We were unable to find a vhost


#1

This is the third time I’ve started over from scratch installing QuickBox and I keep running into the same issue when I get to this part.

I select Option 4 for 000-default.conf

and I get the following outputs:

We were unable to find a vhost with a ServerName or Address of mydomain.com.
Which virtual host would you like to choose?
(note: conf files with multiple vhosts are not yet supported)

1: default-ssl.conf | | | Enabled
2: default-ssl.conf | | HTTPS | Enabled
3: default-ssl.conf | | HTTPS |
4: 000-default.conf | | |

Select the appropriate number [1-4] then [enter] (press ‘c’ to cancel): 4
Waiting for verification…
Cleaning up challenges

We were unable to find a vhost with a ServerName or Address of mydomain.com.
Which virtual host would you like to choose?
(note: conf files with multiple vhosts are not yet supported)

1: default-ssl.conf | | | Enabled
2: default-ssl.conf | | HTTPS | Enabled
3: default-ssl.conf | | HTTPS |
4: 000-default.conf | | |

Select the appropriate number [1-4] then [enter] (press ‘c’ to cancel): 4
The selected vhost would conflict with other HTTPS VirtualHosts within Apache. Please select another vhost or add ServerNames to your configuration.
VirtualHost not able to be selected.

IMPORTANT NOTES:

  • Unable to install the certificate
  • Congratulations! Your certificate and chain have been saved at
    /etc/letsencrypt/live/mydomain.com/fullchain.pem. Your cert will
    expire on 2017-09-20. To obtain a new or tweaked version of this
    certificate in the future, simply run letsencrypt-auto again with
    the “certonly” option. To non-interactively renew all of your
    certificates, run “letsencrypt-auto renew”
  • Your account credentials have been saved in your Certbot
    configuration directory at /etc/letsencrypt. You should make a
    secure backup of this folder now. This configuration directory will
    also contain certificates and private keys obtained by Certbot so
    making regular backups of this folder is ideal.

Cloudflare options is Grey for the domain name (A entry) and orange for the CNAME www option.

I am following the hoarding.me guide.

Any ideas?


#2

We have a built-in installer for this very purpose, no need to follow third-party guides.

box install letsencrypt

However:

- Congratulations! Your certificate and chain have been saved at
/etc/letsencrypt/live/mydomain.com/fullchain.pem. Your cert will
expire on 2017-09-20. 

Looks like your cert is there, you more than likely just need to follow the sed command in our guide here in the forums. Why not follow our own guide?


#3

Your install guide is almost exactly the same to the guide I am following. The one I am following encompasses more than just the Encrypt portion but plexdrive, gsuite etc which is why I decided to use it.

I just rebuilt the server again, so after I install QuickBox and go to install letsencrypt where do I run the command ‘box install letsencrypt’? Do I need to run this first:

apt-get -y install git
git clone https://github.com/letsencrypt/letsencrypt /opt/letsencrypt
cd /opt/letsencrypt
./letsencrypt-auto --apache -d your_domain.com -d sub.your_domain.com


#4

You run it from command line as the root user. No need to do anything else, the installer takes care of this.


#5

Ok I will do that and report back. Will it still ask me for the prompts to input my domain name and sub domain name for plex etc?


#6

It wouldn’t know otherwise :wink:


#7

Okay so I ran the script. It only asked for my main domain name but didn’t have the option to also include a plex.domain.com subdomain name.
[Thu Jun 22 19:27:23 EDT 2017] Success
[Thu Jun 22 19:27:23 EDT 2017] Verify finished, start to sign.
[Thu Jun 22 19:27:23 EDT 2017] Cert success.
It gave me a cert and told me where everything is. Is that it?

Do I still need to run:

apt-get -y install git
git clone https://github.com/letsencrypt/letsencrypt /opt/letsencrypt
cd /opt/letsencrypt
./letsencrypt-auto --apache -d your_domain.com -d sub.your_domain.com

and cron job?


#8

A I have stated previously, there is no need to run the other commands. Simply run the installer for each domain you would like to address and then add the cert path to your vhost for your plex subdomain.

