crusher11 893 Posted November 26, 2022 Share Posted November 26, 2022 37 minutes ago, pwhodges said: Cloudflare thinks your server is down - is it? Paul I don't know? I can access it locally. Haven't changed any of the CloudFlare or network settings recently that I'm aware of/can remember. Link to comment Share on other sites More sharing options...
lorac 101 Posted November 26, 2022 Share Posted November 26, 2022 Public IP changed? Link to comment Share on other sites More sharing options...
crusher11 893 Posted November 26, 2022 Share Posted November 26, 2022 No. Link to comment Share on other sites More sharing options...
crusher11 893 Posted November 27, 2022 Share Posted November 27, 2022 I'm unable to access my server via PUBLICIP:8096 or PUBLICIP:443. But I'm not sure if that's normal given the CloudFlare/NGINX setup or not. Link to comment Share on other sites More sharing options...
lorac 101 Posted November 27, 2022 Share Posted November 27, 2022 Port forwarding is all good on your router and local firewall is open? Can you reach your PC using a different service via IP (RDP as an example) You could remove anything related to connecting securely as a test and then see if you can connect via public IP. When I have the cert configured i'm unable to connect via public IP as well. Link to comment Share on other sites More sharing options...
crusher11 893 Posted November 27, 2022 Share Posted November 27, 2022 Not at my PC at the moment, but I haven't changed any of my router or firewall settings. Don't know what RDP is. Link to comment Share on other sites More sharing options...
C.S. 68 Posted November 27, 2022 Share Posted November 27, 2022 What does your CF dashboard say for bandwidth used over the last 30 days? Do you get a monthly email telling you how much data you used? I believe they only send an email when you use more than a certain amount, but I don't know what the threshold is. Link to comment Share on other sites More sharing options...
Pog22 51 Posted November 27, 2022 Share Posted November 27, 2022 42 minutes ago, C.S. said: What does your CF dashboard say for bandwidth used over the last 30 days? Do you get a monthly email telling you how much data you used? I believe they only send an email when you use more than a certain amount, but I don't know what the threshold is. I don't think that's true, I get one for ~2MB data used for as domain I'm not using Link to comment Share on other sites More sharing options...
crusher11 893 Posted November 27, 2022 Share Posted November 27, 2022 1 hour ago, C.S. said: What does your CF dashboard say for bandwidth used over the last 30 days? 100MB, why? Link to comment Share on other sites More sharing options...
C.S. 68 Posted November 27, 2022 Share Posted November 27, 2022 1 hour ago, crusher11 said: 100MB, why? MB, not GB? So you basically haven't used it at all in the past month? I was thinking maybe they banned you, but you don't really use it, so probably not. Link to comment Share on other sites More sharing options...
crusher11 893 Posted November 27, 2022 Share Posted November 27, 2022 47 minutes ago, C.S. said: MB, not GB? So you basically haven't used it at all in the past month? I was thinking maybe they banned you, but you don't really use it, so probably not. I'm not sure how long it's been down for TBH. Link to comment Share on other sites More sharing options...
C.S. 68 Posted November 27, 2022 Share Posted November 27, 2022 I think we can say at least 30 days. Did you get the emails? Do you know how much data you've been pushing? Link to comment Share on other sites More sharing options...
crusher11 893 Posted November 27, 2022 Share Posted November 27, 2022 3 minutes ago, C.S. said: I think we can say at least 30 days. Did you get the emails? Do you know how much data you've been pushing? Well the reason I don't know is it rarely gets used, so the lack of data the last month is really no indicator one way or the other. How much data I've been pushing is irrelevant. The answer isn't going to resolve my issue one way or the other. Link to comment Share on other sites More sharing options...
crusher11 893 Posted November 28, 2022 Share Posted November 28, 2022 CanYouSeeMe is negative on 8096 and 443, but again I don't know if that's normal with NGINX/CloudFlare. Still haven't established if it's an Emby issue, and NGINX issue, or a CloudFlare issue. Link to comment Share on other sites More sharing options...
samuelqwe 316 Posted November 28, 2022 Share Posted November 28, 2022 14 hours ago, crusher11 said: CanYouSeeMe is negative on 8096 and 443, but again I don't know if that's normal with NGINX/CloudFlare. Assuming you usually connect using HTTPS, port 443 should be open on your router and CanYouSeeMe should be able to see it as open if Nginx is actually accepting the connection. Otherwise, there is port 80 for HTTP traffic, but you don’t actually need if you connect exclusively using HTTPS. So if you’ve checked that port 443 (and/or 80) is open on your router and that it is pointing to the device hosting the Nginx server on your LAN, and that your public ip is correctly entered in your CloudFlare DNS rules, then it’s likely an issue with the Nginx configuration. Port 8096 (or 8920 for secure connections) would only need to be open and reachable on CanYouSeeMe if you were connecting directly to Emby with your plugins on public IP instead of your domain, so it shouldn’t need to be open in this case. Also, just to be sure, have you checked that your domain has not expired and is still active? Just looking at all the possibilities here. Link to comment Share on other sites More sharing options...
vaise 324 Posted November 28, 2022 Share Posted November 28, 2022 (edited) I have found the cloudflare tunnels have really taken all this pain away. Tunnel is now either up or down, it has detailed logging, and no reverse proxy to worry about. And no ports to open on the router. Edited November 28, 2022 by vaise Link to comment Share on other sites More sharing options...
