What's new
PGBlitz.com

Register Now! Find useful tips, Interact /w Community Members and join the part the Best Community on the Internet!

Solved Confused regarding Traefik instructions

Status
Not open for further replies.

needsomehelp

Junior Member
PG Version
Newest 8.something?
Server Type
Local - Dedicated Server
I watched the videos and read the wikis and now in the forums I see posts about creating additional dns records for each container? I thought traefik did all the that? I ask because I got it to work to my top application when I go to domain.com but it was not automatically https and container.doamin.com does not work. I am using cloudflare dns for a no-ip domain. Do I need to create additional records on no-ip or cloudflare? I just undid everything and am waiting for my ping to my domain to return my publiv facing IP before I start again.

To sum it all up, I have included what my dns records look like on cloudflare, do I need to do anything different or additionally so that https is automatic and container.domain.com will work?

Capture.JPG
Thank you and I love plexguide! So much I redid two machines with it!
 

hooper

Legendary Member
Staff
Donor
Here is my DNS config in Cloudflare. I have 2 A records, one is * and the other is my FQDN. I have one A record that is my FQDN (see update 1 at the end of this post). I then use CNAMES for everything and point to my A record name (the scribbled out one on the 2nd line below). Make sure to click to get the orange icon next to each entry that you want to route through the Cloudflare CDN. If you don't do this, then you are just using Cloudflare for DNS (and that is totally fine).

Sorry for the chicken scratch look where I scribbled out my private info. Looks ridiculous I know :)

1547769431192.png

Under Crypto settings, I have these enabled:
1547771893179.png
1547769544174.png
1547769671809.png
1547771922367.png

Under Speed, I enabled Brotli compression
1547770183555.png
I then created the following page rules. The URL below is https://*blah.blah.blah/*

1547769850521.png

I think that is about all I have done with my Cloudflare config. There are some changes necessary to Plex to make it work through the Cloudflare CDN config (only necessary if you implemented that as I did). If you are just using Cloudflare for DNS then you don't need to make the changes I make below and should enable Remote access.

In Plex, I changed the following:

Under Settings-->Network (Make sure Show Advanced is enabled)

1547770475276.png

Under Remote Access, make sure it looks like this (do not enable Remote Access)
1547770589667.png

With these settings, everything works well. Let me know if you have any questions, or if there are other suggestions out there for improving the config in Cloudflare/plex/traefik/etc.

I get this kind of throughput in Speedtest from a workstation on my home network. Speedtest is not a perfect assessment of Plex streaming performance, however. Maybe someone has some other suggestions for that.

1547771338519.png

Edit 1/18/2019
Per @doperyde You should also remove the wildcard (*) A record. If all of your A records and CNAMEs are orange clouded you wll also hide your real IP address.

Edit 1/26/2019
Almost forgot, I have also disabled ipv6 on cloudflare. Here is my post about the issue I ran into and why/how I disabled ipv6 https://plexguide.com/threads/tautulli-showing-docker-network-ip-addresses-instead-of-actual-client-ip-address.2778/#post-15400
 
Last edited:

hooper

Legendary Member
Staff
Donor
Can i use this for the wiki *?*
Sure. I would appreciate it if other more knowledgeable PGers chimed in on this as well. I am by no means an expert on Cloudflare. This setup works for me though.
 
Assists Greatly with Development Costs

needsomehelp

Junior Member
Here is my DNS config in Cloudflare. I have 2 A records, one is * and the other is my FQDN. I then use CNAMES for everything and point to my A record name (the scribbled out one on the 2nd line below). Make sure to click to get the orange icon next to each entry that you want to route through the Cloudflare CDN. If you don't do this, then you are just using Cloudflare for DNS (and that is totally fine).

Sorry for the chicken scratch look where I scribbled out my private info. Looks ridiculous I know :)

View attachment 2695

Under Crypto settings, I have these enabled:
View attachment 2703
View attachment 2696
View attachment 2697
View attachment 2704

Under Speed, I enabled Brotli compression
View attachment 2699
I then created the following page rules. The URL below is https://*blah.blah.blah/*

View attachment 2698

I think that is about all I have done with my Cloudflare config. There are some changes necessary to Plex to make it work through the Cloudflare CDN config (only necessary if you implemented that as I did). If you are just using Cloudflare for DNS then you don't need to make the changes I make below and should enable Remote access.

