver/nextcloud:latest

    container_name: nextcloud

    environment:

    - PUID=1000

    - PGID=100

    - MYSQL_HOST=nextclouddb

    - NEXTCLOUD_ADMIN_USER=admin

    - NEXTCLOUD_ADMIN_PASSWORD=magicshow

    volumes:

    - /srv/dev-disk-by-uuid-a5ace7d5-5952-4205-a5d4-7408637605c9/app/nextcloud/config:/config

    - /srv/dev-disk-by-uuid-a5ace7d5-5952-4205-a5d4-7408637605c9/app/nextcloud/data:/data

    - /etc/localtime:/etc/localtime:ro

    depends_on:

    - mariadb

    ports:

    - 450:443

    restart: unless-stopped

    mariadb:

    image: ghcr.io/linuxserver/mariadb:latest

    container_name: nextclouddb

    environment:

    - PUID=1000

    - PGID=100

    - MYSQL_ROOT_PASSWORD=magicshow

    - MYSQL_DATABASE=nextcloud

    - MYSQL_USER=admin

    - MYSQL_PASSWORD=magicshow

    volumes:

    - /srv/dev-disk-by-uuid-a5ace7d5-5952-4205-a5d4-7408637605c9/db/nextclouddb/config:/config

    - /etc/localtime:/etc/localtime:ro

    restart: unless-stopped

    swag:

    image: linuxserver/swag

    container_name: swag

    cap_add:

    - NET_ADMIN

    environment:

    - PUID=1000

    - PGID=100

    # - DNSPLUGIN=duckdns #originally tried using this, don't have the plugin, cert gen failed

    - URL=fun1sys.duckdns.org #changed from duckdns.org

    - DUCKDNSTOKEN=92908fbe-fa0d-4160-89a8-17199d4c0fc0

    - SUBDOMAINS=wildcard #changed from fun1sys

    - ONLY_SUBDOMAINS=true

    - VALIDATION=duckdns # changed from http

    - EMAIL=doogleaelf@yahoo.com

    volumes:

    - /srv/dev-disk-by-uuid-a5ace7d5-5952-4205-a5d4-7408637605c9/app/swag:/config

    - /etc/localtime:/etc/localtime:ro

    depends_on:

    - nextcloud

    ports:

    - 457:443

    - 91:80

    restart: unless-stopped

    =================================================================================================


    ================================================================================================

    And this is the swag output using the latest iteration of the all in one compose file:

    Code
    -1 }"> - Congratulations! Your certificate and chain have been saved at:
    -1 }"> /etc/letsencrypt/live/fun1sys.duckdns.org/fullchain.pem
    -1 }"> Your key file has been saved at:
    -1 }"> /etc/letsencrypt/live/fun1sys.duckdns.org/privkey.pem


    At this point I'm clueless. There appears to be different interpretations of how to set this up. Any help would be appreciated.

    nope

    nope, they have to be on the same network to be able to talk to each other

    Change where which port from what to what?


    Is the container starting when you do the port mapping like you posted in #22?

    When I try to use 443:443 it complains bitterly and refuses to deploy.

    yea, I uninstalled portainer, docker and reinstalled and still get the 0.0.0.0 conflict error when trying to use 443 in the swag docker file. I'm trying to deploy it with portainer, is that the issue?

    Here is my swag compose file:


    services:

    swag:

    image: linuxserver/swag

    container_name: swag

    cap_add:

    - NET_ADMIN

    environment:

    - PUID=1000

    - PGID=100

    - TZ=America/Chicago

    - URL=fun1sys.duckdns.org

    - SUBDOMAINS=wildcard

    - VALIDATION=duckdns

    # - DNSPLUGIN=cloudflare #optional

    - DUCKDNSTOKEN=92908fbe-fa0d-4160-89a8-17199d4c0fc0 #optional

    #- EMAIL=doogleaelf@yahoo.com #optional

    #- DHLEVEL=2048 #optional

    #- ONLY_SUBDOMAINS=true #optional

    #- EXTRA_DOMAINS=<extradomains> #optional

    #- STAGING=false #optional

    - MAXMINDDB_LICENSE_KEY=K1azlafHcZsP8SEL #Maxmind.com Key user mymail@gmail.com Pass= XxxxxxxxxxxX

    volumes:

    - /srv/dev-disk-by-uuid-a5ace7d5-5952-4205-a5d4-7408637605c9/app/swag:/config # please use your own path

    ports:

    - 457:443

    - 91:80 #optional

    restart: unless-stopped


    When I try to change the ports, I get a conflict error for binding at 0.0.0.0 and the container does not deploy.


    Is there a problem having swag, nextcloud and nextclouddb containers all using the same network?

