Hi friends,

I have been trying to sort this out for many days now, and I am stuck on what is most likely a small issue I am overlooking. I have read many guides and previous posts on this, but I still haven’t figured it out. I will explain what I have done and hopefully someone can spot the error. Scroll all the way down to read all details.

  • I have my FQDN on Cloudflare. I set its DNS entries, as you can see below, to point to my PUBLIC IP where my stuff is hosted.

https://preview.redd.it/8484seuxw1vb1.png?width=1308&format=png&auto=webp&s=ae30061796e3cc296116e344283d1fc918757a67

  • Next, I went into Nginx Proxy Manager and clicked add certificate. I got the API token from Cloudflare site and filled it in as you can see below. The certificates are successfully granted.

https://preview.redd.it/czhf5g3ux1vb1.png?width=495&format=png&auto=webp&s=47f48fea68eb315565617da4c9108cc86befde53

  • Next, I added a reverse proxy entry in Nginx. I want this entry to point to my NAS homepage, so I set it, as you can see below. I also applied and forced SSL that was issued.

https://preview.redd.it/46pcp0h8y1vb1.png?width=496&format=png&auto=webp&s=5fbba6cc0cc8d1e424ec49e733fea51952e8eaf9

https://preview.redd.it/um8wtfbiy1vb1.png?width=498&format=png&auto=webp&s=16d77305e91dbf98c22f87b99df2f46ffe39fe82

Now, I would expect after this step that I could just go into my browser and type the FQDN, and it will route me to the LAN IP I set the proxy entry to, but it’s not working. Keeps taking me to a “this page cannot be found” .

What am I missing here?
Are any of the steps above unncessary?
The guide I originally followed is this one right here

Important notes:
- I have port 443 forwarded in my router to my NAS IP.
- I have adguard home with Unbound setup in my network on a separate Raspberry Pi.
- I use tailscale on all my devices.
- My home router and my NAS are both firewalled.
- My self-hosted containers are all in docker on my Synology NAS (minus adguard)

  • hatedbad@lemmy.sdf.org
    link
    fedilink
    English
    arrow-up
    1
    ·
    1 year ago

    just use wireshark/tcpdump/etc and trace the packets until you find the issue.

    I’d also suggest you start simple and just get plain ol HTTP working first since your problem has nothing to do with certs or any of that