Leaderboard

tldr: If you are running Unraid OS 6 version 6.8.1 or later, the following does not apply (mitigations are in place). If you are running any earlier Unraid OS 6 release, i.e., 6.8.0 and earlier, please read on. On Jan 5, 2020 we were informed by a representative from sysdream.com of security vulnerabilities they discovered in Unraid OS. Their report is attached to this post. At the time, version 6.8.0 was the stable release. The most serious issue concerns version 6.8.0. Here they discovered a way to bypass our forms-based authentication and look at the contents of various webGUI pages (that is, without having to log in first). Then using another exploit, they were further able to demonstrate the ability to inject "arbitrary code execution". Someone clever enough could use this latter exploit to execute arbitrary code on a server. (That person would have to have access to the same LAN as the server, or know the IP address:port of the server if accessible via the Internet.) Even in versions prior to 6.8.0, the "arbitrary code execution" vulnerability exists if an attacker can get you to visit a webpage using a browser that is already logged into an Unraid server (and they know or can guess the host name of the server). In this case, clicking the link could cause injection of code to the server. This is similar to the CSRF vulnerability we fixed a few years ago. In summary, sysdream.com recognizes 3 vulnerabilities: That it's possible to bypass username/password authentication and access pages directly in v6.8.0. That once authentication is bypassed, it's possible to inject and have server execute arbitrary code. That even if bug #1 is fixed, #2 is still possible if attacker can get you to click a link using browser already authenticated to your Unraid server (6.8.0 and all earlier versions of Unraid 6). Mitigations are as follows: First, if you are running version 6.8.0, either upgrade to latest stable release, or downgrade to an earlier release and install the sysdream mitigation plugin. We are not going to provide a mitigation plugin for 6.8.0. If you are running any 6.6 or 6.7 Unraid release, the best course of action is to upgrade to the latest stable release; otherwise, please install this mitigation plugin: https://raw.githubusercontent.com/limetech/sysdream/master/sysdream.plg This plugin will make a small patch to the webGUI template.php file in order to prevent arbitrary code execution. This plugin will work with all 6.6.x and 6.7.x releases and should also be available via Community Apps within a couple hours. We are not going to provide a mitigation for Unraid releases 6.5.x and earlier. If you are running an earlier release and cannot upgrade for some reason, please send us an email: [email protected]. I want to thank sysdream.com for bringing this to our attention, @eschultz for initial testing and fixes, and @bonienl for creation of the sysdream mitigation plugin. I also want to remind everyone: please set a strong root password, and carefully consider the implications and security measures necessary if your server is accessible via the Internet. Finally, try and keep your server up-to-date. VULNERABILITY_DISCLOSURE.pdf

It's a good blog/article. Thanks. As for ideas: disable SSH OOTB. Reason: Root has no password yet. Some people have their 22 port already open for other devices they manage on their network. A warning popup before letting the user turn on SSH, unless the user has: 1. ideally set up SSH keys; or 2. At a minimum, set a strong password; or 3. They're network is internal only (i.e. 22 isn't forwarded) ...or is this thread for users rather than for Lime? If it's for users only - install the SSH plugin by @docgyver and disable root SSH login, disable passwords, pick/make a non-root user for SSH functions and only use keys. Some people also recommend not using the default port 22. It's much more secure to SSH as a limited user, with keys, and su to root if you need root. I really hope that Lime integrate these SSH features into the OS from the outset because it's essential OS security that is currently being provided by a volunteer. Bless him/her

@limetech Not to be that guy but are we expecting a 6.9 RC soonish? I cannot use 6.8 due to BTRFS issues on 4.19 kernel. I am currently on 6.8RC7 due to kernel 5.3. Thanks again.