crusher11 893 Posted November 28, 2022 Share Posted November 28, 2022 Yep, turns out it's NGINX, which had completely stopped running. Attempting to restart gives the error "Docker API has failed. Please visit Docker Log for more information." Docker log: Start container nginx2 failed: {"message":"Bind mount failed: '/volume1/Emby Libraries/emby.log' does not exists"}. Link to comment Share on other sites More sharing options...
wmd1942 3 Posted December 29, 2022 Share Posted December 29, 2022 (edited) My emby server (a docker container) is accessed remotely through Cloudflare tunnel to the port 8096 of emby server. There is no problem to log in from my laptop's web browser. When I tried to connect the server (same host name) from android app, the log in screen will show up but I can't log in. It will always show "Sign In Error Invalid username or password. Please try again" even though the correct information was provided. The server log shows a single line: "Error Server: Access token is invalid or expired". Any help is appreciated. Update: Issue is resolved if port 443 is specified (instead of left empty) Edited December 29, 2022 by wmd1942 Issue resolved 1 Link to comment Share on other sites More sharing options...
vaise 324 Posted December 29, 2022 Share Posted December 29, 2022 9 hours ago, wmd1942 said: My emby server (a docker container) is accessed remotely through Cloudflare tunnel to the port 8096 of emby server. There is no problem to log in from my laptop's web browser. When I tried to connect the server (same host name) from android app, the log in screen will show up but I can't log in. It will always show "Sign In Error Invalid username or password. Please try again" even though the correct information was provided. The server log shows a single line: "Error Server: Access token is invalid or expired". Any help is appreciated. Update: Issue is resolved if port 443 is specified (instead of left empty) I use all ports on my tunnel config - no issues on my side reported from any remote family. Maybe they dont have any android phones however..... Plenty of google TV and a few chromecasts. Maybe it is something in your application policy config ? Maybe update your cloudflare tunnel version ? I am using docker - cloudflare/cloudflared:2022.12.1-amd64 Link to comment Share on other sites More sharing options...
jad3675 26 Posted January 17, 2023 Share Posted January 17, 2023 Well my number came up tonight and CF TOS'ed me. It was a good 5 year run. Got a nginx reverse proxy stood up in the cloud pretty quickly and had everything working after an hour Link to comment Share on other sites More sharing options...
sross44 280 Posted January 19, 2023 Share Posted January 19, 2023 On 1/16/2023 at 8:47 PM, jad3675 said: Well my number came up tonight and CF TOS'ed me. It was a good 5 year run. Got a nginx reverse proxy stood up in the cloud pretty quickly and had everything working after an hour I had the same thing happen to me last month. I switched everything over to nginx reverse proxy as well..... but I did love the Cloudfare setup. I have a feeling more and more people are going to start having this happen to them. Link to comment Share on other sites More sharing options...
jad3675 26 Posted January 19, 2023 Share Posted January 19, 2023 53 minutes ago, sross44 said: I had the same thing happen to me last month. I switched everything over to nginx reverse proxy as well..... but I did love the Cloudfare setup. I have a feeling more and more people are going to start having this happen to them. If CF's defense, I was averaging ~4TB/month. I am honestly beyond surprised I was able to skate for the better part of 5 years. Rather than setup a ngninx reverse proxy on my home network and open 443 up to the world, I spun up an Ampere A1 instance in the Oracle Cloud (it's free!) - 1GB bandwidth, 10TB egress/month and a public IP address. Installed nginx with mod_security and deployed crowdsec on it. Whitelisted the public IP on my home firewall. It's probably 98% as good as CF from a WAF/Intrusion standpoint. Don't have the fancy webpanel like CF, but I can scrape the metrics into the CloudSIEM from Datadog and have an idea of what's going on. John Link to comment Share on other sites More sharing options...
vaise 324 Posted January 19, 2023 Share Posted January 19, 2023 My public ip changes on average once every 2 weeks. That would be a pain I think. CF only 489gb last month. Link to comment Share on other sites More sharing options...
jad3675 26 Posted January 20, 2023 Share Posted January 20, 2023 14 hours ago, vaise said: My public ip changes on average once every 2 weeks. That would be a pain I think. CF only 489gb last month. My pub ip changes if my firewall gets rebooted. CF is doing my DNS, though. I have the name record that nginx uses to connect back to emby updated via the cloudflare-ddns script and then another script (on the reverse proxy) that reloads nginx if the DNS record changes. A bit convoluted (and a few minutes of downtime while DNS changes) but it works. Link to comment Share on other sites More sharing options...
sross44 280 Posted January 20, 2023 Share Posted January 20, 2023 On 1/19/2023 at 9:57 AM, jad3675 said: If CF's defense, I was averaging ~4TB/month. I am honestly beyond surprised I was able to skate for the better part of 5 years. Rather than setup a ngninx reverse proxy on my home network and open 443 up to the world, I spun up an Ampere A1 instance in the Oracle Cloud (it's free!) - 1GB bandwidth, 10TB egress/month and a public IP address. Installed nginx with mod_security and deployed crowdsec on it. Whitelisted the public IP on my home firewall. It's probably 98% as good as CF from a WAF/Intrusion standpoint. Don't have the fancy webpanel like CF, but I can scrape the metrics into the CloudSIEM from Datadog and have an idea of what's going on. John I may need your help on doing this, but I’m going to check this out today. Sounds super interesting!! Great idea Link to comment Share on other sites More sharing options...
Recommended Posts
Create an account or sign in to comment
You need to be a member in order to leave a comment
Create an account
Sign up for a new account in our community. It's easy!
Register a new accountSign in
Already have an account? Sign in here.
Sign In Now