Cloudron makes it easy to run web apps like WordPress, Nextcloud, GitLab on your server. Find out more or install now.


    Cloudron Forum

    • Register
    • Login
    • Search
    • Categories
    • Recent
    • Tags
    • Popular

    Solved Self-host install issues

    Support
    installation home
    5
    13
    1054
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • ei8fdb
      ei8fdb last edited by girish

      Hi,
      I'm starting with a Cloudron self-host on a Nuc hosted in my home network.

      • OS install (18.04) goes fine
      • DNS record creation goes fine (I see them created in GandiDNS)
      • but when it comes to the redirect to my.SUBDOMAIN.DOMAIN.ORG I
        • first get the self-signed SSL cert error
        • browser then redirects and I get "https://my.SUBDOMAIN.DOMAIN.org/setup.html"

      Firefox can't establish a connection to the server at https://my.SUBDOMAIN.DOMAIN.org/.

      If I try to visit the IP of the server, I see, momentarily the mention of cloudron at the top of the page, then it redirects to https://my.SUBDOMAIN.DOMAIN.org/ with the same error.

      I'd appreciate any support you can give me. 🙏

      1 Reply Last reply Reply Quote 0
      • nebulon
        nebulon Staff last edited by

        Hi,

        so can you verify that my.subdomain.domain.org resolves correctly to your home IP?
        Also I assume you were initially visiting the home IP to go through the cloudron dns setup step?
        Furthermore please make sure all ports mentioned at https://cloudron.io/documentation/security/#cloud-firewall are correctly port-forwarded to your server (assuming your server is behind your home router)

        The self-signed certificate is initially expected and you have to accept the exception in your browser.

        Finally, since this is a home connection you probably want to setup an email relay as well configure https://cloudron.io/documentation/networking/#dynamic-dns if your IP is not statically assigned.

        ei8fdb 1 Reply Last reply Reply Quote 1
        • W
          will last edited by

          I run Cloudron out of a lenovo tiny workstation mounted right next to my router in a closet, with Gandi too!
          Port forwarding + email relay were the parts that got me too. Double check all that and if you need more help, just ask.

          1 Reply Last reply Reply Quote 1
          • ei8fdb
            ei8fdb @nebulon last edited by ei8fdb

            @nebulon said in Self-host install issues:

            Hi,

            Hi!

            so can you verify that my.subdomain.domain.org resolves correctly to your home IP?

            yes it does.

            bernard@lenny:~/bin$ ping my.subdomain.domain.org
            PING my.subdomain.domain.org (1.2.3.4) 56(84) bytes of data.
            64 bytes from 4.3.2.1.in-addr.arpa (1.2.3.4): icmp_seq=1 ttl=58 time=94.0 ms
            

            However subdomain.domain.org does not resolve to my home IP:

            bernard@lenny:~/bin$ ping subdomain.domain.org
            ping: subdomain.domain.org: No address associated with hostname
            

            In my gandi livedns there is an entry for:

            my.subdomain A 1.2.3.4
            subdomain TXT "v=spf1 a: ~all"
            cloudron._domainkey.subdomain TXT

            Also I assume you were initially visiting the home IP to go through the cloudron dns setup step?

            Correct, which was giving me the login for my Internet router (with https://), so I visited the internal IP address of the cloudron server and start the cloudron dns setup step from there.

            Furthermore please make sure all ports mentioned at https://cloudron.io/documentation/security/#cloud-firewall are correctly port-forwarded to your server (assuming your server is behind your home router)

            Some of these weren't. I've now opened them all on the router and NAT'ed them correctly.

            The self-signed certificate is initially expected and you have to accept the exception in your browser.

            Yep I did.

            Finally, since this is a home connection you probably want to setup an email relay as well configure https://cloudron.io/documentation/networking/#dynamic-dns if your IP is not statically assigned.

            Not an issue as I have a static IP.

            Thanks for the help so far.

            1 Reply Last reply Reply Quote 1
            • girish
              girish Staff last edited by

              @ei8fdb In your examples, 1.2.3.4 is your public static IP right and not the home network IP, correct?

              I would try connecting to my.subdomain.domain.org from your mobile network as a next step. Does that work? (my suspicion is that maybe your router does not support NAT loopback)

              ei8fdb 1 Reply Last reply Reply Quote 1
              • ei8fdb
                ei8fdb @girish last edited by

                @girish said in Self-host install issues:

                @ei8fdb In your examples, 1.2.3.4 is your public static IP right and not the home network IP, correct?

                Correct the public static IP.

                I would try connecting to my.subdomain.domain.org from your mobile network as a next step. Does that work? (my suspicion is that maybe your router does not support NAT loopback)

                I tried that earlier (didn't mention it) error given is:

                secure connection failed.

                I did read your blogpost about NAT loopback. I'm currently looking to verify if it does/not support it. Its a Zyxel VMG1312-B10D router. If it doesn't support it, do I have any options?

                1 Reply Last reply Reply Quote 0
                • girish
                  girish Staff last edited by

                  @ei8fdb said in Self-host install issues:

                  secure connection failed.

