Cloudron makes it easy to run web apps like WordPress, Nextcloud, GitLab on your server. Find out more or install now.


    Cloudron Forum

    • Register
    • Login
    • Search
    • Categories
    • Recent
    • Tags
    • Popular

    Solved Can't get my domain to work with Cloudron

    Support
    cloudflare
    4
    30
    752
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • D
      danteswrath last edited by girish

      So, I've installed Cloudron on a Ubuntu VM on my Proxmox server. During the Cloudron setup I used my Cloudflare domain and used the API global key to get everything set up, but it didn't work. I have the error attached.

      Now, I was able to get the initial setup working by going to the IP address of my Ubuntu server, but then ran into an issue getting guacamole installed. Now, after rebooting my Ubuntu server and trying to get back in, the IP and my domain are not working at all.IP error.PNG Domain Error.PNG

      girish 1 Reply Last reply Reply Quote 0
      • girish
        girish Staff @danteswrath last edited by

        During the Cloudron setup I used my Cloudflare domain and used the API global key to get everything set up, but it didn't work. I have the error attached.

        Does this mean you could not complete the DNS setup ?

        Now, I was able to get the initial setup working by going to the IP address of my Ubuntu server, but then ran into an issue getting guacamole installed.

        It looks like you did complete the DNS setup. Once the DNS setup is complete, you cannot navigate to Cloudron by IP address. You should instead only go to https://my.domain.com . This is because when you have multiple apps on a single server/IP, the only way to distinguish which app is to be served to the browser is by the domain name. Just the IP address is insufficient.

        1 Reply Last reply Reply Quote 0
        • girish
          girish Staff last edited by

          Also, for a start, just to help debugging this, I would remove cloudflare proxying. You can do this by going inside Cloudflare and clicking on the orange cloud icon for the domains.

          1 Reply Last reply Reply Quote 0
          • D
            danteswrath last edited by

            Yeah that didn't work. Still giving me the error 522 and saying that it can't connect to the host. So, which IP address should I use for my DNS records in my Cloudflare account? Also, another thing I did that I thought would help is I port forwarded 443 and 80 in my router to the private IP of my Ubuntu server.

            1 Reply Last reply Reply Quote 0
            • nebulon
              nebulon Staff last edited by

              Ah if your instance is behind a NAT in your local network, then you have to forward a few ports from your router to the internal Cloudron server. 443 and 80 are basically the bare minimum. You can get some overview at https://docs.cloudron.io/security/#cloud-firewall

              Further as @girish recommended, disable the cloudflare proxying at first until you managed to get it working without it. Just to rule out one possible point of failure.
              The DNS records values in your case would be the public IP of your router. Then with the portforwarding rules, the connections will reach your internal Cloudron server. In case you are on an ISP connection where the IP might change on reconnect, you can consider using the dyndns feature of Cloudron.

              1 Reply Last reply Reply Quote 3
              • Topic has been marked as a question  girish girish 
              • D
                danteswrath last edited by

                Yeah I've made sure that port 443 and 80 are port forwarded on my router and I have made sure to disable the proxy in my cloudflare account for my DNS records and it still gives me the same error I attached in the beginning. I can't reach the web application at all. Is there a way to troubleshoot through the command line on my Ubuntu server itself?

                girish 1 Reply Last reply Reply Quote 0
                • girish
                  girish Staff @danteswrath last edited by

                  @danteswrath The initial error screenshot shows a cloudflare error. You are still seeing the same error despite having cloudflare proxying disabled?

                  1 Reply Last reply Reply Quote 0
                  • girish
                    girish Staff last edited by

                    As a way to debug, try this on cloudron server itself:

                    • Make a note of your public IPv4 . curl https://ipv4.api.cloudron.io/api/v1/helper/public_ip
                    • Then, host my.domain.com 8.8.8.8 . Does this print the above public IPv4 IP address?
                    • Then, curl https://my.domain.com . Does it print some html?
                    • Then, if you open https://my.domain.com in browser, does it work?
                    1 Reply Last reply Reply Quote 0
                    • D
                      danteswrath last edited by

                      Okay, I used the first command and it posted my public IP. I used the host my.domain.com 8.8.8.8 and that also printed my public IP.

