• Unraid OS version 6.10.0-rc1 available


    limetech

    6.10.0 Summary of New Features

     

    As always, prior to updating, create a backup of your USB flash device:  "Main/Flash/Flash Device Settings" - click "Flash Backup".

     

    UPC and My Servers Plugin

    The most visible new feature is located in the upper right of the webGUI header.  We call this the User Profile Component, or UPC.  The UPC allows a user to associate their server(s) and license key(s) with their Unraid Community forum account.

     

    Starting with this release, it will be necessary for a new user to either sign-in with existing forum credentials or sign-up, creating a new account via the UPC in order to download a Trial key.  All key purchases and upgrades are also handled exclusively via the UPC.

     

    Signing-in provides these benefits:

    1. No more reliance on email and having to copy/paste key file URLs in order to install a license key - keys are delivered and installed automatically to your server.
    2. Notification of critical security-related updates.  In the event a serious security vulnerability has been discovered and patched, we will send out a notification to all email addresses associated with registered servers.
    3. Ability to install the My Servers plugin (see below).
    4. Posting privilege in a new set of My Servers forum boards.

     

    Once a license key has been provisioned, it is not necessary to remain signed-in, though there is no particular reason to sign-out.  Exception: if you have installed the My Servers plugin, signed-in servers will maintain a websocket connection to a Lime Technology cloud server for the purpose of transmitting real-time status.

     

    My Servers Plugin

    My Servers is what we call our set of cloud-based or cloud-enabled services and features that integrate with your Unraid server(s).  Once installed here are some of the features of My Servers:

    • My Servers Dashboard - when logged into the forum a new My Servers menu item appears. Clicking this brings up a Dashboard which displays a set of tiles representing each signed-in server.  Here you can see real-time status such as whether the server is online or offline, storage utilization and other information.  In addition, links are created to bring up a server webGUI, either locally on the LAN or remotely over the Internet (if Remote Access has been enabled).
    • flash backup - every registered server is provided with a private git repo initially populated with the contents of your USB flash boot device (except for certain files which contain private information such as passwords).  Thereafter, configuration changes are automatically committed.  Through the My Servers webApp it's possible to download a custom zip file that can be fed as input to the USB Flash Creator tool to move your configuration to a new USB flash device.
    • License key download - Again, through the My Servers webApp you can download your license key directly.

     

    My Servers is an optional add-on, installed through Community Apps or via direct plugin URL.  Detailed instructions can be found here.

     

    Security Changes

    • It is now mandatory to define a root password.  We also created a division in the Users page to distinguish root from other user names.  The root UserEdit page includes a text box for pasting SSH authorized keys.
    • For new configurations, the flash share default export setting is No.
    • For all new user shares, the default export setting is No.
    • For new configurations, SMBv1 is disabled by default.
    • For new configurations, telnet, ssh, and ftp are disabled by default.
    • We removed certain strings from Diagnostics such as passwords found in the 'go' file.

     

    Virtualization

    Both libvirt and qemu have been updated.  In addition qemu has been compiled with OpenGL support.

     

    The built-in FireFox browser available in GUI-mode boot is built as an AppImage and located in the bzfirmware compressed file system image.  This saves approximately 60MB of RAM.

     

    The Wireguard plugin has been integrated into webGUI, that is, no need for the plugin.  If you had the plugin installed previously, it will be uninstalled and moved to the "Plugins/Plugin File Install Errors" page. No action is needed unless you want to press the Delete button to remove it from that page. Your WireGuard tunnels and settings will be preserved.

     

    Simplified installation of the Community Apps plugin.  The webGUI automatically includes the Apps menu item, and if CA is not already installed, the page offers an Install button.  No need to hunt for the plugin link.

     

    Let's Encrypt SSL provisioning change.  In previous releases code that provisions (allocates and downloads) a LE SSL certificate would first test if DNS Rebinding Protection was enforced on the user's LAN; and, if so, would not provision the certificate.  Since there are other uses for a LE certificate we changed the code so that provision would always proceed.  Next, we changed the logic behind the Auto selection of "Use SSL/TLS" setting on the Management Access page.  Now it is only possible to select Auto if both a LE certificate has been provisioned and DNS Rebinding Protection is not enforced.  This is a subtle change but permits certain My Servers features such as Remote Access.

     

    Linux Kernel

    Upgrade to Linux 5.13.8 kernel which includes so-called Sequoia vulnerability mitigation.

     

    In-tree GPU drivers are now loaded by default if corresponding hardware is detected:

    • amdgpu
    • ast
    • i915
    • radeon

     

    These drivers are required mostly for motherboard on-board graphics used in GUI boot mode.  Loading of a driver can be prohibited by creating the appropriate file named after the driver:

    echo "blacklist i915" > /boot/config/modprobe.d/i915.conf

    Alternately, the device can be isolated from Linux entirely via the System Devices page.  Note that in Unraid OS 6.9 releases the in-tree GPU drivers are blacklisted by default and to enabling loading a driver you need to create an empty "conf" file.  After upgrading to Unraid OS 6.10 you may delete those files, or leave them as-is.  This change was made to greatly improve the Desktop GUI experience for new users.

     

    Added support for Intel GVT-g, which lets you split your Intel i915 iGPU into multiple virtual GPUs and pass them through to multiple VMs, using @ich777's Intel-GVT-g plugin.

     

    Added support for gnif/vendor-reset.  This simplifies @ich777's AMD Vendor Reset plugin which permits users to get their AMD video cards to reset properly.

