1
23.1 Legacy Series / Re: ACME LetsEncrypt + Cloudflare
« on: August 18, 2023, 03:32:23 am »
Bumping once again....
Show Posts
This section allows you to view all posts made by this member. Note that you can only see posts made in areas you currently have access to.
Pages: [1] 2
2
23.1 Legacy Series / Re: ACME LetsEncrypt + Cloudflare
« on: August 15, 2023, 05:32:23 pm »
Looking for ANYONE with experience setting up ACME with CloudFlare, c'mon y'all... share you experience and knowledge with a follow opnsenser
3
23.1 Legacy Series / Re: ACME LetsEncrypt + Cloudflare
« on: August 11, 2023, 08:39:39 pm »
Bumping this thread...
4
23.1 Legacy Series / ACME LetsEncrypt + Cloudflare
« on: August 11, 2023, 01:58:09 am »
I cannot seem to be able to be able to get the ACME script Lets Encrypt DNS-01 method to work.
I don't know if I have entered my cloudflare credentials in the correct slots in the OPNSENSE config
I have mapped the credentials in my Cloudflaraccount as outlined in the attached image
I would like to know if I am mapping the credentials correctly. Also there is a line in the ACME logs
How do I add this to get more detailed logs?
Code: [Select]
2023-08-10T00:00:02-05:00 acme.sh [Thu Aug 10 00:00:02 CDT 2023] Error add txt for domain:_acme-challenge.mydomain.com
2023-08-10T00:00:02-05:00 acme.sh [Thu Aug 10 00:00:02 CDT 2023] invalid domain
2023-08-10T00:00:01-05:00 acme.sh [Thu Aug 10 00:00:01 CDT 2023] Adding txt value: 5Kp3S8Hg-------------------------h8cVZ_3CU0 for domain: _acme-challenge.mydomain.com
2023-08-10T00:00:01-05:00 acme.sh [Thu Aug 10 00:00:01 CDT 2023] Getting webroot for domain='*.mydomain.com'
2023-08-10T00:00:00-05:00 acme.sh [Thu Aug 10 00:00:00 CDT 2023] Getting domain auth token for each domain
2023-08-10T00:00:00-05:00 acme.sh [Thu Aug 10 00:00:00 CDT 2023] Single domain='*.mydomain.com'
2023-08-10T00:00:00-05:00 acme.sh [Thu Aug 10 00:00:00 CDT 2023] Using CA: https://acme-staging-v02.api.letsencrypt.org/directoryI don't know if I have entered my cloudflare credentials in the correct slots in the OPNSENSE config
I have mapped the credentials in my Cloudflaraccount as outlined in the attached image
I would like to know if I am mapping the credentials correctly. Also there is a line in the ACME logs
Code: [Select]
2023-08-10T00:00:02-05:00 acme.sh [Thu Aug 10 00:00:02 CDT 2023] Please add '--debug' or '--log' to check more details.How do I add this to get more detailed logs?
5
23.1 Legacy Series / Re: ddclient and Dynu DNS
« on: July 25, 2023, 09:39:21 pm »
So after a week seeing NO logging of ddclient,. I uninstalled the service plugin and the configured hosts then reinstalled and re-setup the plugin and host.
6
23.1 Legacy Series / Re: ddclient and Dynu DNS
« on: July 25, 2023, 08:57:11 pm »
What services are you subscribing to?
7
General Discussion / Re: OPNSense Inter-VLAN Routing - Can't get VLANs to Communicate?
« on: July 25, 2023, 08:53:56 pm »
I ended up deleting all interfaces and assignments and started adding them back one at a time
8
23.1 Legacy Series / Re: os-ddclient does not work with Dynu DDNS 23.1.10_1
« on: July 18, 2023, 10:32:34 pm »
I have not had any help on a similar issue using ddclient with DYNU dns https://forum.opnsense.org/index.php?topic=34871.0
9
23.1 Legacy Series / Re: ddclient and Dynu DNS
« on: July 18, 2023, 04:35:43 pm »
Is there anyone who can assist with answering my questions? I have scoured log files when the ddclient starts to perform dyn dns processing by validating whether the IP needs to be updated.
I still cannot determine our what command is being used to verify whether the target update DNS host to be updated because it looks to me this is where the breakdown occurs. If I can determine this step it will let me investigate where is it getting a stale answer to the current dns entry IP and allow be to attempt to correct it
I still cannot determine our what command is being used to verify whether the target update DNS host to be updated because it looks to me this is where the breakdown occurs. If I can determine this step it will let me investigate where is it getting a stale answer to the current dns entry IP and allow be to attempt to correct it
10
23.1 Legacy Series / Re: ddclient and Dynu DNS
« on: July 17, 2023, 06:33:43 pm »
Bumping this...
Can anyone point to where I can determine where the ddclient agent is querying the domain hosts to verify what needs to be updated and how I can either delete what is being cached or redirect the NS it is pointing to?
