Hello,
I've been trying to configure CertBot in my PVE, as it turns out I've been struggling in order to get the port 80 opened.
Looking at the firewall everything is configured properly and DNS records are also good, pve firewall is disabled and also the pve proxy.
The error I'm getting in the command
I'm I forgetting something in terms of configuration?
I've been trying to configure CertBot in my PVE, as it turns out I've been struggling in order to get the port 80 opened.
Code:
root@vt ~ # telnet localhost 80
Trying 127.0.0.1...
telnet: Unable to connect to remote host: Connection refusedLooking at the firewall everything is configured properly and DNS records are also good, pve firewall is disabled and also the pve proxy.
Code:
root@vt ~ # ufw status
Status: active
To Action From
-- ------ ----
22/tcp ALLOW Anywhere
8006/tcp ALLOW Anywhere
80/tcp ALLOW Anywhere
443 ALLOW Anywhere
22/tcp (v6) ALLOW Anywhere (v6)
8006/tcp (v6) ALLOW Anywhere (v6)
80/tcp (v6) ALLOW Anywhere (v6)
443 (v6) ALLOW Anywhere (v6)
Code:
root@vt ~ # systemctl status pve-firewall.service
● pve-firewall.service - Proxmox VE firewall
Loaded: loaded (/lib/systemd/system/pve-firewall.service; disabled; vendor preset: enabled)
Active: inactive (dead) since Fri 2023-06-09 01:52:28 UTC; 9h ago
Main PID: 1407 (code=exited, status=0/SUCCESS)
CPU: 5h 59min 54.945s
mai 26 16:37:10 vt pve-firewall[1407]: server shutdown (restart)
mai 26 16:37:11 vt pve-firewall[1407]: restarting server
jun 09 01:52:26 vt systemd[1]: Stopping Proxmox VE firewall...
jun 09 01:52:27 vt pve-firewall[1407]: received signal TERM
jun 09 01:52:27 vt pve-firewall[1407]: server shutting down
jun 09 01:52:27 vt pve-firewall[1407]: clear PVE-generated firewall rules
jun 09 01:52:27 vt pve-firewall[1407]: server stopped
jun 09 01:52:28 vt systemd[1]: pve-firewall.service: Succeeded.
jun 09 01:52:28 vt systemd[1]: Stopped Proxmox VE firewall.
jun 09 01:52:28 vt systemd[1]: pve-firewall.service: Consumed 5h 59min 54.945s CPU time.
Code:
root@vt ~ # pveproxy status
stopped
root@vt ~ #
Code:
root@vt ~ # ss -tulpn
Netid State Recv-Q Send-Q Local Address:Port Peer Address:Port Process
udp UNCONN 0 0 0.0.0.0:111 0.0.0.0:* users:(("rpcbind",pid=763,fd=5),("systemd",pid=1,fd=44))
udp UNCONN 0 0 [::]:111 [::]:* users:(("rpcbind",pid=763,fd=7),("systemd",pid=1,fd=46))
tcp LISTEN 0 4096 0.0.0.0:111 0.0.0.0:* users:(("rpcbind",pid=763,fd=4),("systemd",pid=1,fd=43))
tcp LISTEN 0 4096 127.0.0.1:85 0.0.0.0:* users:(("pvedaemon worke",pid=2559213,fd=6),("pvedaemon worke",pid=2559212,fd=6),("pvedaemon worke",pid=2559211,fd=6),("pvedaemon",pid=1434,fd=6))
tcp LISTEN 0 128 0.0.0.0:22 0.0.0.0:* users:(("sshd",pid=842,fd=3))
tcp LISTEN 0 100 127.0.0.1:25 0.0.0.0:* users:(("master",pid=3621698,fd=13))
tcp LISTEN 0 4096 [::]:111 [::]:* users:(("rpcbind",pid=763,fd=6),("systemd",pid=1,fd=45))
tcp LISTEN 0 128 [::]:22 [::]:* users:(("sshd",pid=842,fd=4))
tcp LISTEN 0 4096 *:3128 *:* users:(("spiceproxy work",pid=2559222,fd=6),("spiceproxy",pid=1451,fd=6))
tcp LISTEN 0 100 [::1]:25 [::]:* users:(("master",pid=3621698,fd=14))The error I'm getting in the command
pvenode acme cert order is that is a firewall issue.
Code:
root@vt ~ # pvenode acme cert order
Loading ACME account details
Placing ACME order
Order URL: https://acme-staging-v02.api.letsencrypt.org/acme/order/105941274/****
Getting authorization details from 'https://acme-staging-v02.api.letsencrypt.org/acme/authz-v3/****'
The validation for bgvs.online is pending!
Setting up webserver
Triggering validation
Sleeping for 5 seconds
validating challenge 'https://acme-staging-v02.api.letsencrypt.org/acme/authz-v3/****' failed - status: invalid
Task validating challenge 'https://acme-staging-v02.api.letsencrypt.org/acme/authz-v3/***' failed - status: invalid
Code:
Fetching http://vt.bgvs.online/.well-known/acme-challenge/pRfVVKY1V6zqfBfQej754uDQWs3gxhs7LOApuQNFdSI: Timeout during connect (likely firewall problem)"I'm I forgetting something in terms of configuration?