     

    Base Packages

    Virtually the entire base package set has been updated.

     

    Other improvements available in 6.10, which are maybe not so obvious to spot from the release notes and some of these improvements are internal and not really visible:

     

     

    Event driven model to obtain server information and update the webGUI in real-time

    • The advantage of this model is its scalability. Multiple browsers can be opened simultaneously to the webGUI without much impact
    • In addition stale browser sessions won't create any CSRF errors anymore
    • People who keep their browser open 24/7 will find the webGUI stays responsive at all times

     

    Docker labels

    • Docker labels are added to allow people using Docker compose to make use of icons and GUI access
    • Look at a Docker 'run' command output to see exactly what labels are used

     

    Docker custom networks

    • A new setting for custom networks is available. Originally custom networks are created using the macvlan mode, and this mode is kept when upgrading to version 6.10
    • The new ipvlan mode is introduced to battle the crashes some people experience when using macvlan mode. If that is your case, change to ipvlan mode and test. Changing of mode does not require to reconfigure anything on Docker level, internally everything is being taken care off.

     

    Docker bridge network (docker0)

    • docker0 now supports IPv6. This is implemented by assigning docker0 a private IPv6 subnet (fd17::/64), similar to what is done for IPv4 and use network translation to communicate with the outside world
    • Containers connected to the bridge network now have both IPv4 and IPv6 connectivity (of course the system must have IPv6 configured in the network configuration)
    • In addition several enhancements are made in the IPv6 implementation to better deal with the use (or no-use) of IPv6

     

    Plugins page

    • The plugins page now loads information in two steps. First the list of plugins is created and next the more time consuming plugin status field is retrieved in the background. The result is a faster loading plugins page, especially when you have a lot of plugins installed

     

    Dashboard graphs

    • The dashboard has now two graphs available. The CPU graph is displayed by default, while the NETWORK graph is a new option under Interface (see the 'General Info' selection)
    • The CPU graph may be hidden as well in case it is not desired
    • Both graphs have a configurable time-line, which is by default 30 seconds and can be changed independently for each graph to see a longer or shorter history.
    • Graphs are updated in real-time and are useful to observe the behavior of the server under different circumstances

     

    Other Changes

    • We switched to a better-maintained version of the WSD server component called wsdd2 in an effort to eliminate instances where the wsd daemon would start consuming 100% of a CPU core.
    • Fixed issue where you couldn't create a docker image on a share name that contains a space.
    • Fixed issue where 'mover' would not move to a pool name that contains a space.
    • Fixed issue in User Share file system where permissions were not being honored.
    • We increased the font size in Terminal.
    • Many other small bug fixes and improvements.

     

    Credits

    Special thanks to all our beta testers and especially:

    @bonienl for his continued refinement and updating of the Dynamix webGUI.

    @Squid for continued refinement of Community Apps and associated feed.

    @dlandon for continued refinement of Unassigned Devices plugin and patience as we change things under the hood.

    @ich777 for assistance and passing on knowledge of Linux kernel config changes to support third party drivers and other kernel-related functionality via plugins.

    @SimonF for refinements to System Devices page and other webGUI improvements.  We intend to merge your mover progress changes during this RC series.

     


     

    Version 6.10.0-rc1 2021-08-07

     

    Base distro:

    • aaa_base: version 15.0
    • aaa_glibc-solibs: version 2.33
    • aaa_libraries: version 15.0
    • acl: version 2.3.1
    • acpid: version 2.0.32
    • adwaita-icon-theme: version 40.1.1
    • apcupsd: version 3.14.14
    • appres: version 1.0.5
    • at: version 3.2.2
    • at-spi2-atk: version 2.38.0
    • at-spi2-core: version 2.40.3
    • atk: version 2.36.0
    • attr: version 2.5.1
    • avahi: version 0.8
    • bash: version 5.1.008
    • beep: version 1.3
    • bin: version 11.1
    • bind: version 9.16.19
    • bluez-firmware: version 1.2
    • bridge-utils: version 1.7.1
    • brotli: version 1.0.9
    • btrfs-progs: version 5.13.1
    • bzip2: version 1.0.8
    • ca-certificates: version 20210526
    • cairo: version 1.16.0
    • celt051: version 0.5.1.3
    • cifs-utils: version 6.13
    • coreutils: version 8.32
    • cpio: version 2.13
    • cpufrequtils: version 008
    • cracklib: version 2.9.7
    • cryptsetup: version 2.3.6
    • curl: version 7.78.0
    • cyrus-sasl: version 2.1.27
    • db48: version 4.8.30
    • dbus: version 1.12.20
    • dbus-glib: version 0.112
    • dcron: version 4.5
    • dejavu-fonts-ttf: version 2.37
    • devs: version 2.3.1
    • dhcpcd: version 8.1.9
    • diffutils: version 3.8
    • dmidecode: version 3.3
    • dnsmasq: version 2.85
    • docker: version 20.10.6
    • dosfstools: version 4.2
    • e2fsprogs: version 1.46.3
    • ebtables: version 2.0.11
    • editres: version 1.0.7
    • eject: version 2.1.5
    • elogind: version 246.10
    • elvis: version 2.2_0
    • encodings: version 1.0.5
    • etc: version 15.0
    • ethtool: version 5.13
    • eudev: version 3.2.10
    • file: version 5.40
    • findutils: version 4.8.0
    • flex: version 2.6.4
    • floppy: version 5.5
    • fluxbox: version 1.3.7
    • fontconfig: version 2.13.92
    • freeglut: version 3.2.1
    • freetype: version 2.11.0
    • fribidi: version 1.0.10
    • fuse3: version 3.10.4
    • gawk: version 5.1.0
    • gd: version 2.3.2
    • gdbm: version 1.20
    • gdk-pixbuf2: version 2.42.6
    • genpower: version 1.0.5
    • getty-ps: version 2.1.0b
    • git: version 2.32.0
    • glew: version 2.2.0
    • glib2: version 2.68.3
    • glibc: version 2.33
    • glibc-zoneinfo: version 2021a
    • glu: version 9.0.2
    • gmp: version 6.2.1
    • gnutls: version 3.6.16
    • gptfdisk: version 1.0.8
    • graphite2: version 1.3.14
    • grep: version 3.6
    • gtk+3: version 3.24.30
    • gzip: version 1.10
    • harfbuzz: version 2.8.2
    • haveged: version 1.9.14
    • hdparm: version 9.62
    • hicolor-icon-theme: version 0.17
    • hostname: version 3.23
    • htop: version 3.0.5
    • hwloc: version 2.2.0
    • icu4c: version 69.1
    • imlib2: version 1.7.1
    • inetd: version 1.79s
    • infozip: version 6.0
    • inih: version 53
    • inotify-tools: version 3.20.11.0
    • iproute2: version 5.13.0
    • iptables: version 1.8.7
    • iputils: version 20210722
    • irqbalance: version 1.7.0
    • jansson: version 2.13.1
    • jemalloc: version 5.2.1
    • jq: version 1.6
    • json-c: version 0.15_20200726
    • keyutils: version 1.6.3
    • kmod: version 29
    • krb5: version 1.19.2
    • lbzip2: version 2.5
    • less: version 590
    • libICE: version 1.0.10
    • libSM: version 1.2.3
    • libX11: version 1.7.2
    • libXau: version 1.0.9
    • libXaw: version 1.0.14
    • libXcomposite: version 0.4.5
    • libXcursor: version 1.2.0
    • libXdamage: version 1.1.5
    • libXdmcp: version 1.1.3
    • libXevie: version 1.0.3
    • libXext: version 1.3.4
    • libXfixes: version 6.0.0
    • libXfont: version 1.5.2
    • libXfont2: version 2.0.5
    • libXfontcache: version 1.0.5
    • libXft: version 2.3.4
    • libXi: version 1.7.10
    • libXinerama: version 1.1.4
    • libXmu: version 1.1.3
    • libXpm: version 3.5.13
    • libXrandr: version 1.5.2
    • libXrender: version 0.9.10
    • libXres: version 1.2.1
    • libXt: version 1.2.1
    • libXtst: version 1.2.3
    • libXxf86dga: version 1.1.5
    • libXxf86misc: version 1.0.4
    • libXxf86vm: version 1.1.4
    • libaio: version 0.3.112
    • libarchive: version 3.5.1
    • libcap-ng: version 0.8.2
    • libcgroup: version 0.41
    • libdaemon: version 0.14
    • libdmx: version 1.1.4
    • libdrm: version 2.4.107
    • libedit: version 20210714_3.1
    • libepoxy: version 1.5.8
    • libestr: version 0.1.9
    • libevdev: version 1.11.0
    • libevent: version 2.1.12
    • libfastjson: version 0.99.9
    • libffi: version 3.3
    • libfontenc: version 1.1.4
    • libgcrypt: version 1.9.3
    • libglvnd: version 1.3.3
    • libgpg-error: version 1.42
    • libgudev: version 236
    • libidn: version 1.38
    • libjpeg-turbo: version 2.1.0
    • liblogging: version 1.0.6
    • libmnl: version 1.0.4
    • libnetfilter_conntrack: version 1.0.8
    • libnfnetlink: version 1.0.1
    • libnftnl: version 1.2.0
    • libnl3: version 3.5.0
    • libpcap: version 1.10.1
    • libpciaccess: version 0.16
    • libpng: version 1.6.37
    • libpsl: version 0.21.1
    • libpthread-stubs: version 0.4
    • libseccomp: version 2.5.1
    • libssh: version 0.9.5
    • libssh2: version 1.9.0
    • libtasn1: version 4.17.0
    • libtiff: version 4.3.0
    • libtiff: version 4.3.0
    • libtirpc: version 1.3.2
    • libunistring: version 0.9.10
    • libunwind: version 1.5.0
    • libusb: version 1.0.24
    • libusb-compat: version 0.1.7
    • libuv: version 1.41.0
    • libvirt: version 7.3.0
    • libvirt-php: version 0.5.5
    • libwebp: version 1.2.0
    • libwebsockets: version 4.2.0
    • libx86: version 1.1
    • libxcb: version 1.14
    • libxkbcommon: version 1.3.0
    • libxkbfile: version 1.1.0
    • libxml2: version 2.9.12
    • libxshmfence: version 1.3
    • libxslt: version 1.1.34
    • libzip: version 1.8.0
    • listres: version 1.0.4
    • lm_sensors: version 3.6.0
    • lmdb: version 0.9.29
    • logrotate: version 3.18.1
    • lshw: version B.02.19.2
    • lsof: version 4.94.0
    • lsscsi: version 0.32
    • lvm2: version 2.03.12
    • lz4: version 1.9.3
    • lzip: version 1.22
    • lzo: version 2.10
    • mc: version 4.8.26
    • miniupnpc: version 2.1
    • mkfontscale: version 1.2.1
    • mpfr: version 4.1.0
    • mtdev: version 1.1.6
    • nano: version 5.8
    • ncompress: version 5.0
    • ncurses: version 6.2_20201219
    • net-tools: version 20181103_0eebece
    • nettle: version 3.7.3
    • network-scripts: version 15.0
    • nfs-utils: version 2.5.4
    • nghttp2: version 1.44.0
    • nginx: version 1.19.9
    • nss-mdns: version 0.14.1
    • ntfs-3g: version 2017.3.23
    • ntp: version 4.2.8p15
    • numactl: version 2.0.13
    • oniguruma: version 6.9.7
    • openssh: version 8.6p1
    • openssl: version 1.1.1k
    • openssl-solibs: version 1.1.1k
    • p11-kit: version 0.24.0
    • pam: version 1.5.1
    • pango: version 1.48.7
    • patch: version 2.7.6
    • pciutils: version 3.7.0
    • pcre: version 8.45
    • pcre2: version 10.37
    • php: version 7.4.18
    • pixman: version 0.40.0
    • pkgtools: version 15.0
    • procps-ng: version 3.3.17
    • pv: version 1.6.6
    • qemu: version 6.0.0
    • qrencode: version 4.1.1
    • reiserfsprogs: version 3.6.27
    • rpcbind: version 1.2.5
    • rsync: version 3.2.3
    • rsyslog: version 8.2102.0
    • sakura: version 3.5.0
    • samba: version 4.12.15
    • sdparm: version 1.12
    • sed: version 4.8
    • sessreg: version 1.1.2
    • setxkbmap: version 1.3.2
    • sg3_utils: version 1.46
    • shadow: version 4.8.1
    • shared-mime-info: version 2.1
    • slim: version 1.3.6
    • smartmontools: version 7.2
    • spice: version 0.15.0
    • sqlite: version 3.36.0
    • ssmtp: version 2.64
    • startup-notification: version 0.12
    • sudo: version 1.9.7p2
    • sysfsutils: version 2.1.0
    • sysvinit: version 2.99
    • sysvinit-scripts: version 15.0
    • talloc: version 2.3.2
    • tar: version 1.34
    • tcp_wrappers: version 7.6
    • tdb: version 1.4.5
    • telnet: version 0.17
    • tevent: version 0.11.0
    • traceroute: version 2.1.0
    • transset: version 1.0.2
    • tree: version 1.8.0
    • ttyd: version 20210507
    • usbredir: version 0.8.0
    • usbutils: version 013
    • utempter: version 1.2.0
    • util-linux: version 2.37.1
    • vbetool: version 1.2.2
    • vsftpd: version 3.0.5
    • vte3: version 0.50.2
    • wayland: version 1.19.0
    • wget: version 1.21.1
    • which: version 2.21
    • wireguard-tools: version 1.0.20210424
    • wsdd2: version 1.8.3.2
    • xauth: version 1.1
    • xcb-util: version 0.4.0
    • xclock: version 1.0.9
    • xdpyinfo: version 1.3.2
    • xdriinfo: version 1.0.6
    • xev: version 1.2.4
    • xf86-input-evdev: version 2.10.6
    • xf86-input-keyboard: version 1.9.0
    • xf86-input-mouse: version 1.9.3
    • xf86-input-synaptics: version 1.9.1
    • xf86-video-ast: version 1.1.5
    • xf86-video-mga: version 2.0.0
    • xf86-video-vesa: version 2.5.0
    • xfsprogs: version 5.12.0
    • xhost: version 1.0.8
    • xinit: version 1.4.1
    • xkbcomp: version 1.4.5
    • xkbevd: version 1.1.4
    • xkbutils: version 1.0.4
    • xkeyboard-config: version 2.33
    • xkill: version 1.0.5
    • xload: version 1.1.3
    • xlsatoms: version 1.1.3
    • xlsclients: version 1.1.4
    • xmessage: version 1.0.5
    • xmodmap: version 1.0.10
    • xorg-server: version 1.20.13
    • xprop: version 1.2.5
    • xrandr: version 1.5.1
    • xrdb: version 1.2.0
    • xrefresh: version 1.0.6
    • xset: version 1.2.4
    • xsetroot: version 1.1.2
    • xsm: version 1.0.4
    • xterm: version 368
    • xtrans: version 1.4.0
    • xwd: version 1.0.8
    • xwininfo: version 1.1.5
    • xwud: version 1.0.5
    • xxHash: version 0.8.0
    • xz: version 5.2.5
    • yajl: version 2.1.0
    • zlib: version 1.2.11
    • zstd: version 1.5.0

    Linux kernel:

    • version 5.13.8 (CVE-2021-33909 CVE-2021-33910)
    • CONFIG_USB4: Unified support for USB4 and Thunderbolt
    • CONFIG_USB4_NET: Networking over USB4 and Thunderbolt cables
    • CONFIG_DRM_I915_GVT: Enable Intel GVT-g graphics virtualization host support
    • CONFIG_DRM_I915_GVT_KVMGT: Enable KVM/VFIO support for Intel GVT-g
    • CONFIG_VFIO_MDEV: Mediated device driver framework
    • CONFIG_VFIO_MDEV_DEVICE: VFIO driver for Mediated devices
    • CONFIG_FTRACE: Tracers
    • CONFIG_FUNCTION_TRACER: Kernel Function Tracer
    • CONFIG_KPROBES: Kprobes
    • CONFIG_DEBUG_KERNEL: Kernel debugging
    • CONFIG_KALLSYMS_ALL: Include all symbols in kallsyms
    • CONFIG_X86_X32: removed
    • md_unraid: version 2.9.18

    Management:

    • emhttp new defaults:
      - root password required
      - newly created shares not exported by default
      - predefined 'flash' share not exported by default
      - ftp, ssh, telnet: disabled by default
      - NetBIOS disabled by default
      - WSD enabled (and using newer 'wsdd2' package)
      - Enhanced macOS interoperability enabled
    • mover: fix bug not moving shares with embedded spaces
    • shfs: fix bug where permissions being ingored ('default_permissions' was missing in mount command)
    • webgui: support simultanious LAN SSL with self-signed cert and DNS-based SSL with Lets Encrypt cert
    • webgui: Suppress non-relevant IPv6 routes in routing table
    • webgui: Fixed smart temperature settings sometimes not possible
    • webgui: Add internal container reference
    • webgui: Diagnostics: Remove lines from go containing passwords etc
    • webgui: Better translation of docker container variables
    • webgui: Fix monitor false positives
    • webgui: Allow ruleset for local rules in rsyslog.conf
    • webgui: Include links in email and Discord agent notifications
    • webgui: Allow all notification agents to send links
    • webgui: Validate WebGUI ports before applying
    • webgui: Add vmxnet3 and e1000 into available NICs for VMs
    • webgui: Error checking etc on ports for syslog server
    • webgui: Check for flash offline / quick check on if it is corrupted
    • webgui: Only allow png files to be uploaded as user image
    • webgui: Diagnostics: Revamp anonymization
    • webgui: Add WireGuard GUI
    • webgui: Update DashStats.page
    • webgui: Bug fix in DashStats
    • webgui: Fix corruption check after a New Config is issued
    • webgui: Update alert text
    • webgui: Translation support (Unraid.net)
    • webgui: WireGuard: preset peer DNS server with "Remote tunneled access"
    • webgui: Plugins page loading improvements
    • webgui: Docker page loading improvements
    • webgui: Make WireGuard trademark visible on "full" page
    • webgui: Replace polling scripts with event driven Nchan interface
    • webgui: Improved format of stale and error plugin pages
    • webgui: Docker: Add crypto as a category
    • webgui: Dashboard: add CPU and NETWORK chart
    • webgui: Docker: compress too long author names
    • webgui: Convert notify polling to Nchan
    • webgui: Docker: process bash ANSI colors in web log display
    • webgui: dockerMan: remove HTML from descriptions
    • webgui: SSH authorized keys UI
    • webgui: Device_list replace .png icon with font icon
    • webgui: Compress too long share names in dropdown menus
    • webgui: Show management access and shares access groups for users
    • webgui: Added "User 'root'" reference on Management Access page
    • webgui: Show warning when javascript is disabled
    • webgui: Force creation of root password
    • webgui: Edit/Add Container: Fix browser console error
    • webgui: WireGuard: warn when directly connected with public IP
    • webgui: Fix network bonding display
    • webgui: Add tracking after system shutdown
    • webgui: Added notify when plugin fails to install
    • webgui: Add Apps link to install CA
    • webgui: Diagnostics: Add share summary
    • webgui: Suppress IPv6 anycast addresses in routing table
    • webgui: Diagnostics: Add share summary
    • webgui: Diagnostics: Include current plugin versions
    • webgui: Diagnostics: add DHCP log
    • webgui: Diagnostics fix plugin deprecated max version error
    • webgui: Docker: Support CA tag
    • webgui: Delete DockerRepositories.page
    • webgui: dockerMan Security: Remove HTML tags from Config elements
    • webgui: When viewing source, identify which .page file is responsible
    • webgui: System devices additions
    • webgui: Create syslog entry when user logs out
    • webgui: privatize host in diagnostics
    • webgui: Create favicon.ico
    • webgui: Update Credits.page
    • Like 22



    User Feedback

    Recommended Comments



    Does anything regarding key renewal logic change with My Servers and UPC?

    For example: my flash drives always somehow manage to fail before 1 year is up. The current system allows for automatic key renewal every 1 year, in case of failure. That usually means I have to email support for manual renewal, because just my luck, which means downtime.

     

    Does the new system change such cases or does that 1 year thing remain?

    Edited by Ver7o
    Link to comment
    12 minutes ago, hawihoney said:

    My 6 license keys are stored in /config on all sticks and I hope it will work that way in 6.10 and beyond.

    This is a thing that wont change I think, but this is a questin for the deveolpers themselves.

     

     

    12 minutes ago, hawihoney said:

    it's their personal descision then

    And the installation from the My Servers plugin too, also if the user provisions a certificate.

     

    For example I have the My Servers plugin installed but have not provisioned a certificate to keep the local IP nor do I enabled the Flash backup, but I can see that my servers are online.

    This is all optional.

     

    You don't have to log in.

    Link to comment
    11 minutes ago, hawihoney said:

    It's a descision that users make. If they want Facebook but not Google (or whatever) - it's their personal descision then. IMHO it's no valid argument to say "If you 'trust' Facebook you must 'trust' Google as well" .

    true ;) i just think its funny what waves come up here for a one time registration

     

    about the connection issues locally, i guess its due most have ssl enabled and try to use this url instead the LAN ip (if all are wanting local access only anyway ...), just makes me wonder why alot have so many concerns or questions while its standing in the release notes what is when ...

    Edited by alturismo
    Link to comment
    23 minutes ago, ich777 said:

    is then bound to your Forum account

    Is it possible to unlink and relink with a different forum account? 

    • Thanks 1
    Link to comment
    19 minutes ago, mgutt said:

    Is it possible to unlink and relink with a different forum account? 

    This question that should be answered by a member from the team, but I don't see why this shouldn't be possible.

     

    May I ask why you want to do this, only asking because if you've bought a key with the old method it is bound to your mail address...

    Link to comment
    9 minutes ago, ich777 said:

    And the installation from the My Servers plugin too

     

    Don't forget UPC. AFAIK, this is mandatory for users (trial and upgrade). I do have mixed feelings about that.

     

    With the current procedure (pre 6.10) the key is sent to my E-Mail address. What's known to Limetech is my E-Mail address, the GUID of the stick, payment details, address details (name, ...). Only optional Limetech knows my forum account. Currently not all users do have a forum account. A happy user with no problems won't create one.

     

    Starting with 6.10 new users or upgrading users need to have a forum account (is this correct?) And the way more interesting part: What is know additionally from my servers thru UPC if My Servers Plugin is not installed?

     

    As said previously here. It's a matter of communication. Cloud services have a bad reputation and are tolerated only with personal benefits. So, what are the cool benefits ;-) Currently I can not sign out offline servers. Currently I can not manually upload spare key files (not in use currently). Currently I can't rename the server tiles. You get the idea.

     

    Link to comment

    Tried updating from 6.83 to 6.10.0-RC1 and just simply got a failed to boot message. Was interested in testing out ipvlan to see if it solves my issues with macvlan driver in the 6.9.x releases.

     

    Is there anything I can grab off the flash drive to help diagnose the failure to boot after update? 

    Link to comment
    21 minutes ago, hawihoney said:

    Don't forget UPC. AFAIK, this is mandatory for users (trial and upgrade). I do have mixed feelings about that.

    That's the point and also the benefit, UPC is strictly speaking not a cloud service because it's not My Servers, UPC is a new and more easy way to manage/register/buy your keys.

    As written above I had to replace a key a few days ago and this was a process of around 20 to 30 seconds with reading on how to do that... ;)

     

    21 minutes ago, hawihoney said:

    Only optional Limetech knows my forum account. Currently not all users do have a forum account. A happy user with no problems won't create one.

    This is a yes and no for me, what if the user have a problem some day... For me it would be more convenient if I can go directly to the Forums with my account. Other users won't see what keys you own or anything about them or your registered server...

     

    21 minutes ago, hawihoney said:

    What is know additionally from my servers thru UPC if My Servers Plugin is not installed?

    Look at the my servers page, the server name and the key itself.

     

    21 minutes ago, hawihoney said:

    Currently

    You've said it here, My Servers is in Beta right now.

     

    21 minutes ago, hawihoney said:

    Starting with 6.10 new users or upgrading users need to have a forum account (is this correct?)

    Yes, this is what is mentioned in the OP.

    Link to comment
    7 minutes ago, sirkuz said:

    Is there anything I can grab off the flash drive to help diagnose the failure to boot after update? 

    Can you take a picture what does exactly happen?

    Does it pop up right after the POST message?

    Maybe try to run "make_bootable.bat" if you are on Windows as Administrator on your local PC with the USB Boot device attached to it.

    Link to comment
    55 minutes ago, sirkuz said:

    Tried updating from 6.83 to 6.10.0-RC1 and just simply got a failed to boot message. Was interested in testing out ipvlan to see if it solves my issues with macvlan driver in the 6.9.x releases.

     

    Is there anything I can grab off the flash drive to help diagnose the failure to boot after update? 

    I have found that sometimes downloading the zip file for the release and extracting all the bz* type files overwriting the ones on the flash can help.    It as though during the online upgrade the writing of the new files does not quite succeed error free and this approach fixes this.

    Link to comment

    I get what LT is trying to do here. I also understand UPC and My Servers are separate things.

     

    - UPC is a system for licence key purchases, upgrades and renewals, meaning u only have to use it when you need something regarding the licence. Thats great, I support the idea. This seems like the only "mandatory" thing to use, as eventually we all meet the thumb drive reaper and need a new licence provisioned. It also enables the second thing which is:

     

    - My Servers plugin is, by my understanding, completely optional and can never see the light of day on ur server, if you do not want it to. That means no "constant connection to the cloud and no telemetry. If you do not have a use case for its features, you dont use it = no connection = win.


    Everything is all fine and good, but I left out the critical part: to use any of these 2 things linking with forum account is neccessary. This is the part I can't fathom. Why link such a critical system with something like a forum page which has very little actual significance in our minds with regards to how we approach it. Why was this chosen over, idk, a "dedicated intranet" for this purpose. We would not need to retrain our minds that this community page suddenly has the literal keys to your kingdom (server) :D

     

    I would be curious to hear the reasoning for this decision.

     

    Thats just my 2 cents about my thought process here.

     

     

    Link to comment
    1 hour ago, ich777 said:

    Look at the my servers page

     

    Oh, please. This is a naive argument. Not all that's stored becomes shown. Google has trillions of data about you, look at their dashboard. E.g. not one single line about relationships to other Google users.

     

    I suggest to stop here and wait for some clarification from the developers.

     

    Link to comment
    9 minutes ago, hawihoney said:

    Oh, please. This is a naive argument. Not all that's stored becomes shown. Google has trillions of data about you, look at their dashboard. E.g. not one single line about relationships to other Google users.

    Then simply don't use it if you already have keys, you have to have a little trust in what the developers say and also keep in mind that Limetech is not Google, Apple,...

    😅

     

    But most of the things that you've asked and what they've store is answered in the OP and also in the FAQ, I think the are pretty transparent about that. ;)

     

    But I agree stop herepan widget

    Link to comment
    3 hours ago, alturismo said:

    @Mik3 its in the release notes ... and btw im also from europe ;) this is really a fun when i think about it that pretty sure almost all here using a smartphone, facebook, ... ;) 

     

     

    Hi, Thanks for the reply. Despite I read the release notes etc, as it was pointed by someone else not everything is clear.

     

    Regarding your statement, about facebook etc, doesn't really makes any sense. First your assumption might be wrong. The fact that million people uses facebook doesn't mean I do. Also the fact someone trust facebook doesn't mean he/she has to trust microsoft, apple and so on. With these I mean NO disrespect to limetech, actually I trust them so far as they proved to be reliable both with their OS, and the fact that they hear the community concern and most of the time they address this very quickly.

    Anyway I didn't want to complain at all I was just seeking some answers. I am a very happy unraid user and as I said I was already considering to buy a second licence, this I think tells more than a million word.

     

    @ich777 I read your post and answers to other people questions/discussion which partly cleared my doubts. Thanks for your time.

    • Like 2
    Link to comment

    Can I please ask limetech for some FAQ or written details around the existing users / licenses behaviors / expectations / changes  in light of this upgrade?  Is really not clear to me who does what, just assumptions at this point. 

     

    I for one, will opt out from associating any of my licenses with this forum credentials and that's a show stopper for me.  I value my privacy and my control more than any social or cloud services and I will not sign my life away down the road to some vague license agreement.  Not pointing at limetech but tech history proved over and over again that we're going down a very slippery slope when extend our own devices over some fashion of cloud services.  I simply don't trust that model, full, stop, period. 

     

    This is not what I signed up for and I would like to keep it that way. I can appreciate some of the business benefits explained and I respect that, but also one have to respect our privacy. 

     

    • Like 3
    • Thanks 1
    Link to comment
    1 hour ago, ich777 said:

    Can you take a picture what does exactly happen?

    Does it pop up right after the POST message?

    Maybe try to run "make_bootable.bat" if you are on Windows as Administrator on your local PC with the USB Boot device attached to it.

     

    I get this after trying "make_bootable.bat" as admin on windows machine. 

    cmd_jA7vHgmNCY.png.c48835007bd5d01046baf84f98b19a32.png

    Then trying to boot unraid 6.10.0-rc1

    java_UDzTmYQmkq.png.09dae094aa69aefd78e00432e1c80c0a.png

    Link to comment
    13 minutes ago, sirkuz said:

    I get this after trying "make_bootable.bat" as admin on windows machine. 

    Seems like your Boot device isn't named "UNRAID".

    Try to rename it to UNRAID and run make bootable again.

    Link to comment
    32 minutes ago, sirkuz said:

    I get this after trying "make_bootable.bat" as admin on windows machine. 

     

    Please use the USB Creator tool.

    Link to comment
    4 minutes ago, limetech said:

     

    Please use the USB Creator tool.

    Hello and thanks!

     

    USB Creator tool doesn't yet list 6.10.0-rc1 under the "Next" selection area. Are you recommending I use it to reinstall 6.8.3 on to the flash drive, copy over my backup again to the drive and then attempt the upgrade via gui to 6.10.0-rc1 again?

    Link to comment
    35 minutes ago, johnwhicker said:

    Can I please ask limetech for some FAQ or written details around the existing users / licenses behaviors / expectations / changes  in light of this upgrade?  Is really not clear to me who does what, just assumptions at this point. 

     

    I for one, will opt out from associating any of my licenses with this forum credentials and that's a show stopper for me.  I value my privacy and my control more than any social or cloud services and I will not sign my life away down the road to some vague license agreement.  Not pointing at limetech but tech history proved over and over again that we're going down a very slippery slope when extend our own devices over some fashion of cloud services.  I simply don't trust that model, full, stop, period. 

     

    This is not what I signed up for and I would like to keep it that way. I can appreciate some of the business benefits explained and I respect that, but also one have to respect our privacy. 

     

     

    Yes a detailed doc is forthcoming.  It's going to say: if you have not installed the 'My Servers' plugin then no interaction with outside servers takes place with one exception:

    • If you download a Let's Encrypt SSL cert then a background daemon is activated which updates the DNS A-record on our DNS server, and also wakes up every 24 hours to see if time to auto-renew the cert.  If you don't want this to happen, then don't download a LE cert.

     

    Note you can always create a new Forum account during the Sign-in/Sign-up process dedicated to this purpose.

    • Like 3
    Link to comment
    3 minutes ago, sirkuz said:

    Hello and thanks!

     

    USB Creator tool doesn't yet list 6.10.0-rc1 under the "Next" selection area. Are you recommending I use it to reinstall 6.8.3 on to the flash drive, copy over my backup again to the drive and then attempt the upgrade via gui to 6.10.0-rc1 again?

     

    No that's a bug in our release process.  Standby, we'll fix it ...

    • Thanks 1
    Link to comment
    11 minutes ago, sirkuz said:

    Hello and thanks!

     

    USB Creator tool doesn't yet list 6.10.0-rc1 under the "Next" selection area. Are you recommending I use it to reinstall 6.8.3 on to the flash drive, copy over my backup again to the drive and then attempt the upgrade via gui to 6.10.0-rc1 again?

