-
Notifications
You must be signed in to change notification settings - Fork 107
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
[Help Wanted] Unable to create ACME cert behind opnsense and proxmox #83
Comments
I am not sure about opnsense and running inside proxmox, but there are users who run their Zoraxy inside proxmox and ACME tools is usable when Zoraxy is directly exposed to the internet. This seems like a "Help Wanted" issue to me than a bug that caused by Zoraxy. With such complex infrastructure in place, you should keep using Nginx which provide more flexible configuration than Zoraxy. Again, Zoraxy is design for noobs with simple network infrastructure and it is not design to handle complex infra like yours. Not to mention running in Chinese hardware like the Bananapi which, in my experience, might contains weird issues within the kernel they supplied. In your use cases, Nginx seems a better fit for you. I will update the label and keep this here in case anyone out there figure out a solution to your problem. |
Thanks Toby for the reply. I did go back to Nginx for the time being. There
are many who I know or on forums that I'm on that are noobs. Ill make sure
to reference this app to them. However, I think I may have been doing
something wrong after looking a little closer. I think my issue was the
root proxy port and the proxied port on the status page. If someone was
just doing a common reverse proxy function with Zoraxy, what should go in
the set root proxy and what should go in the proxied port on the status
page? Will use this for future reference when referring this app.
…On Fri, Nov 24, 2023 at 4:02 AM Toby Chui ***@***.***> wrote:
I am not sure about opnsense and running inside proxmox, but there are
users who run their Zoraxy inside proxmox and ACME tools is usable when
Zoraxy is directly exposed to the internet. This seems like a "Help Wanted"
issue to me than a bug that caused by Zoraxy.
With such complex infrastructure in place, you should keep using Nginx
which provide more flexible configuration than Zoraxy. Again, Zoraxy is
design for noobs with simple network infrastructure and it is not design to
handle complex infra like yours. Not to mention running in Chinese hardware
like the Bananapi which, in my experience, might contains weird issues
within the kernel they supplied. In your use cases, Nginx seems a better
fit for you.
I will update the label and keep this here in case anyone out there figure
out a solution to your problem.
—
Reply to this email directly, view it on GitHub
<#83 (comment)>,
or unsubscribe
<https://github.com/notifications/unsubscribe-auth/ABY7PVNJOTIIE3XG2SGYUMDYGBWEZAVCNFSM6AAAAAA7Y3HQX6VHI2DSMVQWIX3LMV43OSLTON2WKQ3PNVWWK3TUHMYTQMRVGQZDKOBQHE>
.
You are receiving this because you authored the thread.Message ID:
***@***.***>
|
Hi @Dvalin21, As Zoraxy is not Apache or Nginx that has their own static web server (at least not before 2.6.7), the proxy root is designed for you to forward default traffics to an external web server (like Apache or Nginx). Now with the 2.6.8 release, you can just tick "Use static web server as root" options and let Zoraxy's build in static web server handles the unknown traffics. That aside, it is common that you might not be used to how Zoraxy name things if you are a long term Nginx (or NPM) user. For those options, here is how I set them Where I have another Apache web server running on localhost:8080 (this can be any LAN address, public IP address or domain) and my zoraxy allow https access (i.e. port 443) from the internet (WAN). |
@tobychui Thank you so much for taking the time to explain this. I will be referring other users to this app and will share this to help them understand the setup. |
Describe the bug
I've tried installing this on proxmox, behind opnsense. For some reason, even after verifying both ports 80 and 443 were open, it wouldn't allow me to create letsencrypt certificates. Also under "certs wiki" where you can verify that your ports are open, it would fail each time. I've other ports opened the same way with no issues. Is it possibly because I have it installed on Proxmox?
To Reproduce
Steps to reproduce the behavior:
In opnsense, here is how I had the port forwarding setup
Under
Nat
Port Forwarding
The text was updated successfully, but these errors were encountered: