19 Oct 2024 |
Rayan Nakib (ريان نقيب) | Download 20241019_085330.png | 08:20:14 |
Rayan Nakib (ريان نقيب) | This ☝️ is my DNS setup | 08:20:23 |
Rayan Nakib (ريان نقيب) | And when I don't set webroot = null; in ACME config, I get this error:
error:
┃ Failed assertions:
┃ - Exactly one of the options
┃ `security.acme.certs.transmission.homelab.nakibrayan.com.dnsProvider`,
┃ `security.acme.certs.transmission.homelab.nakibrayan.com.webroot`,
┃ `security.acme.certs.transmission.homelab.nakibrayan.com.listenHTTP` and
┃ `security.acme.certs.transmission.homelab.nakibrayan.com.s3Bucket`
┃ is required.
┃ Current values: {
┃ dnsProvider = "cloudflare";
┃ listenHTTP = null;
┃ s3Bucket = null;
┃ webroot = "/var/lib/acme/acme-challenge";
| 08:23:14 |
Rayan Nakib (ريان نقيب) | how can I get a wildcard cert for *.domain.duckdns.org | 15:41:40 |
Rayan Nakib (ريان نقيب) | and use it in my reverse proxy? | 15:41:47 |
K900 | You can't | 15:46:57 |
K900 | Unless DuckDNS provides arbitrary TXT records | 15:47:04 |
K900 | The only way to get a wildcard ACME cert is a DNS challenge, which require adding a TXT record to the domain root | 15:47:19 |
Rayan Nakib (ريان نقيب) | https://www.youtube.com/watch?v=qlcVx-k-02E&pp=ygUVd29sZmdhbmdzIGNoYW5lbGwgc3Ns | 15:48:27 |
Rayan Nakib (ريان نقيب) | in the video, the youtuber did it using nginx proxy manger, and without adding any txt records | 15:48:51 |
Rayan Nakib (ريان نقيب) | * In this ☝️ video, The youtuber did it using nginx proxy manger, And without adding any TXT records. | 15:49:16 |
K900 | They're using Cloudflare for DNS | 15:51:02 |
K900 | Not DuckDNS | 15:51:07 |
Rayan Nakib (ريان نقيب) | no, they used DuckDNS | 15:51:26 |
Rayan Nakib (ريان نقيب) | I also own a domain that I manage using cloudflare, could i use it for my homelab and my website at the same time? | 15:51:50 |
K900 | Yes | 15:51:54 |
K900 | They used DuckDNS, and then used Cloudflare to provide a CNAME | 15:52:03 |
K900 | And get a certificate for that | 15:52:07 |
Rayan Nakib (ريان نقيب) | Can you help me, because I don't have experience with this kind of things.
so, I will create:
A record -> homelab -> 192.168.1.6
CNAME record -> *.homelab -> 192.168.1.6 | 15:53:50 |
Rayan Nakib (ريان نقيب) | is this correct? | 15:53:53 |
K900 | Do you literally want your domain name to be homelab ? | 15:54:39 |
Rayan Nakib (ريان نقيب) | no | 15:54:46 |
Rayan Nakib (ريان نقيب) | homelab.nakibrayan.com | 15:54:50 |
K900 | If you have a public domain, I would generally recommend just setting up your resources as subdomains of that | 15:54:56 |
K900 | And then you can use normal ACME stuff with a DNS challenge, even without a wildcard | 15:55:12 |
Rayan Nakib (ريان نقيب) | I want my nextcloud instance to be under, nextcloud.homelab.nakibrayan.com, is this setup possible? | 15:55:57 |
Rayan Nakib (ريان نقيب) | only in my lan | 15:56:06 |
K900 | Yes | 15:56:10 |
Rayan Nakib (ريان نقيب) | how? | 15:56:25 |
K900 | You can set up your LAN's DNS server to resolve that | 15:56:27 |