     

    No that's a bug in our release process.  Fixed now, please try again.

    Link to comment
    8 minutes ago, limetech said:

     

    Yes a detailed doc is forthcoming.  It's going to say: if you have not installed the 'My Servers' plugin then no interaction with outside servers takes place with one exception:

    • If you download a Let's Encrypt SSL cert then a background daemon is activated which updates the DNS A-record on our DNS server, and also wakes up every 24 hours to see if time to auto-renew the cert.  If you don't want this to happen, then don't download a LE cert.

     

    Note you can always create a new Forum account during the Sign-in/Sign-up process dedicated to this purpose.

     

    Thank you Sir and looking forward more details. Cheers

    Link to comment
    On 8/7/2021 at 3:13 PM, eoghan said:

    I no longer have access to the webui every time I try to access it the URL rewrites itself e.g.

     

    If my servers IP in 192.168.1.4 it rewrites to the domain name I set within the webui with I expect however since updating it not appends the servers friendly name to the start of the domain name. My server is called on my network media-server. So unraid is now rewriting the URL from unraid.example.com to media-server.unraid.example.com.

     

     

    Quote

     

    I would love to know why with this update that the URL that I have set in 6.9 suddenly changes in this update to something completely different to what's set.


     

     

    Quote

    I have Unraids local tld set as unraid.eoghan-net.com and i have also set that on haproxy via pfsense so that i can access the webui without using the IP for remote management via VPN once i updated to 6.10 the domain somehow changed to media-server.unraid.eoghan-net.com

     

    Thanks for the diagnostics, it clears up a lot.

     

    It seems there was some confusion over how to setup SSL in earlier versions. Your current setup is not correct for what you are trying to do. I honestly don't know how it even worked for you in 6.9 :) 

     

    If the server is forced to generate a redirect to itself in 6.10, the url will be:
      http[s]://[Server Name].[Local TLD]

     

    The Server Name is set on the Settings -> Identification page. It defaults to "tower".

     

    The Local TLD is set on the Settings -> Management Access page. It defaults to "local".

     

    "Use SSL/TLS" can be found on Settings -> Management Access page too. In 6.9 it defaults to "Auto" (which means "no" unless you have defined a certificate, then it means "yes"). In 6.10 it defaults to "no".

     

    So the default url to a new server is:
      http://tower.local

    This will work on most networks out of the box, with no special configuration needed to make ".local" work as the Local TLD.

     

    Your settings are:
      Server Name: Media-Server
      Local TLD: unraid.eoghan-net.com
      Use SSL/TLS: yes
    Therefore your url is:
      https://media-server.unraid.eoghan-net.com

     

    If you want the url to be:
      https://unraid.eoghan-net.com
    Then you should setup your system this way:
      Server Name: unraid
      Local TLD: eoghan-net.com
      Use SSL/TLS: yes

     

    Note: For a custom domain name to work, you need to setup your own DNS entry that points unraid.eoghan-net.com at your server's IP address. Unraid cannot manage that DNS entry for you.

     

    With "Use SSL/TLS" set to yes, the system will generate a self-signed cert for unraid.eoghan-net.com, which you can replace with your own cert if you have one.

    Link to comment
    6 hours ago, Mik3 said:

    2) After upgrading I had trouble logging in as the webGUI would not present and I would get only a DNS ERR_NAME_NOT_RESOLVED. I fixed this but changing my computer DNS and then I was able to log in but this is not the correct behaviour in my opinion. I have SSL in Auto mode so what I expect is that if no internet is present at home or DNS server is down I should be able to connect to the webgui using a simple HTTPS://UNRAID_IP. This would give me a cert error but still able to connect and log in. I was able to do this in the 6.9.2 version.

     

    A full and proper SSL cert has to have a fully qualified domain name such as yourpersonalhash.unraid.net, and that of course requires DNS to resolve to an IP address. It becomes somewhat inconvenient if your Internet goes down and you lose DNS.

     

    In 6.9 we allowed the server to respond to https://ipaddress. But security is a huge focus of 6.10 and one of the changes we made is to ensure that the server only responds to urls that are in the certificate.

     

    In 6.10 there are two ways to get around this:

     

    1) On Settings -> Management Access set "Use SSL/TLS" to "yes" instead of "auto".  When you set it to "yes", then Unraid also creates a self-signed certificate valid for https://[computername].[localTLD] . If you access http://ipaddress it will redirect you to https://[computername].[localTLD] which should work even without DNS resolution.

     

    2) "Auto" is the most secure option, as the ONLY way to access the server is through https://yourpersonalhash.unraid.net.  If your Internet goes down then you can use telnet, ssh, or a local keyboard/mouse to connect to the server and run "use_ssl no" or "use_ssl yes". That will change the "Use SSL/TLS" setting so you can now access the server without DNS. Once your Internet comes back, you can go to Settings -> Management Access and change it back to auto.

    Link to comment



    Guest
    This is now closed for further comments

  • Status Definitions

     

    Open = Under consideration.

     

    Solved = The issue has been resolved.

     

    Solved version = The issue has been resolved in the indicated release version.

     

    Closed = Feedback or opinion better posted on our forum for discussion. Also for reports we cannot reproduce or need more information. In this case just add a comment and we will review it again.

     

    Retest = Please retest in latest release.


    Priority Definitions

     

    Minor = Something not working correctly.

     

    Urgent = Server crash, data loss, or other showstopper.

     

    Annoyance = Doesn't affect functionality but should be fixed.

     

    Other = Announcement or other non-issue.