    ==================================================================================================

    Here is where I'm at now. I can get Swag to generate a certificate without errors. When I try to use nextcloud over the internet. It complains about the certificate being invalid. I'm using duckdns, and it appears to me that not being able to set a CNAME record is causing issues. When I comment out the port 450 in the nextcoud config file, I cannot get to nextcloud without a certificate error. This is using my phone with the wireless disabled so as to be on the internet side of things.

    I'm using port 457:443 for swag and 450:443 for nextcloud. I have tried all combintions of tweaking these ports. ie: setting both to 443 and just forwarding to my omv ip, setting both to 450 or 457 etc .... The best I can get is I can put in http://www.nextcloud.fun1sys.org and lo and behold it pulls up a swag documentation page without a certificate error! Not real exciting. In the swag docs it says something about using cloudfare because it's free. Well it doesn't look like having your own domain is free so that appears to be a bust. Cloudfare will point to a existing domain, but doesn't look like it will set you up with one(for free anyway).


    Some successes I've had are: I've been able to create 3 separate docker containers for swag, nextcloud and nextclouddb, and get them all to use a network that I defined called omv. They even show up in poortainer as containers using the omv network.

    I did this the hard way using docker create and entering each line separately in the shell. It was the only way I could get them all on the same created network, omv, as poortainer just won't let you do that. I guess I'm confused as to how swag and nextcloud can both use port 443 but yet I'm forwarding them to different ports in my router. Does the router just forward everything to both 450 and 457 and not care?


    Kevin

    yes it did work. Thanx for your patience.


    Now on to Storm er nextcloud.


    I cannot get the mariadb to connect. I keep getting connection refused when I get to the add admin user/setup db page. It has worked using sqlite ... but then that is too easy ;). I have been using KM0201's nextcloud docker config file (Nextcloud Bad Gateway - General - openmediavault) but no matter how many different ways I tweak it I cannot complete the db connection.


    At one point I was having permission issues with the CIFS share. I checked my Shared Folders and there was an issue of changing the user and group and owner of the shared folder. I would change it... then go back and it did not take. And yes I was checking the recursive check box. It did finally take after time. Maybe it just an hysteresis issue with all this stuff proprogating out to the drive. It sure beats me. It all does seem to finally work ok now. I no longer have to wait 10 minutes for permissions to get changed on 20K+ files. I will hunt and peck around for another nextcloud docker config file. Does mariadb have to "married" to nextcloud or can you use a seperate config for that. It would be nice if I could test the damn thing before even messing with stormcloud.


    Anyway thanx everyone for your help!!!!!

    ok I commented out the following two lines


    # - DUCKDNSTOKEN=92908fbe-fa0d-4160-89a8-17199d4c0fc0

    # - SUBDOMAINS=fun1sys


    changed URL= fun1sys.duckdns.org from duckdns.org


    and that appeared to work....... I think.....

    swag log follows:

    is that just some old log stuff at the end?

    Changing the router forward to 80:80 and going to http://fun1sys.duckdns.org worked fine. I even turned off the wireless on my phone and it worked fine from that too.


    Well I'm confused as to what part of the swag stack "refers" to duck dns?


    so...

    I just commented out

    # - DUCKDNSTOKEN=92908fbe-fa0d-4160-89a8-17199d4c0fc0

    and that is it.

    I have to use the full /srv/dev-disk-by-uuid-a5ace7d5-5952-4205-a5d4-7408637605c9/app/<whatever app> or else it doesn't show up on my cifs share.

    I do use the stack part of portainer to compose the configs. It is actually fairly handy. I went thru the portainer docs and setup users, groups, teams .... all that malarkey. Then I went and deleted it all (yacht, that qemu thing, and portainer). Deleted all my remote shares, shared folders and samba shares, cleaned up the /srv folder and /etc/fstab. Had to fix where docker was storing my images (get em off the system partition and on to the data partition. Got all that done, recreated the remote and shared folders, created the CIFS share using dockeruser for user and dockergroup for group for all the permissions(shared folder uses the same).


    and now I have the swag issue. I may just play with something that doesn't need a cert to work.

    ok here is the error i'm getting just with swag;


    Using Let's Encrypt as the cert provider


    SUBDOMAINS entered, processing

    SUBDOMAINS entered, processing

    Only subdomains, no URL in cert

    Sub-domains processed are: -d fun1sys.duckdns.org

    E-mail address entered: doogleaelf@yahoo.com

    http validation is selected


    Different validation parameters entered than what was used before. Revoking and deleting existing certificate, and an updated one will be created


    nerating new certificate


    Saving debug log to /var/log/letsencrypt/letsencrypt.log


    Plugins selected: Authenticator standalone, Installer None

    Account registered.

    Requesting a certificate for fun1sys.duckdns.org

    Performing the following challenges:

    http-01 challenge for fun1sys.duckdns.org

    Waiting for verification...

    Challenge failed for domain fun1sys.duckdns.org

    http-01 challenge for fun1sys.duckdns.org

    Cleaning up challenges

    Some challenges have failed.