In Plex, I changed the following:

Under Settings-->Network (Make sure Show Advanced is enabled)

View attachment 2700

Under Remote Access, make sure it looks like this (do not enable Remote Access)
View attachment 2701

With these settings, everything works well. Let me know if you have any questions, or if there are other suggestions out there for improving the config in Cloudflare/plex/traefik/etc.

I get this kind of throughput in Speedtest from a workstation on my home network. Speedtest is not a perfect assessment of Plex streaming performance, however. Maybe someone has some other suggestions for that.

View attachment 2702
First of all thank you for the detailed response. First question (there will be more I suspect) What is the format for adding a cname? I tried and kept getting an error saying "Content for CNAME record is invalid" I tried www.example.domain.com and [email protected] Should I be creating them where my domain is being hosted (No-IP) and having cloudflare bring them in? Sorry for the basic questions but I've been fighting with making this an outside facing thing for my family for over a week and I think I am confusing myself now :)

As for CDN, that is just a feature that improves delivery speed, protects from DOS attacks etc, things will work without it just fine right?

Edit: Figured out the format: example (in the first box) @ (in the second box) gives me example.domain.com

Follow up question how to I point the alias to a specific container? For instance how would I point it obmi if it was using port 4567?
 
Last edited:

hooper

Legendary Member
Staff
Donor
First of all thank you for the detailed response. First question (there will be more I suspect) What is the format for adding a cname? I tried and kept getting an error saying "Content for CNAME record is invalid" I tried www.example.domain.com and [email protected] Should I be creating them where my domain is being hosted (No-IP) and having cloudflare bring them in? Sorry for the basic questions but I've been fighting with making this an outside facing thing for my family for over a week and I think I am confusing myself now :)
the format would be something like this. I am using sonarr as the example app and your.domain.com as your domain name. Type that into the form and hit 'Add Record'. In this situation, you would already have another entry in the Cloudflare DNS that is an 'A' record with the name your.domain.com and the IP address you are using.

1547775220483.png



As for CDN, that is just a feature that improves delivery speed, protects from DOS attacks etc, things will work without it just fine right?
Yes, the CDN is supposed to improve performance along with the other things you mention. There is some debate on this however. I happen to use this feature and it works well for me. YMMV. You can opt to not use the CDN by unclicking that orange cloud icon and turning it grey instead.

Follow up question how to I point the alias to a specific container? For instance how would I point it obmi if it was using port 4567?
Assuming you are using the standard Plexguide setup with subdomains set for each application, you would use my example above and substitute 'ombi' for 'sonarr'. You don't need to worry about the port since the Traefik reverse proxy is simplifying that for you.
 
Last edited:

needsomehelp

Junior Member
I think the problem I ran into really was that I tried to set all this up before my DNS records had properly propagated everywhere. I tried to ping my domain and got back a 104.x.x.x. which i looked up and belonged to cloudflare. So am I correct in thinking that once I ping my domain and get back my server address I can just redeploy trafeik and all will be right with the world?
 

hooper

Legendary Member
Staff
Donor
I think the problem I ran into really was that I tried to set all this up before my DNS records had properly propagated everywhere. I tried to ping my domain and got back a 104.x.x.x. which i looked up and belonged to cloudflare. So am I correct in thinking that once I ping my domain and get back my server address I can just redeploy trafeik and all will be right with the world?
yeah, try to redeploy traefik and see if that works. it should only take a few minutes to propagate.

It does take Cloudflare a little while to generate your cert and set things up for you when you first create an account with them. Things won't work if the site doesn't have the little green checkmark and say 'Active' on the Home tab in your Cloudflare account.

Also, make sure to check the logs in portainer for the Traefik container. This will tell you what is going on with traefik and if it is having issues getting a cert from letsencrypt.
 

