You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
80/tcp 80 (HA host) Only needed for http challenge
open port forwarding on router to allow :80 to route to HA's internal IP:80
this is /!\okay/!, addon will terminate the http server once it validate the state of the certs
add dns entry for ha.domain.com to point to external IP
open port forwarding on router to allow :8123 to route to HA's internal IP
access from everywhere HA by ha.domain.com
the certs produced are saved by the addon, at the same location In configuration.yaml:
use Quick Setup for ssh keys to generate a public key and add it to the ui, where SITE=ROUTERIP... edit locally ~/.ssh/config to include:
Host RouterIP
HostName RouterIP
User RouterUSER
IdentityFile ~/.ssh/LOCALUSER@ROUTERIP
Other "advanced settings"
network > Advanced Features > Gateway
Here all the settings for Static Routes, Port Forwarding,
dDNS
I was looking for a dns provider that will support:
using custom domains
natively have support for letsencrypt
ddns manageable by unifi
In handsight not sure if this was a good decision...cloudflare will support a docker container that updates ddns regularlys6 overlay + cron + really easy cloudflare call with api key
curl https://get.acme.sh | sh
export FREEDNS_User=FREEDNS_User
export FREEDNS_Password=FREEDNS_Password
Errors using DNS API mode.
The first few commands attempting to generate let's encrypt certs fail at the DNS level. For example: Error code 60. Therefore the remediation was to run in DNS Manual Mode. Meaning the acme.sh will give me a TXT record to add to my DNS entries and then validate it in order to generate the certs for me.