                  When it says this, does it allow you to accept self-signed certificates? If so, accept it, create admin, then go into Domains -> Renew all Certs. I think maybe getting the cert failed (for some reason). If cert renewal still fails, then can you check the Logs?

                  ei8fdb 1 Reply Last reply Reply Quote 0
                  • ei8fdb
                    ei8fdb @girish last edited by

                    @girish said in Self-host install issues:

                    When it says this, does it allow you to accept self-signed certificates? If so, accept it, create admin, then go into Domains -> Renew all Certs. I think maybe getting the cert failed (for some reason). If cert renewal still fails, then can you check the Logs?

                    No, there's on interaction apart from "try again" button.

                    Full error message is:

                    (firefox)

                    Secure Connection Failed
                    1. The page you're trying to view cannot be shown because the authenticity of the received data could not verified.
                    2. Please inform the website owners to inform them of this problem.
                    
                    Try again (button)
                    
                    W 1 Reply Last reply Reply Quote 0
                    • W
                      will @ei8fdb last edited by

                      @ei8fdb What does chrome or IE say?

                      1 Reply Last reply Reply Quote 1
                      • ei8fdb
                        ei8fdb last edited by

                        @will said in Self-host install issues:

                        @ei8fdb What does chrome or IE say?

                        I don't think it's possibe to install IE on an Android phone?

                        Chrome on my phone, using 4G data connection

                        • Trying to access my.subdomain.domain.org error:

                        This site can't be reached
                        my.subdomain.domain.orgunexpectedlt closed the connection
                        Try:
                        Checking the connection

                        ERR_CONNECTION_CLOSED

                        • Trying to access subdomain.domain.org error

                        This site can't be reached
                        subdomain.domain.org's server IP address could not be found
                        DNS_PROBE_FINISHED_NXDOMAIN

                        I'm unclear - shouldn't subdomain.domain.org have a DNS record, like my.subdomain.domain.org has?

                        @girish has mentioned the router might not support NAT Loopback. Is there any way I can confirm that? If not, are there any options?

                        W 1 Reply Last reply Reply Quote 0
                        • W
                          will @ei8fdb last edited by will

                          @ei8fdb subdomain.domain.com doesn't get an a record unless you put a site there, because Cloudron doesn't have any apps parked there.

                          I'm not sure about how the loop back pinning support plays into this, but I'd run through the checklist again to make sure nothing was missed.

                          1) Verify that you can ping both your static public IP, and the private LAN IP of your Cloudron server. Just to make sure you have connectivity to both.
                          This is just a sanity check to make sure there isn't some bigger problem.

                          2) Correct IP in Gandi Dashboard
                          Just double deck that this is your static IP.

                          3) DNS propagation (ping from desktop or whatever and make sure the DNS resolves to the correct IP)
                          Double check that Gandi has passed your DNS/IP settings to other name servers.

                          4) Turn off port forwarding and go to my.subdomain.domain.com
                          Expected result, your router login.

                          This verifies the path between:
                          [You]-------> [DNS Name Resolution] ------> [IP Address] -----> [Path back home to your server]
                          If that is good, we go deeper.

                          5) Turn on port forwarding and try that again.
                          Expected result: Cloudron login screen.*

                          6) Try to load on both IE and your phone on 4g and report results.
                          Just to make sure the setup is correct, but the problem still exists.

                          Run through those steps, even if you've done them before, just to be thorough. Let us know what happens.

                          (I'm in meetings all day, I only skimmed, I hope this helps)

                          1 Reply Last reply Reply Quote 1
                          • G
                            grimm1369 last edited by

                            I turned off port forwarding and attempted to go to my.twilightknights.org it does not go to my routers page.

                            I am using cloudflare for my dns

                            My dns enteries are
                            A
                            my
                            (routers Public IP) removed for security.

                            DNS only

                            2 min
                            EditWhen toggled open, an additional table row will be added below this row to enable editing DNS records.
                            TXT
                            cloudron._domainkey
                            "v=DKIM1; t=s; p=MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDl3h89mEscwVqqWwMC6z86/fqdx1VGBU56vPaaJCND+DgL410RBUCOJejWb0zWtTG3vVy94HMOO+P0ZQhFLxNBcfzip3yJLH4TGgsuVjAntmLeVeLr57NF+ozASQcrjizO7x7nlJFMgEyG4MixD+9dZ815YO+cF/mWvUUMzATbUQIDAQAB"
                            DNS only

                            2 min
                            EditWhen toggled open, an additional table row will be added below this row to enable editing DNS records.
                            TXT
                            _dmarc
                            "v=DMARC1; p=reject; pct=100"
                            DNS only

                            2 min
                            EditWhen toggled open, an additional table row will be added below this row to enable editing DNS records.
                            TXT
                            twilightknights.org
                            "v=spf1 a:my.twilightknights.org ~all"
                            DNS only

                            2 min
                            EditWhen toggled open, an additional table row will be added below this row to enable editing DNS records.

                            girish 1 Reply Last reply Reply Quote 0
                            • Referenced by  girish girish 
                            • girish
                              girish Staff @grimm1369 last edited by

                              @grimm1369 Let's continue this further at https://forum.cloudron.io/post/44414

                              1 Reply Last reply Reply Quote 0
                              • First post
                                Last post
                              Powered by NodeBB