TrueNAS Core 12.0 - Can't reach web interface

[piereligio]

No idea why, but it denies connections both locally and remotely, both http and https. I also set port forwarding on the router (which sees the jail to be online) and the hosts file on my computer. I think it has connectivity, because I can ping any website from the jail's shell. The regular nextcloud plugin setup will be reachable, the setup done with this script won't. I really wish to use it, seems such a helping script. Thanks

[danb35]

This is likely because Caddy isn't running--test this, inside the jail, by running service caddy status. If it isn't, check the log (/var/log/caddy.log) to find out why.

[piereligio]

You're right, it crashes thus wasn't running. Here's the log:

root@nextcloud-ssl:/var/log # cd /var/logroot@nextcloud-ssl:/var/log # cat /var/log/caddy.log{"level":"info","ts":1615638884.6819463,"msg":"using provided configuration","config_file":"/usr/local/www/Caddyfile","config_adapter":"caddyfile"} run: adapting config using caddyfile: parsing caddyfile tokens for 'email': /usr/local/www/Caddyfile:4 - Error during parsing: Wrong argument count or unexpected line ending after 'email' start: caddy process exited with error: exit status 1 root@nextcloud-ssl:/var/log #

Seems like a version incompatibility for current Caddy?

[danb35]

Seems like a version incompatibility for current Caddy?

Not at all, seems like an error in the Caddyfile. Can you post the first few lines of your Caddyfile? Mask sensitive information, of course.

[piereligio]

domainaddress.tk is a fake address of course:

root@nextcloud-ssl:/usr/local/www # cat Caddyfile
{
        # debug
        acme_ca https://acme-staging-v02.api.letsencrypt.org/directory
        email
        # default_sni domainaddress.tk
}

domainaddress.tk {
        root * /usr/local/www/nextcloud
        file_server
        log {
                output file /var/log/domainaddress.tk.log
                format single_field common_log
        }

        php_fastcgi 127.0.0.1:9000 {
                env front_controller_active true
        }

        header {
                # enable HSTS
                # Strict-Transport-Security max-age=31536000;
        }

        redir /.well-known/carddav /remote.php/dav 301
        redir /.well-known/caldav /remote.php/dav 301

        # .htaccess / data / config / ... shouldn't be accessible from outside
        @forbidden {
                path /.htaccess
                path /data/*
                path /config/*
                path /db_structure
                path /.xml
                path /README
                path /3rdparty/*
                path /lib/*
                path /templates/*
                path /occ
                path /console.php
        }

        respond @forbidden 404
}

[danb35]

{
        # debug
        acme_ca https://acme-staging-v02.api.letsencrypt.org/directory
        email
        # default_sni domainaddress.tk
}

Here's your problem--you have the email directive, but no email address. Enter a valid email address there.

[piereligio]

{
        # debug
        acme_ca https://acme-staging-v02.api.letsencrypt.org/directory
        email
        # default_sni domainaddress.tk
}

Here's your problem--you have the email directive, but no email address. Enter a valid email address there.

Thank you so much for your help, Caddy runs now. Any idea why it was like that? However now I can't get to the console due to an SSL error, but I think it's due to an error I did, so I'll try from scratch later.

[danb35]

Any idea why it was like that?

Because you didn't set CERT_EMAIL in your config file. But I need to improve the docs and/or handling for that case.

can't get to the console due to an SSL error

You'll get a certificate error with this configuration, as I describe in the README--it uses the test server to avoid hitting the rate limits. You should be able to bypass that.

[piereligio]

Any idea why it was like that?

Because you didn't set CERT_EMAIL in your config file. But I need to improve the docs and/or handling for that case.

can't get to the console due to an SSL error

You'll get a certificate error with this configuration, as I describe in the README--it uses the test server to avoid hitting the rate limits. You should be able to bypass that.

Perfect, then I'll reinstall updating the config file with that. Thanks

[danb35]

No need to reinstall, just add your email address there.

[piereligio]

No need to reinstall, just add your email address there.

I already uninstalled it and installed it back. Now it works, thank you so much 😍