Make sure your plex.conf looks like this: (replace DOMAIN with your actual domain/sub)

ServerSignature Off
ServerTokens Prod

<VirtualHost *:80>
  ServerName DOMAIN
  # This VirtualHost redirects everything to HTTPS on port 443.
  RewriteEngine On
  RewriteCond %{HTTPS} off
  RewriteRule (.*) https://%{HTTP_HOST}%{REQUEST_URI}
</VirtualHost>

<VirtualHost *:443>
  ServerName DOMAIN
  ServerAlias ""
  Options -Includes -ExecCGI

  RewriteEngine On
  RewriteCond %{THE_REQUEST} !HTTP/1.1$
  RewriteRule .* - [F]

  LimitRequestBody 512000
  SSLEngine On
  SSLCertificateFile /etc/apache2/ssl/certs/DOMAIN-ssl.pem
  SSLCertificateKeyFile /etc/apache2/ssl/certs/DOMAIN-ssl.key
  SSLProtocol +TLSv1.2

  Header always set Strict-Transport-Security "max-age=63072000; includeSubdomains; preload"
  Header always set X-Frame-Options DENY
  FileETag None
  TraceEnable off
  #Header edit Set-Cookie ^(.*)$ ;HttpOnly;Secure
  Header set X-XSS-Protection "1; mode=block"
  Timeout 60

    <Location /:/websockets/notifications>
        ProxyPass wss://DOMAIN:32400/:/websockets/notifications
        ProxyPassReverse wss://DOMAIN:32400/:/websockets/notifications
    </Location>

  <Proxy *>
	Order deny,allow
	Allow from all
  </Proxy>

    ProxyRequests Off
    ProxyPreserveHost On
    SSLProxyEngine On
    RequestHeader set Front-End-Https "On"
    ProxyPass / http://DOMAIN:32400/
    ProxyPassReverse / http://DOMAIN:32400/

    RewriteEngine on
    RewriteCond %{REQUEST_URI} !^/web
    RewriteCond %{HTTP:X-Plex-Device} ^$
    RewriteCond %{REQUEST_METHOD} !^(OPTIONS)$
    RewriteRule ^/$ /web/$1 [R,L]
</VirtualHost>

Then restart apache.


#9

My apologies, but how do I now add the cert path to my vhost? That doesn’t seem part of the guide you linked.


#10

Let’s pretend that guide doesn’t exist. You run the box install letsencrypt once more for your plex subdomain, then address the plex.conf to look like the above.

With that configuration, if you get a warning about headers, run a2enmod headers and restart once more.


#11

Okay, I ran the box install script and that is it. The sub domain does not exist yet as I have not yet installed plex etc. I am trying to secure the main domain.com first. When I refresh the domain it is still not secured, that is what I am trying to wrap my head around.

[Thu Jun 22 19:27:23 EDT 2017] Your cert is in /root/.acme.sh/domain.com/domain.com.cer
[Thu Jun 22 19:27:23 EDT 2017] Your cert key is in /root/.acme.sh/domain.com/domain.com.key
[Thu Jun 22 19:27:24 EDT 2017] The intermediate CA cert is in /root/.acme.sh/domain.com/ca.cer
[Thu Jun 22 19:27:24 EDT 2017] And the full chain certs is there: /root/.acme.sh/domain.com/fullchain.cer
[Thu Jun 22 19:27:24 EDT 2017] Installing key to:/etc/apache2/ssl/certs/domain.com-ssl.key
[Thu Jun 22 19:27:24 EDT 2017] Installing full chain to:/etc/apache2/ssl/certs/domain.com-ssl.pem


#12

Could you clear your browser cache and then try to reconnect to the domain.


#13

Yeah and sure enough that worked. Thank you very much I can now move forward with the guide!


#14

Just repeat the steps I suggested here in this thread. Use that plex.conf I showed you above.


#15

Okay so I ran the box script for plex.domain.com

Updated the plex.conf located in /etc/apache2/sites-enabled
nano plex.conf

Then service apache2 restart

And now everything has crashed and the website is down.

I ran a2enmod headers as per your advice, but still nothing.