    IMPORTANT NOTES:


    - The following errors were reported by the server:


    Domain: fun1sys.duckdns.org

    Type: connection

    Detail: Fetching

    http://fun1sys.duckdns.org/.we…PXr9CzV22rp2UUgCLjg05_V8:

    Timeout during connect (likely firewall problem)



    ERROR: Cert does not exist! Please see the validation error above. The issue may be due to incorrect dns or port forwarding settings. Please fix your settings and recreate the container


    And here is my docker-compose file:


    version: '2.1'


    services:

    swag:

    image: linuxserver/swag

    container_name: swag

    cap_add:

    - NET_ADMIN

    environment:

    - PUID=1000

    - PGID=100

    - TZ=America/Chicago

    - URL=duckdns.org

    - SUBDOMAINS=fun1sys

    - VALIDATION=http

    # - DNSPLUGIN=cloudflare #optional

    - DUCKDNSTOKEN=92908fbe-fa0d-4160-89a8-17199d4c0fc0

    - EMAIL=doogleaelf@yahoo.com #optional

    - DHLEVEL=2048 #optional

    - ONLY_SUBDOMAINS=true #optional

    - STAGING=false #optional

    volumes:

    - /srv/dev-disk-by-uuid-a5ace7d5-5952-4205-a5d4-7408637605c9/app/swag:/config # please use your own path

    ports:

    - 457:443

    - 91:80 #optional

    restart: unless-stopped


    And the router

    is there anyway to use something easier than the UUID for mount points? These entries in /etc/fstab are killing me.

    filesystem mount point

    /dev/disk/by-uuid/a5ace7d5-5952-4205-a5d4-7408637605c9 /srv/dev-disk-by-uuid-a5ace7d5-5952-4205-a5d4-7408637605c9


    When I try to associate something sane like /srv/docker as the mount point then I cannot access it when trying to use it as a shared folder. Then insanely long mount point works but holy cow...

    Kevin

    ok, so I cheeseballed figuring it out by using the linuxserver addy and then just stuffing that into portainer to find something. So I did follow the Nextcloud/swag guide and got that to work locally, but not with https.


    My nextcloud config.php does not have the following:


    'dbname' => 'nextcloud',

    'dbhost' => 'nextclouddb',

    'dbport' => '',

    'dbtableprefix' => 'oc_',

    'mysql.utf8mb4' => true,

    'dbuser' => 'oc_admin',

    'dbpassword' => 'YfPeqGJ8LlsOIkXpgiEtf3bejjLtUK',


    Also I have some dig results to help with my sanity:

    Dig results

    fun1sys.duckdns.org. 59 IN A 73.59.179.131

    fun1sys.duckdns.org. 59 IN TXT ""

    fun1sys.duckdns.org. 599 IN MX 50 fun1sys.duckdns.org.

    CNAME is blank


    I did setup forwarding in my router with the guides 457, and 91

    80 and 443 are set to external on the router.

    any thoughts

    Kevin

    ok, so I have docker installed, portainer, yacht, and cockpit. What do I do now? Portainer just seems to be more configuring crap. I want to pull in a image. How do I do that? It was a hell of a lot easier before this new docker setup. Yacht doesn't have anything I want. Github wants some kind of account login but I see no way to create the login. What the hell? Do I need a letter from my mother too? Cockpit wants a login? How do I do that? Jesus this is way too much overkill to just pull some images in.

    Kevin

    Does this shed any light... it looks to me like its having trouble writing something, but still enters the forwarding state.


    Apr 25 15:37:26 dellomv kernel: [31730.848549] br-31110d631cb0: port 1(vethf5add4a) entered disabled state
    Apr 25 15:37:26 dellomv systemd-udevd[2252]: Could not generate persistent MAC address for vethf5add4a: No such file or directory
    Apr 25 15:37:26 dellomv containerd[1079]: time="2019-04-25T15:37:26.514988441-05:00" level=info msg="shim containerd-shim started" address="/containerd-shim/moby/73bddc582dce304e88b5fdab98492d582129c2ae005dec46b546917af660934d/shim.sock" debug=false pid=2290
    Apr 25 15:37:27 dellomv kernel: [31731.831289] eth0: renamed from veth7693bbb
    Apr 25 15:37:27 dellomv kernel: [31731.847274] br-31110d631cb0: port 1(vethf5add4a) entered blocking state
    Apr 25 15:37:27 dellomv kernel: [31731.847278] br-31110d631cb0: port 1(vethf5add4a) entered forwarding state
    Apr 25 15:39:01 dellomv CRON[2759]: (root) CMD ( [ -x /usr/lib/php/sessionclean ] && if [ ! -d /run/systemd/system ]; then /usr/lib/php/sessionclean; fi)
    Apr 25 15:39:01 dellomv systemd[1]: Starting Clean php session files...
    Apr 25 15:39:01 dellomv systemd[1]: Started Clean php session files.