Also, either tonight or tomorrow an update to Fix Common Problems will be issued which will flag an error on affected systems if you do not have this plugin installed. See here

Application Name: Nextcloud Application Site: https://nextcloud.com/ Docker Hub: https://hub.docker.com/r/linuxserver/nextcloud/ Github: https://github.com/linuxserver/docker-nextcloud Note: Requires MariaDB or MySQL, please note the issues with binlogging detailed here. This is a Nextcloud issue which we have no control over. https://info.linuxserver.io/issues/2023-06-25-nextcloud/ For setup guide please see the article on our website here. Image is now upgrading Nextcloud internally For upgrading the Nextcloud version there are 3 options. 1. Update via the webui when the upgrade shows as available. 2. Update from the terminal when the upgrade shows as available with: docker exec -it nextcloud updater.phar 3. Manual upgrade using occ. ##Turn on maintenance mode docker exec -it nextcloud occ maintenance:mode --on ##Backup current nextcloud install docker exec -it nextcloud mv /config/www/nextcloud /config/www/nextcloud-backup ##Grab newest nextcloud release and unpack it docker exec -it nextcloud wget https://download.nextcloud.com/server/releases/latest.tar.bz2 -P /config docker exec -it nextcloud tar -xvf /config/latest.tar.bz2 -C /config/www ##Copy across old config.php from backup docker exec -it nextcloud cp /config/www/nextcloud-backup/config/config.php /config/www/nextcloud/config/config.php ##Now Restart docker container docker restart nextcloud ##Perform upgrade docker exec -it nextcloud occ upgrade ##Turn off maintenance mode docker exec -it nextcloud occ maintenance:mode --off ## Now Restart docker container docker restart nextcloud Once all is confirmed as working: ##Remove backup folder docker exec -it nextcloud rm -rf /config/www/nextcloud-backup ##Remove Nextcloud tar file docker exec -it nextcloud rm /config/latest.tar.bz2 Please post any questions/issues relating to this docker you have in this thread. If you are not using Unraid (and you should be!) then please do not post here, instead head to linuxserver.io to see how to get support.

Support for Nginx Proxy Manager docker container Application Name: Nginx Proxy Manager Application Site: https://nginxproxymanager.jc21.com Docker Hub: https://hub.docker.com/r/jlesage/nginx-proxy-manager/ Github: https://github.com/jlesage/docker-nginx-proxy-manager Make sure to look at the complete documentation, available on Github ! Post any questions or issues relating to this docker in this thread.

"WordPress is an open source software you can use to create a website, blog, or app." Used it on unraid for years for development, but also works fine in production, The only "flaw" that I have found is that the WP instances only see the internal IP address, not the external ones eg. WP can not see the ip address of the remote computer. I know it is a solution but have not found a good one yet (IF anyone do, please let me know) Please use this support for unraid/docker issues/questions only, WordPress itself have a huge community to answer all WordPress related questions.

I asked ASRock sales three times if the E3C246D4U motherboard (or any other C246 MB with IPMI) would support both graphics output from the AST2500 for IPMI AND the iGPU for transcoding. They never answered me. I finally made the same inquiry through the support contact form and got an almost immediate response from WIlliam Lee in ASRock US support. He has always answered my questions. He even sent me a BIOS for the E3C246D4U that supports exactly what I needed (AST2500/IPMI graphics and iGPU for transcoding). Try the support channels instead of Sales.

Pre-clearing it can be a good idea as that speeds up adding it to a new drive slot. However I would avoid plugging it in at all if not needed unless there Is a reason such as not being able to easily access the server.

I would also suggest you do not add an additional drive to the array if you do not need it yet. It just adds a potential additional point of failure. You might want to just leave it on the shelf until needed.

You can remove the original drive and use its connection for the new drive.. That original drive is not being used now (disabled and emulated) and it is not used during rebuild.

it is worth pointing out that you can continue to use the array while parity is being rebuilt (although performance may well be degraded). The problem with removing a drive is that you cannot remove a drive without affecting parity unless it is all zeroes. The moment you format a drive to create an empty file system on it this is no longer the case, What you want could theoretically be done using the Alternative method on This link. however it does not seem to offer any advantage over the method previously discussed. it is really up to you which route you follow for a replacement. If Amazon will replace it then you will get a new drive. However depending on how long you have had it they may well tell you to take the RMA route anyway. If you get a replacement drive then you could simply rebuild onto the replacement without using Unbalance to clear the emulated drive as the rebuild process simply ends up putting whatever is showing on the emulated drive onto the replacement.

