xames
Patron
- Joined
- Jun 1, 2020
- Messages
- 235
anyone?I have version 19.0.5, can we upgrade to new 20 version or not yet? and how.
anyone?I have version 19.0.5, can we upgrade to new 20 version or not yet? and how.
Hey,
That's odd but I cannot edit my own post.... Anyway I'm guessing that you meant to quote lines from my caddy.log.
Well I'll edit previous one or delete when there will be an option so it will not mess up forum page.
{"level":"error","ts":1607607926.0599313,"logger":"tls.issuance.acme.acme_client","msg":"cleaning up solver","identifier":"nextcloud.emememsy.com","challenge_type":"dns-01","error":"no memory of presenting a DNS record for nextcloud.emememsy.com (probably OK if presenting failed)"}
{"level":"error","ts":1607607926.2351258,"logger":"tls.obtain","msg":"will retry","error":"[nextcloud.emememsy.com] Obtain: [nextcloud.emememsy.com] solving challenges: presenting for challenge: could not determine zone for domain \"_acme-challenge.nextcloud.emememsy.com\": unexpected response code 'SERVFAIL' for _acme-challenge.nextcloud.emememsy.com. (order=https://acme-staging-v02.api.letsencrypt.org/acme/order/17032130/199659972) (ca=https://acme-staging-v02.api.letsencrypt.org/directory)","attempt":11,"retrying_in":10800,"elapsed":10814.203219561,"max_duration":2592000}
by enabling DNSSEC in Cloudflare and adding DS to my domain registrar. This was related to Let's Encrypt and my humbly proposal is to add this info to readme file in github, maybe in Prerequisites section.{"level":"error","ts":1607607926.0599313,"logger":"tls.issuance.acme.acme_client","msg":"cleaning up solver","identifier":"nextcloud.xxxxxxxx.com","challenge_type":"dns-01","error":"no memory of presenting a DNS record for nextcloud.xxxxxxxx.com (probably OK if presenting failed)"}
{"level":"error","ts":1607607926.2351258,"logger":"tls.obtain","msg":"will retry","error":"[nextcloud.xxxxxxxx.com] Obtain: [nextcloud.xxxxxxxx.com] solving challenges: presenting for challenge: could not determine zone for domain \"_acme-challenge.nextcloud.xxxxxxxx.com\": unexpected response code 'SERVFAIL' for _acme-challenge.nextcloud.xxxxxxxx.com. (order=https://acme-staging-v02.api.letsencrypt.org/acme/order/17032130/199659972) (ca=https://acme-staging-v02.api.letsencrypt.org/directory)","attempt":11,"retrying_in":10800,"elapsed":10814.203219561,"max_duration":2592000}
{"level":"info","ts":1607676261.8559482,"logger":"http.log.access","msg":"handled request","request":{"remote_addr":"192.168.1.25:58858","proto":"HTTP/2.0","method":"GET","host":"192.168.1.55","uri":"/","headers":{"Cookie":["nc_sameSiteCookielax=true; nc_sameSiteCookiestrict=true; oc_sessionPassphrase=rXJyCxVBnTefvi%2FQpV86lvEwFJCH1SgbUtApHCRdzeJa1kx72kidHNF2jcjRTRx1ZjuNhkPuu09JZmmEWTuuISEv9W0nbmOTXrg%2FXnMDz%2BWmg4lbQFSnq8LHKmlgx9pt; ocl4qpukl5a2=3v4mn0lhbotuuauhitk740rnr8"],"Accept":["text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8"],"User-Agent":["Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_6) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.0.1 Safari/605.1.15"],"Accept-Language":["pl-pl"],"Accept-Encoding":["gzip, deflate, br"]},"tls":{"resumed":false,"version":772,"cipher_suite":4865,"proto":"h2","proto_mutual":true,"server_name":""}},"common_log":"192.168.1.25 - - [11/Dec/2020:09:44:21 +0100] \"GET / HTTP/2.0\" 0 0","duration":0.000004358,"size":0,"status":0,"resp_headers":{"Server":["Caddy"]}}
They typically roll out new updates slowly to their users so as to not overwhelm their servers. 20.x will show up eventually. I just wait. If you are in a hurray you can destroy your jail and re run the script. I don't know if there is another way.
Do you have a redirection of DNS internal and External? internally it have to resolve internal ip and external your external ip.
Example external: 44.55.66.77.88
Example internal: 192.168.0.69
You can look it by terminal on windows or mac: nslookup dnsname.yourdomain.com
Server: 192.168.1.1
Address: 192.168.1.1#53
Non-authoritative answer:
Name: nextcloud.xxxx.com
Address: 104.24.98.221
Name: nextcloud.xxxx.com
Address: 104.24.99.221
Name: nextcloud.xxxx.com
Address: 172.67.168.112
Are you directing/forwarding port 80 from your router to the jail IP? and does your cloud.domain.com address point to your router's public IP?how to get letsencrypt ssl right ,if the installation was done ?
Yes, right direct to my nextcloud ip. port 443 and port 80Are you directing/forwarding port 80 from your router to the jail IP? and does your cloud.domain.com address point to your router's public IP?
The Caddy log should show the error--in the jail, what are the contents of /var/log/caddy.log?the cert for the ssl seems to be expired and isn't renewed auto.
The log is actually huge, so I attached it in my reply.The Caddy log should show the error--in the jail, what are the contents of /var/log/caddy.log?
2020/12/16 05:26:56 [ERROR] attempt 2: [cloud.vlokkiebox.nl] Renew: get directory at 'https://acme-staging-v02.api.letsencrypt.org/directory': Get "https://acme-staging-v02.api.letsencrypt.org/directory": dial tcp: lookup acme-staging-v02.api.letsencrypt.org on [::1]:53: read udp [::1]:33173->[::1]:53: read: connection refused -
That file seems to be empty.These errors in the log are suspicious:
Code:2020/12/16 05:26:56 [ERROR] attempt 2: [cloud.vlokkiebox.nl] Renew: get directory at 'https://acme-staging-v02.api.letsencrypt.org/directory': Get "https://acme-staging-v02.api.letsencrypt.org/directory": dial tcp: lookup acme-staging-v02.api.letsencrypt.org on [::1]:53: read udp [::1]:33173->[::1]:53: read: connection refused -
It makes it sound like whatever's serving DNS for this jail isn't responding. What's the contents of /etc/resolv.conf in the jail?
That fixed the issue! Thank you so much!That could be the problem. Add this line at the bottom:
Code:nameserver 1.1.1.1
Then restart the jail and see if it works.
here's nslookup response:
what looks odd, but im not an expert is that ok as it resolves with address 192.168.1.1 at port 53 which is my gateway. Shouldn't it show ip of jail? in my situation it's 192.168.1.55