Apps remain in starting (but actually work fine)

I’m struggling with the apps remain in starting state on the umbrel dashboard.
However, when going manually to the right address they work fine without issues

any suggestions how to fix this?

@Billiant4ever maybe just browser cache? Did you try cleaning it and removing any cookies?

thx, done, but no joy… still the same

I have a similar issue but apps open to dead pages and can’t connect my zap wallet anymore. Sometimes seeing the starting on apps.

In the Umbrel troubleshooting manual you have all instructions how to re-configure apps that are stuck.

1 Like

yes, I did run the reconfigure, but unfortunately that also did not resolve the issue.
Also studied the Umbrel troubleshooting manual but did not see the any line for this issue

The strange thing is that indeed I can install & de-install the apps fine, both command line or UI, but still remain in starting.

Answering my own issue: I found the answer to my mystery on the non-starting apps…

As I don’t like non-https traffic even on my local network I defined a different hostname for the umbrel and run that with a normal https certificate.
To avoid the CORS error, I added the domainname to the start script.

Seems that indeed the apps remain in starting if not accessed via either tor or the ip/umbrel.local…
So it is not so much of an umbrel issue rather me doing things the umbrel app is not expecting.

edit:
The background of the issue is that Umbrel is querying the apps over http which is blocked by the browser as it is concerned about the Mixed Content (https page doing http request). The workaround is to change the site permissions to allow insecure content… than the apps show as installed and are clickable
image

2 Likes

LOOOL I never thought that such a simple stupid thing could block the content.
Nice find!

@Billiant4ever had similar issue here… so it’s possible to install a SSL on a local domainame?

Yes, it is I use it for my local services a lot. Keep in mind it is bit more complex to setup.

How to run umbrel with https and without certificate errors

  1. get a domainname you, you can puchase them for few bucks, you need to be able to maintain the dns records for it. I guess that is common, but checking it before is avoiding surprises.

  2. get a certificate for it… now this is very easy nowadays with letsencrypt… Assuming you don’t want to expose your umbrel to the internet, you need to request a certificate using ‘DNS-01’ challenge method.
    This means that you create some special domainname entry for letsencrypt to validate that you own the domain. The letsencrypt request utility integrates with many domain/dns providers and can do that automatically for you. In this bit of the text is a list of providers that seem supported https://letsencrypt.org/docs/challenge-types/#dns-01-challenge

  3. Now comes for the tricky one. You need to setup a dns server in your local network. I have a synology NAS that supports that easily, but you can also run that even on your umbrel server.
    With that one you can make a umbrel.yourdomain.com dns record that points to the ip of your umbrel server. Ensure to forward all other request to your regular dns server, or even better use https://www.grc.com/dns/benchmark.htm utility to find the fastest best dns server aroud the block for you.

  4. Setup your dhcp server in your network to use your newly created nameserver from step 3. This will make that your user will first get the ip details for your umbrel server from the local network.

  5. Add a a new section to your nginx configuration to also listen to port 443 (https) , or if you don’t want to mess with the one created by umbrel like me, have a second nginx instance that does a forward proxy to the umbrel one. (have it on your umbrel server though as otherwise you still have unencrypted traffic over your network)
    In this nginx config you add the created certificates from step 2

Now refresh your dhcp to ensure the new settings are working and you can see a nice :lock: in front of your https://umbrel.yourdomain.com

  1. Unfortunately though you have a nice https server running now, loggin on will not yet be possible… Umbrel will complain about a CORS error… You need to edit your ./script/start script which is normally used to start umbrel.
    Add your new domain to the end of line 70 so it becomes something like
    DEVICE_HOSTS="http://${DEVICE_IP},http://${DEVICE_HOSTNAME}.local,https://${DEVICE_HOSTNAME}.local,http://${DEVICE_HOSTNAME},https://${DEVICE_HOSTNAME},https://umbrel.yourdomain.com"

  2. Restart umbrel, your done… finally happiness :wink:

Now as indicated in my post above you need to ‘allow insecure content’ to have the apps not remaining in starting, unfortunately that means that chrome removes your nice :lock: again :frowning: but sure enough, no certificate error and communication is encrypted…

I’m looking for a way to also access the apps in a more secure way… Than I can switch off again the ‘allow insecure content’…

If you like my contribution, consider tipping some sats https://tippin.me/@LightningBrainz