No matter what I do I can't get letsencrypt working!

cmcelroy09 · April 1, 2018, 8:24pm

I’ve been working on trying to get letsencrypt working so I can access Home Assistant outside of my network. I’m running on a nuc with ubuntu 16.04lts and docker. So far I’ve triple checked that ports 80 and 443 are open on my router. No matter what I try though letsencrypt comes back with failed authentication of http://mydomain.duckdns.org with a timeout. Does anyone have any ideas on whats going on?

Tinkerer · April 1, 2018, 8:42pm

What client are you using for LetsEncrypt? Did you remember to forward port 80 to the IP address of the host running that client?

cmcelroy09 · April 1, 2018, 8:47pm

./certbot-auto certonly --standalone --standalone-supported-challenges http-01 --email [email protected] -d YOURSUBDOMAIN.duckdns.org

I have been running that command and yes port 80 and 443 are both forwarded to the host.

Tinkerer · April 1, 2018, 9:24pm

The Let’s Encrypt community forum is probably the best place to get help. Most likely one of the following is true:

Port 80 is blocked by your ISP
Port 80 isn’t forwarded in your Docker environment
Port 80 is forwarded to the wrong IP on your network

cmcelroy09 · April 1, 2018, 10:41pm

Could you elaborate on #2? I don’t recall ever doing anything with port 80 in my initial setup of docker.

Tinkerer · April 2, 2018, 7:46am

In Docker you have to forward (expose) ports to containers.

cmcelroy09 · April 2, 2018, 1:12pm

hmm yeah I never did anything with port 80. Here is my docker compose file:

version: "2"

services:
  portainer:
image: portainer/portainer
container_name: portainer
restart: always
command: --templates http://templates/templates.json
volumes:
  - /var/run/docker.sock:/var/run/docker.sock
  - /home/docker/portainer/data:/data
ports:
  - "9000:9000"
environment:
  - TZ=America/New_York

  homeassistant:
container_name: home-assistant
restart: always
image: homeassistant/home-assistant:latest
devices:
  - /dev/ttyUSB0:/dev/ttyUSB0
  - /dev/ttyUSB1:/dev/ttyUSB1
  - /dev/ttyACM0:/dev/ttyACM0
volumes:
  - /home/docker/homeassistant:/config
  - /etc/localtime:/etc/localtime:ro
  - /home/docker/certs:/certs
network_mode: host
privileged: true
environment:
  - PUID=1000
  - PGID=999
  - TZ=America/New_York

Tinkerer · April 2, 2018, 1:16pm

See how you’ve got

ports:
  - "9000:9000"

You need something similar for the container running Home Assistant I believe (though, I don’t use Docker)