Cloudron makes it easy to run web apps like WordPress, Nextcloud, GitLab on your server. Find out more or install now.


  • Categories
  • Recent
  • Tags
  • Popular
  • Bookmarks
Skins
  • Light
  • Cerulean
  • Cosmo
  • Flatly
  • Journal
  • Litera
  • Lumen
  • Lux
  • Materia
  • Minty
  • Morph
  • Pulse
  • Sandstone
  • Simplex
  • Sketchy
  • Spacelab
  • United
  • Yeti
  • Zephyr
  • Dark
  • Cyborg
  • Darkly
  • Quartz
  • Slate
  • Solar
  • Superhero
  • Vapor

  • Default (No Skin)
  • No Skin
Collapse

Cloudron Forum

Apps | Demo | Docs | Install

New to Cloudron... I have it working... I think?

Scheduled Pinned Locked Moved Solved Support
cloudflare
11 Posts 4 Posters 525 Views
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
Reply
  • Reply as topic
Log in to reply
This topic has been deleted. Only users with topic management privileges can see it.
  • diehardbatteryD Offline
    diehardbatteryD Offline
    diehardbattery
    wrote on last edited by girish
    #1

    So I've been able to install Cloudron and get it working. I successfully installed Guacamole which is working fine and is accessible outside my network. I use CloudFlare for my domain including DNS. Unfortunately I've encountered an issue where my domain also uses Google Workspace (mysparenoggin.me). Since Cloudron was installed, Google has been blocking all outgoing emails (can still receive). I know this has something to do with DMARC but honestly I'm in over my head.

    To add, I am also unable to access my Cloudron dashboard via the domain name (my.mysparenoggin.me). I get various SSL errors depending on the browser (HSTS on MS Edge, unknown issuer (CloudFlare when I view the cert) on Firefox, which additionally returns cannot find that site if I attempt to proceed). I would love to solve these 2 issues but I am at a loss on how to proceed. I did follow the troubleshooting steps from Cloudron Docs but all seems fine in that regard.

    1 Reply Last reply
    0
  • subvenS Offline
    subvenS Offline
    subven
    wrote on last edited by subven
    #2

    First off you have to disable Cloudflares universal SSL certificates.

    ztjtzik67oi.png

    Second...what did you configure for SSL at the Cloudron Setup? Maybe you ran into the lets encrypt rate limits due to wrong configuration.

    diehardbatteryD 1 Reply Last reply
    1
  • diehardbatteryD Offline
    diehardbatteryD Offline
    diehardbattery
    replied to subven on last edited by
    #3

    @subven I honestly don't remember setting anything up for SSL. When I first setup Cloudron I chose CloudFlare when it wanted the DNS info and that was it. As for disabling universal SSL, it looks as if I wouldnt be able to access anything I have via CloudFlare unless each service has its own encryption? I also use a Kemp load balancer that uses CloudFlare SSL including the root cert. Would that be affected? I don't remember doing anything with LetsEncrypt so unless it's running in the background and manages itself automatically I don't believe there was any input from me regarding that.

    subvenS 1 Reply Last reply
    0
  • subvenS Offline
    subvenS Offline
    subven
    replied to diehardbattery on last edited by subven
    #4

    @diehardbattery Cloudron does automatic SSL for every app and the Dashboard via Lets Encrypt so please disable Cloudflares universall SSL for the domain you choose to be managed by Cloudron just toibe sure that this is not the root cause of your problems.

    I would also advice to read the docs regarding Cloudflare DNS and the various support tickets.

    diehardbatteryD 1 Reply Last reply
    0
  • diehardbatteryD Offline
    diehardbatteryD Offline
    diehardbattery
    replied to subven on last edited by diehardbattery
    #5

    @subven I have gone ahead and disabled it. Now I get a connection timeout error no matter what browser I use. My other services are now down as well. I'm also not sure about the relevancy of the links you provided. The first link assumes I can get into the Cloudron dashboard which I cannot. It also says to provide the Cloudflare API key, which I did so in the initial setup. I was able to at some point without changing anything, otherwise how would I have successfully installed Guacamole?

    Also, I re-enabled Universal SSL to see if my other sites come back. They do not. So I have to redo keys for those as well?

    girishG 1 Reply Last reply
    0
  • girishG Do not disturb
    girishG Do not disturb
    girish Staff
    replied to diehardbattery on last edited by
    #6

    @diehardbattery Hard to make out what is the current status of the server/dns, are you able to write to support@cloudron.io with your server IP and domain name ? We can help you out there.

    diehardbatteryD 1 Reply Last reply
    2
  • diehardbatteryD Offline
    diehardbatteryD Offline
    diehardbattery
    replied to girish on last edited by
    #7

    @girish I believe I might have solved at least part of the problem. I use a Kemp Load Balnacer that uses port 443. It also acts as a reverse proxy. Assuming everything for Cloudron uses port 443, I needed to create a content matching rule to direct to the correct domain. As for disabling Universal SSL, I had to generate new keys for everything else that uses it.

    subvenS 1 Reply Last reply
    0
  • robiR Offline
    robiR Offline
    robi
    wrote on last edited by
    #8

    FYI, as I wasn't familiar with Kemp, I looked it up and they have a free LB good for 20mbit at L7.

    More specs at:
    https://freeloadbalancer.com/

    Might be useful as an app for Cloudron too.

    @diehardbattery feel free to create an app request in the forum, since you introduced it.

    Life of sky tech

    diehardbatteryD 1 Reply Last reply
    0
  • diehardbatteryD Offline
    diehardbatteryD Offline
    diehardbattery
    replied to robi on last edited by
    #9

    @robi There is a pretty good tutorial (CloudFlare based)

    about setting it up.

    1 Reply Last reply
    1
  • subvenS Offline
    subvenS Offline
    subven
    replied to diehardbattery on last edited by subven
    #10

    @diehardbattery well Cloudron requires a lot of more ports then just 443. Maybe thats why your SSL cert creation with Lets Encrypt failed in the first place.

    You never told us that you use the Domain for other services then Cloudron and therefore depend on the Universal SSL feature (which is not ideal).

    I see your dashboard working. Is your mail problem fixed so far?

    diehardbatteryD 1 Reply Last reply
    0
  • diehardbatteryD Offline
    diehardbatteryD Offline
    diehardbattery
    replied to subven on last edited by diehardbattery
    #11

    @subven Sorry I wasn't clear on the domain thing. It's fixed now so no worries. I do have email working. I disabled mail in Cloudron (I don't see a use for it as it is just me), and redid the dmarc and other records that Google requires.

    1 Reply Last reply
    1
  • girishG girish marked this topic as a question on
  • girishG girish has marked this topic as solved on

  • Login

  • Don't have an account? Register

  • Login or register to search.
  • First post
    Last post
0
  • Categories
  • Recent
  • Tags
  • Popular
  • Bookmarks
  • Login

  • Don't have an account? Register

  • Login or register to search.