Sn0wed

Respected Member
Staff
Perfect and plex is available to outside users I assume?
Using app.plex.tv which is plex's short link for their web app. I then just have a link in Heimdall to the page. It works great on every network I've tried (even ones with extreme firewalls (like school)). If it ain't broke, don't fix it.
 

needsomehelp

Junior Member
I figured out my problem! So I am not new to home network, torrenting etc. SSL cert, reverse proxies, web ports, docker etc are new to me. So I new I had to have 80 and 443 ported. I knew I wanted ombi as my top app or whatever so I port forwarded outside ports 80 and 43 to my inside ombi port *facepalm* It literally came to me on the toilet :LOL: I ran back to my PC (after washing my hands) and changed the outside 80/443 to just get pushed to the internal IP where the magic was happening, redeployed traefik and everything just worked! All https sites, container.domain.com working...

Just noticed that domain.com is not resolving (which should be ombi) but ombi.domain.com does.

Strange... The journey continues LOL
 

Sn0wed

Respected Member
Staff
I figured out my problem! So I am not new to home network, torrenting etc. SSL cert, reverse proxies, web ports, docker etc are new to me. So I new I had to have 80 and 443 ported. I knew I wanted ombi as my top app or whatever so I port forwarded outside ports 80 and 43 to my inside ombi port *facepalm* It literally came to me on the toilet :LOL: I ran back to my PC (after washing my hands) and changed the outside 80/443 to just get pushed to the internal IP where the magic was happening, redeployed traefik and everything just worked! All https sites, container.domain.com working...

Just noticed that domain.com is not resolving (which should be ombi) but ombi.domain.com does.

Strange... The journey continues LOL
Make sure you set your default app through traefik. I recommend Heimdall just to get quick launches to all your websites. Also Nice
 

needsomehelp

Junior Member
Make sure you set your default app through traefik. I recommend Heimdall just to get quick launches to all your websites. Also Nice
I like the look of heimdall and will mostly like go that route one last major thing.

domain.com is not resolving. When I am on the actually machine where plexguide is hosted if I go to domain.com it moves to an https:\\domain.com (which displays ombi as currently setup). On another computer on the same network I get a 404 page. What am I missing? Why is it only working on the hosted server.
 

Sn0wed

Respected Member
Staff
I like the look of heimdall and will mostly like go that route one last major thing.

domain.com is not resolving. When I am on the actually machine where plexguide is hosted if I go to domain.com it moves to an https:\\domain.com (which displays ombi as currently setup). On another computer on the same network I get a 404 page. What am I missing? Why is it only working on the hosted server.
It may be something with permissions. I had that problem and that is why I was/am using Heimdall as the root of my domain. Try switching it to a different app and then switching it back. You may be prompted to accept adding this to your computer's firewall or whatever. (Sorry Admin)Screen Shot 2019-01-18 at 12.09.43 AM.png


Do you have a DNS record in Cloudflare for domain.com using @?
 
Last edited:

needsomehelp

Junior Member
I don't see an actual entry using the @ symbol. How exactly would I do that. Iterations I've tried so far have either told me it was invalid or already exists. There is a screen shot of my dns records at the top of this post. Damn I'm exhausted. If at the end of the day the only thing that doesn't work right is the root of my domain I'm good. Will try redeploying trafeik one more time.
 

needsomehelp

Junior Member
HOLY f*ck!!! Seeing your safari error notice I realized I've been banking the s*hit out of all of these addresses in the same browsers. Tried one I don't usually use and BOOM it works. God Damn browser cache ruining my night LOL. Thanks for the assist to you and hooper
 

Sn0wed

Respected Member
Staff
I don't see an actual entry using the @ symbol. How exactly would I do that. Iterations I've tried so far have either told me it was invalid or already exists. There is a screen shot of my dns records at the top of this post. Damn I'm exhausted. If at the end of the day the only thing that doesn't work right is the root of my domain I'm good. Will try redeploying trafeik one more time.
Cloudflare automatically takes the @ and makes one for the root of your domain. Just looked back at mine and realized this.

HOLY f*ck!!! Seeing your safari error notice I realized I've been banking the s*hit out of all of these addresses in the same browsers. Tried one I don't usually use and BOOM it works. God Damn browser cache ruining my night LOL. Thanks for the assist to you and hooper
Glad to be of assistance
 
Assists Greatly with Development Costs
Status
Not open for further replies.

Similar threads


Top NZB NewsGroups!

Members - Up To a 58% Discount!

Development Donations

 

Online statistics

Members online
3
Guests online
122
Total visitors
125
Top