Can't get my domain to work with Cloudron
-
Yeah that didn't work. Still giving me the error 522 and saying that it can't connect to the host. So, which IP address should I use for my DNS records in my Cloudflare account? Also, another thing I did that I thought would help is I port forwarded 443 and 80 in my router to the private IP of my Ubuntu server.
-
Ah if your instance is behind a NAT in your local network, then you have to forward a few ports from your router to the internal Cloudron server. 443 and 80 are basically the bare minimum. You can get some overview at https://docs.cloudron.io/security/#cloud-firewall
Further as @girish recommended, disable the cloudflare proxying at first until you managed to get it working without it. Just to rule out one possible point of failure.
The DNS records values in your case would be the public IP of your router. Then with the portforwarding rules, the connections will reach your internal Cloudron server. In case you are on an ISP connection where the IP might change on reconnect, you can consider using the dyndns feature of Cloudron. -
G girish marked this topic as a question on
-
Yeah I've made sure that port 443 and 80 are port forwarded on my router and I have made sure to disable the proxy in my cloudflare account for my DNS records and it still gives me the same error I attached in the beginning. I can't reach the web application at all. Is there a way to troubleshoot through the command line on my Ubuntu server itself?
-
@danteswrath The initial error screenshot shows a cloudflare error. You are still seeing the same error despite having cloudflare proxying disabled?
-
As a way to debug, try this on cloudron server itself:
- Make a note of your public IPv4 .
curl https://ipv4.api.cloudron.io/api/v1/helper/public_ip - Then,
host my.domain.com 8.8.8.8. Does this print the above public IPv4 IP address? - Then,
curl https://my.domain.com. Does it print some html? - Then, if you open
https://my.domain.comin browser, does it work?
- Make a note of your public IPv4 .
-
Okay, I used the first command and it posted my public IP. I used the host my.domain.com 8.8.8.8 and that also printed my public IP.
Now, when I tried curl https://my.domain.com, it gave me the following:
curl: (7) Failed to connect port 443: connection refused
So, I've made sure that port 443 and 80 are port forwarded on my Ubuntu private IP address and I have the DNS records set to my public IP in my Cloudflare account with the proxy disabled and it's still not working.
-
@danteswrath said in Can't get my domain to work with Cloudron:
curl: (7) Failed to connect port 443: connection refused
This is most likely to do with your router not supporting hairpin/loopback NAT. What you can do to verify this is connect from outside your network and see if the curl works. If that works, either you need a router that supports hairpin NAT. Alternately, try the workaround at https://docs.cloudron.io/troubleshooting/#hairpin-nat
-
Okay, I checked out that workaround, but I'm still new to these sort of configuration, so would you be able to walk me through some of it?
This option in the workaround confuses me a bit:
Configure your network's DNS server to return the Local VM IP for all the subdomain in use. This way when your PC/Laptop accesses a domain, it starts using the Local VM IP instead of the public IP to connect to Cloudron. Devices outside the network will continue to use the public IP address as expected.
How do I go about configuring my network's DNS servers to return to the local VM IP? And by VM IP would that be my Ubuntu IP address?
-
@danteswrath said in Can't get my domain to work with Cloudron:
Okay, I checked out that workaround, but I'm still new to these sort of configuration, so would you be able to walk me through some of it?
Sure. But before that, did you confirm you can access Cloudron from an external network? Just want to make sure that hairpin NAT is the real issue here.
-
I apologize, I did try accessing it through an external network and it's still giving me the same error.
-
@danteswrath Ah ok, I think we need to debug that first. I don't know why you see a cloudflare access page even when cloudflare proxying is disabled. You have to take this up with cloudflare, I guess.
In fact, the cloudflare page shows "DNS record of some private IP (192.168.x.x)" , not sure what this means.
-
Okay, I will work with Cloudflare and see if there is anything they can help with.
That error that you are referring to only came up when I tried accessing Cloudron by just typing in my Ubuntu IP into my address bar.
-
@danteswrath Oh. So then, what do you get if you access from outside via
https://my.domain.com? Once setup, Cloudron can only be accessed via domain name and not IP address.(I also don't understand how accessing by IP address shows a cloudflare page, but that's some other issue).
-
Well now, both external to my network and internal to my network, I'm just getting "This site can't be reached."
-
Not sure I am fully following, but to get anything Cloudron related out of the way, I assume you are connecting to your Ubuntu server via SSH from your laptop. If this is the case, can you ensure that using your public IP (the one you get when visiting for example https://www.whatismyip.com/ from within your local network, without using any kind of vpn) you can SSH into your server? This requires the very same portforwarding rules like Cloudron requires for other ports. So if you can make this work for your SSH port, then just do the same for basically all ports mentioned at https://docs.cloudron.io/security/#inbound-ports
-
Okay, so just tried a completely fresh install. New install of Ubuntu and Cloudron. Still getting "Site can't be reached." Also just tried SSH, which actually did work without me having to port forward the SSH port in my router.
-
Also, what's really strange is that since I did a fresh install, I initially had to go to my Ubuntu's IP address to do the initial setup.
After I entered my domain with my Cloudflare API Key the page refreshed to my domain, which the page gave me the same message I've been getting.
Now, the weird thing is, if I enter in my Ubuntu IP address in my address bar, it loads the Cloudron setup page, but then refreshes again to my domain and gives me the "site can't be reached" again.
-
@danteswrath can you actually run
curl http://localhostvia SSH on your server? If yes, then nginx is responding correctly. Next would be to runcurl http://<localipofyourserver>from your laptop within the same network. If this works, the server firewall is also fine. Then this is some configuration of your router which is still off. -
Okay so ran both commands and got this for both:
<html>
<head><title>301 Moved Permanently</title></head>
<body>
<center><h1>301 Moved Permanently</h1></center>
<hr><center>nginx</center>
</body>
</html> -
@danteswrath that means http is working as expected. Then if you do the same only replace
httpwithhttpsto test SSL.Just to be sure, http is on port 80 and httpS is on port 443, in case you only have port 80 currently forwarded.