                      Now, when I tried curl https://my.domain.com, it gave me the following:

                      curl: (7) Failed to connect port 443: connection refused

                      So, I've made sure that port 443 and 80 are port forwarded on my Ubuntu private IP address and I have the DNS records set to my public IP in my Cloudflare account with the proxy disabled and it's still not working.

                      girish 1 Reply Last reply Reply Quote 0
                      • girish
                        girish Staff @danteswrath last edited by

                        @danteswrath said in Can't get my domain to work with Cloudron:

                        curl: (7) Failed to connect port 443: connection refused

                        This is most likely to do with your router not supporting hairpin/loopback NAT. What you can do to verify this is connect from outside your network and see if the curl works. If that works, either you need a router that supports hairpin NAT. Alternately, try the workaround at https://docs.cloudron.io/troubleshooting/#hairpin-nat

                        1 Reply Last reply Reply Quote 0
                        • D
                          danteswrath last edited by

                          Okay, I checked out that workaround, but I'm still new to these sort of configuration, so would you be able to walk me through some of it?

                          This option in the workaround confuses me a bit:

                          Configure your network's DNS server to return the Local VM IP for all the subdomain in use. This way when your PC/Laptop accesses a domain, it starts using the Local VM IP instead of the public IP to connect to Cloudron. Devices outside the network will continue to use the public IP address as expected.

                          How do I go about configuring my network's DNS servers to return to the local VM IP? And by VM IP would that be my Ubuntu IP address?

                          girish 1 Reply Last reply Reply Quote 0
                          • girish
                            girish Staff @danteswrath last edited by

                            @danteswrath said in Can't get my domain to work with Cloudron:

                            Okay, I checked out that workaround, but I'm still new to these sort of configuration, so would you be able to walk me through some of it?

                            Sure. But before that, did you confirm you can access Cloudron from an external network? Just want to make sure that hairpin NAT is the real issue here.

                            1 Reply Last reply Reply Quote 0
                            • D
                              danteswrath last edited by

                              I apologize, I did try accessing it through an external network and it's still giving me the same error.

                              girish 1 Reply Last reply Reply Quote 1
                              • girish
                                girish Staff @danteswrath last edited by girish

                                @danteswrath Ah ok, I think we need to debug that first. I don't know why you see a cloudflare access page even when cloudflare proxying is disabled. You have to take this up with cloudflare, I guess.

                                In fact, the cloudflare page shows "DNS record of some private IP (192.168.x.x)" , not sure what this means.

                                1 Reply Last reply Reply Quote 0
                                • D
                                  danteswrath last edited by

                                  Okay, I will work with Cloudflare and see if there is anything they can help with.

                                  That error that you are referring to only came up when I tried accessing Cloudron by just typing in my Ubuntu IP into my address bar.

                                  girish 1 Reply Last reply Reply Quote 0
                                  • girish
                                    girish Staff @danteswrath last edited by

                                    @danteswrath Oh. So then, what do you get if you access from outside via https://my.domain.com ? Once setup, Cloudron can only be accessed via domain name and not IP address.

                                    (I also don't understand how accessing by IP address shows a cloudflare page, but that's some other issue).

                                    1 Reply Last reply Reply Quote 0
                                    • D
                                      danteswrath last edited by danteswrath

                                      Well now, both external to my network and internal to my network, I'm just getting "This site can't be reached."

                                      1 Reply Last reply Reply Quote 0
                                      • nebulon
                                        nebulon Staff last edited by

                                        Not sure I am fully following, but to get anything Cloudron related out of the way, I assume you are connecting to your Ubuntu server via SSH from your laptop. If this is the case, can you ensure that using your public IP (the one you get when visiting for example https://www.whatismyip.com/ from within your local network, without using any kind of vpn) you can SSH into your server? This requires the very same portforwarding rules like Cloudron requires for other ports. So if you can make this work for your SSH port, then just do the same for basically all ports mentioned at https://docs.cloudron.io/security/#inbound-ports

                                        1 Reply Last reply Reply Quote 0
                                        • D
                                          danteswrath last edited by

                                          Okay, so just tried a completely fresh install. New install of Ubuntu and Cloudron. Still getting "Site can't be reached." Also just tried SSH, which actually did work without me having to port forward the SSH port in my router.

                                          nebulon 1 Reply Last reply Reply Quote 0
                                          • D
                                            danteswrath last edited by

                                            Also, what's really strange is that since I did a fresh install, I initially had to go to my Ubuntu's IP address to do the initial setup.

                                            After I entered my domain with my Cloudflare API Key the page refreshed to my domain, which the page gave me the same message I've been getting.

                                            Now, the weird thing is, if I enter in my Ubuntu IP address in my address bar, it loads the Cloudron setup page, but then refreshes again to my domain and gives me the "site can't be reached" again.

                                            1 Reply Last reply Reply Quote 0
                                            • nebulon
                                              nebulon Staff @danteswrath last edited by

                                              @danteswrath can you actually run curl http://localhost via SSH on your server? If yes, then nginx is responding correctly. Next would be to run curl http://<localipofyourserver> from your laptop within the same network. If this works, the server firewall is also fine. Then this is some configuration of your router which is still off.

                                              1 Reply Last reply Reply Quote 0
                                              • D
                                                danteswrath last edited by

                                                Okay so ran both commands and got this for both:

                                                <html>
                                                <head><title>301 Moved Permanently</title></head>
                                                <body>
                                                <center><h1>301 Moved Permanently</h1></center>
                                                <hr><center>nginx</center>
                                                </body>
                                                </html>

                                                nebulon 1 Reply Last reply Reply Quote 0
                                                • nebulon
                                                  nebulon Staff @danteswrath last edited by nebulon

                                                  @danteswrath that means http is working as expected. Then if you do the same only replace http with https to test SSL.

                                                  Just to be sure, http is on port 80 and httpS is on port 443, in case you only have port 80 currently forwarded.

                                                  1 Reply Last reply Reply Quote 0
                                                  • D
                                                    danteswrath last edited by

                                                    This is what I get when I try "https" instead of "http"

                                                    curl: (60) SSL certificate problem: self signed certificate
                                                    More details here: https://curl.haxx.se/docs/sslcerts.html

                                                    curl failed to verify the legitimacy of the server and therefore could not
                                                    establish a secure connection to it. To learn more about this situation and
                                                    how to fix it, please visit the web page mentioned above.

                                                    nebulon 1 Reply Last reply Reply Quote 0
                                                    • nebulon
                                                      nebulon Staff @danteswrath last edited by

                                                      @danteswrath ok, so this is also not too bad, since Cloudron does come up with a self-signed certificate initially until the setup via browser is finished and a real domain is setup.

                                                      So what happens now if you go to https://<your public ip> ? It would be expected to see a browser warning about insecure page, which you have to skip to reach the dashboard domain setup.

                                                      D 1 Reply Last reply Reply Quote 0
                                                      • D
                                                        danteswrath @nebulon last edited by

                                                        @nebulon Gives me the same message I've been getting "This site can't be reached."

                                                        nebulon 1 Reply Last reply Reply Quote 0
                                                        • nebulon
                                                          nebulon Staff @danteswrath last edited by

                                                          @danteswrath then this is something about your browser, if curl works as expected. Do you have any addons active which could interfere here? Note as mentioned, that using a self-signed certificate is usually considered unsafe, which is why maybe some security related addon or some browser setting itself could "protect" you here. Can you try some other browser maybe?

                                                          D 1 Reply Last reply Reply Quote 1
                                                          • D
                                                            danteswrath @nebulon last edited by

                                                            @nebulon I've tried a couple browsers and still the same thing.

                                                            nebulon 1 Reply Last reply Reply Quote 0
                                                            • nebulon
                                                              nebulon Staff @danteswrath last edited by

                                                              @danteswrath this is very strange then. Maybe you can send a mail with your public IP to support@cloudron.io so we can test this from here.

                                                              1 Reply Last reply Reply Quote 0
                                                              • girish
                                                                girish Staff last edited by

                                                                Unfortunately, we could never figure out why port forwarding does not work with @danteswrath 's router.

                                                                @danteswrath If you like you can open a new thread here with your router information and maybe someone knows how to configure it properly.

                                                                1 Reply Last reply Reply Quote 0
                                                                • Topic has been marked as solved  girish girish 
                                                                • First post
                                                                  Last post
                                                                Powered by NodeBB