Good afternoon everyone,
I have the following setup in my home-lab:
ESXi
PfSense
NextCloud
TrueNAS
I am running HAproxy in PfSense instance, and have a domain that I have set up to access my NAS locally (and I have tested it and can make it work externally, though I do not want to do that). I can access it localy at an address like nas.homelab.com
I am trying to set up NextCloud the same way, this time externally, however, I keep getting a 503 error. I have this set up so I can see it from the internet as well, using a link similar to nc.homelab.com
I've gone through and set everything up as best I can using a Lawerence Systems video on the subject, however, I can not figure out how to get rid of the 503 error.
I've seen other threads mentioning to make sure I have a default backend to eliminate this error, however I have one set for the NAS, since I know it works, and nothing has changed.
Thank you all for your help!
Sam
Related
I've never had this problem before, but suddenly as of this morning, if I try to fire up my Phoenix app while my VPN is on, I get a bunch of eaddrnotavail errors from Postgres. If I try to start my app with the VPN off, it works fine, and it continues to work fine even if I then turn the VPN on, but if I try to start it with the VPN already running, eaddrnotavail errors every time.
Anyone have any idea why this is happening or how to fix it?
I got a response from ProtonVPN on this. Apparently they're working on a technical solution, but this is the main issue:
outgoing connections to some database-related
ports are currently being blocked on most of our servers for
anti-abuse reasons
Normally, any user connected to the same ProtonVPN
server would have the same authorization to access the database you
are willing to connect to unless there are additional security
measures in place, so this is not recommended and insecure. Even if
you whitelist some ProtonVPN IP addresses with your firewall, that is
still not enough because any user would still be able to reach your
database through the very same ProtonVPN IP address.
we are working on a solution to provide dedicated IPs
I have found some similar questions to kubernetes API server not starting but the error message I am getting is different. I have had a working cluster for several months, went to login yesterday and it was offline. Looked around in some log files and this is what I get below, looks like its trying to make a DNS query to my local DNS Server which has been working fine for the last few years and still works fine. The Log is below and I'm pretty frustrated because I don't know how to fix this, have made no config changes and hoping the community can help.
E0609 00:03:14.518792 1 controller.go:152] Unable to remove old endpoints from kubernetes service: StorageError: key not found, Code: 1, Key: /registry/masterleases/192.168.5.2, ResourceVersion: 0, AdditionalErrorMsg:
F0609 00:03:14.534558 1 controller.go:161] Unable to perform initial IP allocation check: unable to refresh the service IP block: Get https://localhost:6443/api/v1/services: dial tcp: lookup localhost on 172.16.0.1:53: no such host
In case anybody else comes across this issue, it had to do with a missing entry in my /etc/hosts file, there needs to be a line "127.0.0.1 localhost" for the api server to start correctly. If that is missing it tries to use a DNS server lookup which does not make sense, happy I have it working!
I am looking for good references for setting up Nginx: for a Java (J8EE) app running in Wildfly18(+Adapter)[Set up as service] talking to local Keycloak9(Wildfly)[Set up as service] on Linux (Ubuntu).
This will be a simple setup (No clustering etc.) and can even use LetsEncrypt if required.
Works locally on W10; and have set up mostly on an ubuntu server; but serve, now being remote, is making things more awkward.
Any references greatly received.
I have done the NGINX (using letsencrypt) and posted it here.
There was a realy horrid problem then with "invalid redirect uri" problem and this post also have the "solution" to that.
See:
Moving to https in keycloak using nginx
I have an application with a server written in F# and serve web files using suave. I remote login using powershell into another machine in the network to run the application (The application is also in one of the network drives). I do that because that machine have access to third party APIs needed for the server. Now when I do [IPAddress_Of_Remote_Machine]/[html_file] or [name_of_pc]/[html_file] then chrome is waiting forever and doesn't ever return the webpage. This wasn't happening before and I ran into this problem recently. I opened a different port and used it instead of the default one 80. This made things work but the problem keeps showing up after a couple of days. I don't think it's a firewall issue but I'm clueless to why this is happening.
When running netstat -an, this is what I get (I hid the IP address):
As you can see all of the connections are either in CLOSE_WAIT or ESTABLISHED but not LISTENING. All of these TCP connections is probably because I have PhantomJS and two other APIs running in the application as well. However the loop back address is also open on the same port 5959:
I'm not sure what is difference between these two but when using PortQryUI to query the remote server it returns a success!
