Open anecdotal-testimonio opened 6 months ago
azukaar
commented
6 months ago Just let it use its self-signed cert, then when creating a route to the container, do https://mumble:port instead of http. Finally, make sure you tick "allow insecure HTTPS" so the self signed cert is accepted. Cosmos will then re-encrypt the traffic into your LE cert
anecdotal-testimonio
commented
6 months ago Hello,
thanks for the hint. Unfortunately that did not solve the problem. After setting up a fresh mumble container and applying your proposed settings, I still get a self-signed cert warning (Murmur autogenerated Certificate v2) when connecting to the mumble server via the mumble client.
On the other side the LE cert is used when I connect to the corresponding domain via browser (but of course it shows a blank page, since the server has no UI itself)
Logs show multiple errors like this:
Connection closed: Error during SSL handshake: error:14094412:SSL routines:ssl3_read_bytes:sslv3 alert bad certificate [13]
Any idea?
anecdotal-testimonio
commented
6 months ago Found a workaround:
cosmos.config.json contains the two LE-cert parts, exctracting them and placing them in the mumble-volume in one file as key.pem + adding them to the config with an environment variable solves the issue - at least as long as the certs are valid.
Still would be cool to have a more straightforward way of solving this 😄
Hey,
I've recently switched over from Yunohost and I must say that I'm really pleased how cosmos server works, great software for self-hosting!
I've tried to get mumble to work with the official docker image, but unfortunately it keeps creating a self-signed cert inside the container and doesn't make use of the let's encrypt certs created with cosmos cloud.
Could you either give me a hint on how to make it work with cosmos cloud or even better, which would surely be helpful to others, create a pre-configured app in the market? Either of it would be very much appreciated!
Thanks for your work and this great software!