Here is my output:

apache2.service - LSB: Apache2 web server
   Loaded: loaded (/etc/init.d/apache2; bad; vendor preset: enabled)
  Drop-In: /lib/systemd/system/apache2.service.d
           └─apache2-systemd.conf
   Active: inactive (dead) since Thu 2017-06-22 21:55:41 EDT; 6min ago
     Docs: man:systemd-sysv-generator(8)
  Process: 12043 ExecStop=/etc/init.d/apache2 stop (code=exited, status=0/SUCCESS)
  Process: 4614 ExecReload=/etc/init.d/apache2 reload (code=exited, status=0/SUCCESS)
  Process: 12026 ExecStart=/etc/init.d/apache2 start (code=exited, status=0/SUCCESS)

Jun 22 21:55:41 domain.com systemd[1]: Starting LSB: Apache2 web server...
Jun 22 21:55:41 domain.com apache2[12026]:  * Starting Apache httpd web server apache2
Jun 22 21:55:41 domain.com apache2[12026]: [Thu Jun 22 21:55:41.911080 2017] [so:warn] [pid 12041] AH01574: module proxy_module is already loaded, skipping
Jun 22 21:55:41 domain.com apache2[12026]: Action 'start' failed.
Jun 22 21:55:41 domain.com apache2[12026]: The Apache error log may have more information.
Jun 22 21:55:41 domain.com apache2[12026]:  *
Jun 22 21:55:41 domain.com apache2[12043]:  * Stopping Apache httpd web server apache2
Jun 22 21:55:41 domain.com apache2[12043]:  *
Jun 22 21:55:41 domain.com systemd[1]: Started LSB: Apache2 web server.

Here is what is in plex.conf

> ServerSignature Off
> ServerTokens Prod

> <VirtualHost *:80>
>   ServerName plex.domain.com
>   # This VirtualHost redirects everything to HTTPS on port 443.
>   RewriteEngine On
>   RewriteCond %{HTTPS} off
>   RewriteRule (.*) https://%{HTTP_HOST}%{REQUEST_URI}
> </VirtualHost>

> <VirtualHost *:443>
>   ServerName plex.domain.com
>   ServerAlias ""
>   Options -Includes -ExecCGI

>   RewriteEngine On
>   RewriteCond %{THE_REQUEST} !HTTP/1.1$
>   RewriteRule .* - [F]

>   LimitRequestBody 512000
>   SSLEngine On
>   SSLCertificateFile /etc/apache2/ssl/certs/plex.domain.com-ssl.pem
>   SSLCertificateKeyFile /etc/apache2/ssl/certs/domain.com-ssl.key
>   SSLProtocol +TLSv1.2

>   Header always set Strict-Transport-Security "max-age=63072000; includeSubdomains; preload"
>   Header always set X-Frame-Options DENY
>   FileETag None
>   TraceEnable off
>   #Header edit Set-Cookie ^(.*)$ ;HttpOnly;Secure
>   Header set X-XSS-Protection "1; mode=block"
>   Timeout 60

>     <Location /:/websockets/notifications>
>         ProxyPass wss://domain.com:32400/:/websockets/notifications
>         ProxyPassReverse wss://domain.com:32400/:/websockets/notifications
>     </Location>

>   <Proxy *>
> 	Order deny,allow
> 	Allow from all
>   </Proxy>

>     ProxyRequests Off
>     ProxyPreserveHost On
>     SSLProxyEngine On
>     RequestHeader set Front-End-Https "On"
>     ProxyPass / http://domain.com:32400/
>     ProxyPassReverse / http://domain.com:32400/

>     RewriteEngine on
>     RewriteCond %{REQUEST_URI} !^/web
>     RewriteCond %{HTTP:X-Plex-Device} ^$
>     RewriteCond %{REQUEST_METHOD} !^(OPTIONS)$
>     RewriteRule ^/$ /web/$1 [R,L]
> </VirtualHost>

#16

Okay I got it fixed. Site is back up but when I click on Plex on the sidebar it redirects me to domain.com:31400/web/ instead of plex.domain.com.

Seems that the plex link on QuickBox is pointing to 31400 but the config file you pasted, the ProxyPass was for 32400. Should I change the conf to ProxyPass wss//domain.com:31400/?


#17

You’ll need to make a custom override for the menu.

In your /srv/rutorrent/home/custom/ directory, there should be a file called custom.menu.php

You’ll need to add a link in that to override the dashboards default directs. This folder is sticky and doesn’t get touched on updates. handy for those with custom url such as your own. Directions on how to perform the task are located in the file.

https://github.com/QuickBox/QB/blob/master/themes/smoked/custom/custom.menu.php

Also see the Wiki here on site, located here:

No, leave it as is.


#18

This topic was automatically closed 3 days after the last reply. New replies are no longer allowed.