bem13

joined 1 year ago
[โ€“] [email protected] 2 points 11 months ago

Thank you so much! Yup, I actually didn't realize I didn't have to transfer my domain to Cloudflare and I could simply use their servers. I managed to add the domain to Cloudflare, changed the DNS servers to Cloudflare's servers on Namecheap's interface and successfully got a cert from LE using my Cloudflare API key, so I think it's good now? Just need to set up a ddns client since my router's client (OpenWRT) doesn't seem to support updating Cloudflare. Also, now I need to get my $50 back...

 

TL;DR: You can't automate Let's Encrypt wildcard cert renewal with a dynamic IP when using Namecheap because you have to manually whitelist your IP to access the API.

---

I spent the better part of the weekend tinkering with getting a Let's Encrypt wildcard cert for my self-hosted stuff. I just wanted to be able to use a nice .eu domain and not have browsers or devices yell at me for having a cert issued by my internal CA.

I use AdGuard Home as my DNS server and Nginx Proxy Manager (NPM from here on) as a reverse proxy. Everything is running in Docker containers on an RPi 4.

My IP is dynamic and I've been using no-ip to keep track of it, but they don't have an API which Certbot could use to create a TXT record when doing a DNS challenge.

So I went to Cloudflare since everyone and their dog seems to use them. Unfortunately, they don't offer .eu domains so I skipped this option.

I spotted Namecheap in both my router's dynamic DNS list and Nginx Proxy Manager's DNS challenge list. I've purchased a domain from them before and had no problems, so I read up a little bit on the whole thing and everything seemed cool. They have a dynamic DNS service you can activate for your domain, so you can use a ddns client to update your IP with them. I bought my domain, set up the dynamic DNS part, created a CNAME record, then went to set up Certbot through NPM. Here's where the first kicker came. You need API access to be able to have Certbot create a TXT record and verify your domain through a DNS challenge. To get API access, you need to satisfy at least one of these requirements:

  • have at least 20 domains under your account;
  • have at least $50 on your account balance;
  • have at least $50 spent within the last 2 years.

Okay, I thought, $50 kinda stings (yay, Eastern European wages) but I can top up my account with it and forget about renewing my domain for like 10 years, so it's not that bad. I did the top-up, activated my API access and here came the second kicker: you have to manually whitelist the IP address you're accessing the API from. So in the end you still have to keep an eye on your IP and potentially whitelist another IP every ~60 days, because NPM won't be able to access the API otherwise.

Now I probably have to live with this setup for at least a year (if I want to keep my domain) or cut my losses, try to get my $50 back and move everything elsewhere, maybe Cloudlfare and a .com domain...

I realize I could've done more research before committing myself financially (the warning about the $50 part is in Certbot's Namecheap plugin's documentation), but even after reading all the docs I haven't seen the IP whitelist part mentioned anywhere, so I thought I'd warn others.

[โ€“] [email protected] 1 points 11 months ago

Here's a picture of my hole just for you ๐Ÿ˜

https://preview.redd.it/y2yzdgoycc1c1.jpeg?width=6016&format=pjpg&auto=webp&s=4772130e5bc218996bfaa389e05b48ce60ee0c51

Good to know a product exists though, I'll try to look it up, thank you!

 

I live in Hungary, Europe in a quite old house. Our light switches and outlets use claws to stay in place. As you tighten a screw, a claw moves out and grips the inner side of the box. I believe this is still a pretty common system around here. The boxes lack a neutral wire and they're also pretty shallow, so I can't put a Shelly behind the existing switches.

โ€‹

The claws

I bought an Aqara H1 EU no neutral wall switch, but I can't mount it because I can't screw the screws into anything, there's just empty space where they're supposed to go. I tried MacGyvering a solution by taking the claws from the current non-smart (Legrand brand) switch, but they don't fit on the Aqara.

The Aqara switch. I could drill the 4 corners but then I'm pretty sure the screws' heads would prevent the faceplate from snapping on.

So, I'm turning to the community: Does a product exist which:

- Is made by a reputable brand

- Works in Europe (230 V, 50 Hz)

- Can be mounted using claws

- Uses Zigbee and can be controlled locally without any cloud accounts and/or 3rd party hubs (I use Home Assistant with the SkyConnect dongle)

- Preferably requires no neutral wire (I can probably fish one down to each of my boxes, but I'd prefer not to)

For example, In the Zigbee Device Compatibility Repository I see that lots of Legrand stuff is compatible, and these would probably work, but it's not entirely clear if buying their gateway is required and I'm not sure their smart devices are even available in my country...

[โ€“] [email protected] 1 points 1 year ago

I would avoid any switches/dimmers that require cloud accounts and instead always try for local control. To that end, consider Z-Wave or ZigBee (or Matter), where you can have local control.

Any particular brands you would recommend? (I'm in a similar situation as OP)