I can't find where it was discussed with a quick search, but the upshot is that XFS is reserving more space than was previously used for advanced file system features and recovery.

The easiest thing would be to replace the failed drive with a new one and rebuild it. However if you are not going to have a drive available to that then your best bet is as you say to transfer the contents of the emulated to the empty drive in the array. When that completes you can use the Tools->New Config option to reset the array to not include the failed drive, and rebuild parity to match the new configuration. Until that all completes you will be running without protection against another drive failing.

Hello, i followed this guide: Now i have a huge problem: I cant connect to my cloud via the subdomain.domain. i get the following error: ERR_TOO_MANY_REDIRECT If i try to connect through the dubdomain over duckdns.org i get the following error: Welcome to our server The website is currently being setup under this address. For help and support, please contact: [email protected] I made replicatet every step of the video but i cant get it to work. Last week i tried it with a trial version of unraid on a testbench and it worked somehow. Now i used my nas system, uninstalled freenas, installed unraid. setup my shares etc etc. Followed this guide and i cant get my cloud up and running.... what am i missing? appdata\nextcloud\www\nextcloud\config <?php $CONFIG = array ( 'memcache.local' => '\\OC\\Memcache\\APCu', 'datadirectory' => '/data', 'instanceid' => 'ocm7momg2n03', 'passwordsalt' => 'XC/+qO5UmkF3GoZ7VZKnrugEcoRSPI', 'secret' => 'oTB/On0QGj8avfZ3+u9eB/gc9pc3d7LxV3ObYAGZCJOwFvnG', 'trusted_domains' => array ( 0 => '192.168.178.55:444', 1 => 'nextcloud.domain.de', ), 'dbtype' => 'mysql', 'version' => '18.0.0.10', 'overwrite.cli.url' => 'https://nextcloud.domain.de', 'overwritehost' => 'nextcloud.domain.de', 'overwriteprotocol' => 'https', 'dbname' => 'nextcloud', 'dbhost' => '192.168.178.55:3306', 'dbport' => '', 'dbtableprefix' => 'oc_', 'mysql.utf8mb4' => true, 'dbuser' => 'nextcloud', 'dbpassword' => 'password', 'installed' => true, ); appdata\letsencrypt\nginx\proxy-confs # make sure that your dns has a cname set for nextcloud # assuming this container is called "letsencrypt", edit your nextcloud container's config # located at /config/www/nextcloud/config/config.php and add the following lines before the ");": # 'trusted_proxies' => ['letsencrypt'], # 'overwrite.cli.url' => 'https://nextcloud.your-domain.com/', # 'overwritehost' => 'nextcloud.your-domain.com', # 'overwriteprotocol' => 'https', # # Also don't forget to add your domain name to the trusted domains array. It should look somewhat like this: # array ( # 0 => '192.168.0.1:444', # This line may look different on your setup, don't modify it. # 1 => 'nextcloud.your-domain.com', # ), server { listen 443 ssl; listen [::]:443 ssl; server_name nextcloud.domain.de; include /config/nginx/ssl.conf; client_max_body_size 0; location / { include /config/nginx/proxy.conf; resolver 127.0.0.11 valid=30s; set $upstream_nextcloud nextcloud; proxy_max_temp_file_size 2048m; proxy_pass https://$upstream_nextcloud:443; } } dns is over cloudflare: duckdns has my wan ip. i think the error is somewhere in my config inside unraid. but dont know what is wrong..... Hope i didnt forgot anything so far. The guide works. even after putting letsencrypt and nextcloud in its own network. edit1: OK nevermind. I redid the appdata\nextcloud\www\nextcloud\config. just copied the entries from the appdata\letsencrypt\nginx\proxy-confs and changed them. now it worked. Maybe because the line with netsencript was missing... now its working! edit2: on my computer it is working, but on my mobile phone i cant connect it. redirect error...... edit3: i tried it on a different computer in a different network. Redirect error. Now i get the error on my computer too and on this computer it worked for some time. wtf is wrong with this software?