I have already made an inbound rule for port 5959 on the server so it should be allowed. The web page is stuck at Waiting for [name_of_pc]. Also, sometimes this problem disappears and everything works fine.
What is the potential problem behind this? Why would this happen all of a sudden?
UPDATE:
I re-ran the application today and it's working correctly. It could be that something is dynamically set within the firewall? Not really sure what is going on. The machine I'm running the server on has a bunch of applications running on it as well so maybe there is an external process that is affecting it?
I made a hello world app with Suave and deployed it on the network drive to test if it's going to work. I opened inbound rule for port 6001
Then I ran the app:
However, it's still not working and this time it says the site cannot be reached when I do: http://[name_of_pc]:6001.
Moving this to an answer so that it can be closed:
Could you post the bindings section of your suave cfg? I'm guessing you know where that is since you are using a non-standard port but if you need don't, search for HttpBinding. I suspect you will find it pointing to 127.0.0.1 which is not good enough for remote access. You could try changing it to 0.0.0.0 or to the server's actual IP address. I would try 0.0.0.0 first for the flexibility it provides
I installed usbwebserver
everthing is running, I am trying to reach the root page index.php?
I read everything I possibly can and sorry but I still cant figure out how to reach my localhost
I reach my page with localhost:8080 and the page I want shows up but if I replace it with IP:8080 it does not.
I am trying to reach this page outside of my local network.
I'm sorry, I need to provide you a separate answer for your reformatted question for the "down the street" scenario. I can troubleshoot a few of the issues you're probably having.
ISP's don't typically allow residential internet connections to serve resources over port 8080, or 80. Even if you were to configure your computer as needed, if you're on a standard internet service provider they're probably blocking you in the middle even if you have punched holes all your local security in an attempt to serve assets over port 8080/80.
Assuming they don't allow that you're going to have to first configure your outbound middleware(php in your case) to listen to calls into your ip on a different port. ( You can do this in your C:\WAMP\ folder, in the "wampserver" configuration file. Here's a good walkthrough here: (http://forum.wampserver.com/read.php?2,13744)
Now, you're going to have to drop any firewalls windows/ubuntu/macOS are providing on that port. (This is the part where you've rolled out the red carpet for hackers to get into your box(es) so be careful!) Here's a link for a short and sweet explanation on windows here: (http://yourbusiness.azcentral.com/turn-off-windows-firewall-19396.html) Note that you can open individual ports, you don't have to drop your entire firewall.
Make sure you have opened up access to any folders/mySQLdb's/resources to outside requests as well (seriously, this is a REALLY bad idea from an #home server if you don't know what you're doing)
Then figure out the correct ip and the correct port and give it a go! If it still doesn't work you can download a program like [wireshark] (https://www.wireshark.org/download.html) or [fiddler] (http://www.telerik.com/download/fiddler/fiddler2) to debug your inbound/outbound traffic and see what the machine's seeing before your browser/server gives you any user visible information.
One thing to note, if you are an amateur web developer your homepage is called "index.html" not "home.html" "home.html" only works fine locally, but internet browser engines look by default, for "index.html"
Lastly, and I really can't stress this enough don't host through your personal ISP and serve files from your own machine. Hosting through Fatcow, or hostgator, or any of the other hosts is really honestly dirt cheap and they know far better than you or I do about security.
That said, I hope very much that you succeed in using my answer, or at the very least learning something from it. Happy Coding!
http://www.canyouseeme.org/
--
Read the Background session
go to a command line, type "ipconfig"
Hit Enter.
Under "Ethernet adapter Ethernet:
It should be the third line down, has your following:
IPV4 Address : 192.168.1.xxx where "xxx" is your ip
address.
USE "//" + "the ip address shown for (ipv4)" plus ":8080" and your default page
should show just fine.
For example, if your cmd "ipconfig" for this process reads: "192.168.1.12"
your total URL in your browser will be "//192.168.1.12:8080"
Note that I used 2 forward slashes prior to using an IP address on your
local network. That let's your computer know it's using your network, not
the actual internet. The slashes alone may solve your problem. Also note, if you're accessing a database through your webapp, you will also need to properly configure your db settings to allow access.
First find your outside ip adress not local ip. After that go into router panel and open to use from apache server. Anyone able to access that port now. You can connect outside your local website now. If you can't do that. Try again. This is the way to doing this.