Can anyone point to where I can determine where the ddclient agent is querying the domain hosts to verify what needs to be updated and how I can either delete what is being cached or redirect the NS it is pointing to?
11
23.1 Legacy Series / ddclient and Dynu DNS
« on: July 15, 2023, 05:17:34 pm »
I am on my third DNS provider trying to find a provider that will work with both the new ddclient and also the new ACME client.
I am now working to get Dynu DNS after I was able to get NameCheap DYN DNS working but then found that NameCheap requires a history and more domains hosted than I need to enable my access to the API for use with ACME client.
I have an issue with DYNU setup in OPNSENSE as follows:
debug ddclient log:
I dont know where OPENSENSE is finding that the IP it needs to update is already set. All the DNS records that I have created at the other providers were changed to other IP addresses before I then deletes said accounts.
I also made sure the TTL for these records were set to 10 minutes then they were created while testing.
I have waited now 24 hours and it will is producing the same IP is already set message.
I have the ddclient logging set to debug but I am missing where the process is querying these A hosts for the current IP address.
Can anyone assist me to troubleshoot this?
I am now working to get Dynu DNS after I was able to get NameCheap DYN DNS working but then found that NameCheap requires a history and more domains hosted than I need to enable my access to the API for use with ACME client.
I have an issue with DYNU setup in OPNSENSE as follows:
debug ddclient log:
Code: [Select]
2023-07-15T10:02:58-05:00 Notice ddclient[32333] 92754 - [meta sequenceId="7"] SUCCESS: wg.mydomain.com: skipped: IPv4 address was already set to 66.69.---.---.
2023-07-15T10:02:58-05:00 Notice ddclient[32333] 90378 - [meta sequenceId="6"] SUCCESS: synology.mydomain.com: skipped: IPv4 address was already set to 66.69.---.---.
2023-07-15T10:02:58-05:00 Notice ddclient[32333] 89244 - [meta sequenceId="5"] SUCCESS: plex.mydomain.com: skipped: IPv4 address was already set to 66.69.---.---.
2023-07-15T10:02:58-05:00 Notice ddclient[32333] 87399 - [meta sequenceId="4"] SUCCESS: ha.mydomain.com: skipped: IPv4 address was already set to 66.69.---.---.
2023-07-15T10:02:58-05:00 Notice ddclient[32333] 85050 - [meta sequenceId="3"] SUCCESS: fw.mydomain.com: skipped: IPv4 address was already set to 66.69.---.---.
2023-07-15T10:02:58-05:00 Notice ddclient[32333] 83060 - [meta sequenceId="2"] SUCCESS: dc.mydomain.com: skipped: IPv4 address was already set to 66.69.---.---.
2023-07-15T10:02:58-05:00 Notice ddclient[32333] 80525 - [meta sequenceId="1"] WARNING: 'if-skip' is deprecated and does nothing for IPv4I dont know where OPENSENSE is finding that the IP it needs to update is already set. All the DNS records that I have created at the other providers were changed to other IP addresses before I then deletes said accounts.
I also made sure the TTL for these records were set to 10 minutes then they were created while testing.
I have waited now 24 hours and it will is producing the same IP is already set message.
I have the ddclient logging set to debug but I am missing where the process is querying these A hosts for the current IP address.
Can anyone assist me to troubleshoot this?
12
22.1 Legacy Series / Re: ddclient invalid reply talking to Namecheap
« on: July 13, 2023, 05:47:09 pm »
So I confirmed for namecheap.com (free dns service):
username = the domain zone name on namecheap (ex host ip to update is firewall.mydomain.com, use mydomain.com)
password: your namecheap dynamic dns password
username = the domain zone name on namecheap (ex host ip to update is firewall.mydomain.com, use mydomain.com)
password: your namecheap dynamic dns password
13
22.1 Legacy Series / Re: ddclient invalid reply talking to Namecheap
« on: July 13, 2023, 05:33:25 pm »
so if you are trying to update the host host.mydomain.com and the namecheap login id is ncusername
would this be the correct user name to be used in the ddlient web interface?:
ncusername@mydomain.com
would this be the correct user name to be used in the ddlient web interface?:
ncusername@mydomain.com
14
23.1 Legacy Series / Re: ddclient
« on: July 13, 2023, 04:06:47 pm »
I too am needed this. I am looking for a DNS provider that will work with BOTH the new ddclient and ALSO ACME DNS-01 challenges...
Does anyone know of a good provider that will support both that is not one of the giants (dynsdns, AWS, etc.)
Does anyone know of a good provider that will support both that is not one of the giants (dynsdns, AWS, etc.)
15
General Discussion / Re: OPNSense Inter-VLAN Routing - Can't get VLANs to Communicate?
« on: July 08, 2023, 05:07:32 am »
Did you ever get this figured out? I am having a similar issue
Pages: [1] 2