So i got the Docker Container running. Just map the folder like above (without the files) and map the Port 1935. Than start the docker container, you may got an Error in Logs. Then move to your appdata folder e.g. /mnt/appdata/rtmpserver/nginx and make a text file. Rename it to nginx.conf . Open the "new" file with notepad and paste the following: user nginx; worker_processes auto; rtmp_auto_push on; events {} rtmp { server { listen [::]:1935 ipv6only=off; application live { live on; } } } Save and start the Container. Now it should run. You can test this with VLC Player just use rtmp://urserverip:1935/live/test For your Streaming Project: 1.Use OBS and the Plugin NDI for OBS. 2.Install OBS + NDI on each gaming machine. 3.Set up OBS on each Gaming Machine --> Tools --> NDI Output settings (give every Gaming VM a different NDI name) 4.Setup a new VM or use another PC an install OBS + NDI. --> Move to OBS and add an NDI Source (for every Gaming VM) --> Setup Streaming Settings pointing to your created RMTP Server (eg rmtp://192.168.178.100:1935/live/test) 5. now you can arrange your Gaming VM in some Sort of Split Screen 6. Hit Start Streaming and Have Fun If you want to push your RMTP stream to twitch or something like that you have to change your nginx.conf ( push rtmp://<other streaming service rtmp url>/<stream key>) Sources: https://obsproject.com/forum/resources/how-to-set-up-your-own-private-rtmp-server-using-nginx.50/ https://github.com/DvdGiessen/nginx-rtmp-docker Sorry for the long Post. I'm new in this Forum Stuff. Hoped i could helped.

I second this. I'm sure there are a LOT of us still on 6.8-RCx for one reason or another. I thought releasing 6.9RC series at the same time as 6.8 stable was a great plan, but it's almost 2 months later.

Pls note WD / Easystore enclosure often can't direct access the disk by system again if disk not format/partitioning under it. Pls don't. Sorry, I leave now, may follow later.

That error message suggest Unraid cannot find thebUSB stick during the later stages of the boot process. NTFS will not work! How did you create the drive? If you manually formatted it what size is the drive (Windows/MacOS do not format drives larger than 32Gb to FAT32). The drive must be labelled as UNRAID (all capitals). What make/model of USB drive are you using? if possible use a USB2 port as some motherboards seem to have trouble handling USB 3 correctly during the booting sequence.

I no longer have transcoding to RAM configured for this reason. It was fine for a long time with HDHomeRun recorded shows, but, Plex changed something recently with how transcoding works that requires a lot more RAM/disk space when recording TV shows. I would see the same thing if two overlapping shows were scheduled to record. The first one would record without issue and the second one would fail. I have 32GB RAM in my server. I think it has something to do with being able to playback, FF/Rew a show while it is still recording and the setting mentioned below. I switched transcoding to a 1TB SSD (which also has other uses) and no longer have the problem. You might also try setting "Convert Video While Recording" to Off as this will use more RAM. Do that first and see if it makes a difference. If not, you may need either more RAM or a different transcoding location.

@Fiservedpi As of right now it doesn't connect to Radarr. You can have 2 types of movie based notifications though, triggered by the self-generated Tautulli recently added webhook. There is an All Movies react role and a New Movies react role (set if the movie was released within the last 9 months). These can be enabled with `!notifications edit`. I have a few cool ideas brewing that may need a Radarr connection, so that may be a thing in the future.

Sorry it has been a while since I made this post but life has been getting in the way of playing with this new setup. I was recently asked a question about the Asrock board and I tried to answer as best I could and thought I would pate that answer here in case anyone else was curious. As stated in this reply if anyone has questions I will do my best to answer but I am no expert, just someone who like to play. So far (only really been running it for a week now) everything is looking very nice. I currently have multiple dockers (Unmaniac, unifi controller, tatulli, ombi, sickchill, radarr, nextcloud, and a few others, Plex will be migrated to it in the soonish future) as well as a VM with a 980 passed through to it, and one more lightweight VM running True Command for freenas and it has not faltered...yet, again it has only been a week. I did have problems getting the Gaming VM to start with the 980 and its audio passed through. I currently have an old amd card in slot one and the 980 in slot 3 (both full x16) which I did not want. I wanted only the 980 in slot one and no other vid card to save on the PCIe slots. In the end I had to add a line to a config file for the 980 to pass through. In the future I will probably try and make it work with just the one card again. As for the board I was a little concerned with the power phases as a lot of other boards have 16 and if I recall this one has 8, but so far no issue at all, and I don't plan to do any big overclocks as I want stability so should not be an issue. After I bought the board Wendell at Levelone techs did a review on it and set aside a lot of my worries. I will put the video at the bottom. I am by no means an expert in any of this, just some one who likes to play around so if there are more questions I will do my best to answer, but I may not always be right as a heads up. As for IOMMU groupings here is what I see under system devices IOMMU group 0:[1022:1482] 00:01.0 Host bridge: Advanced Micro Devices, Inc. [AMD] Starship/Matisse PCIe Dummy Host Bridge IOMMU group 1:[1022:1483] 00:01.1 PCI bridge: Advanced Micro Devices, Inc. [AMD] Starship/Matisse GPP Bridge IOMMU group 2:[1022:1482] 00:02.0 Host bridge: Advanced Micro Devices, Inc. [AMD] Starship/Matisse PCIe Dummy Host Bridge IOMMU group 3:[1022:1482] 00:03.0 Host bridge: Advanced Micro Devices, Inc. [AMD] Starship/Matisse PCIe Dummy Host Bridge IOMMU group 4:[1022:1482] 00:04.0 Host bridge: Advanced Micro Devices, Inc. [AMD] Starship/Matisse PCIe Dummy Host Bridge IOMMU group 5:[1022:1482] 00:05.0 Host bridge: Advanced Micro Devices, Inc. [AMD] Starship/Matisse PCIe Dummy Host Bridge IOMMU group 6:[1022:1482] 00:07.0 Host bridge: Advanced Micro Devices, Inc. [AMD] Starship/Matisse PCIe Dummy Host Bridge IOMMU group 7:[1022:1484] 00:07.1 PCI bridge: Advanced Micro Devices, Inc. [AMD] Starship/Matisse Internal PCIe GPP Bridge 0 to bus[E:B] IOMMU group 8:[1022:1482] 00:08.0 Host bridge: Advanced Micro Devices, Inc. [AMD] Starship/Matisse PCIe Dummy Host Bridge IOMMU group 9:[1022:1484] 00:08.1 PCI bridge: Advanced Micro Devices, Inc. [AMD] Starship/Matisse Internal PCIe GPP Bridge 0 to bus[E:B] IOMMU group 10:[1022:790b] 00:14.0 SMBus: Advanced Micro Devices, Inc. [AMD] FCH SMBus Controller (rev 61) [1022:790e] 00:14.3 ISA bridge: Advanced Micro Devices, Inc. [AMD] FCH LPC Bridge (rev 51) IOMMU group 11:[1022:1490] 00:18.0 Host bridge: Advanced Micro Devices, Inc. [AMD] Starship Device 24; Function 0 [1022:1491] 00:18.1 Host bridge: Advanced Micro Devices, Inc. [AMD] Starship Device 24; Function 1 [1022:1492] 00:18.2 Host bridge: Advanced Micro Devices, Inc. [AMD] Starship Device 24; Function 2 [1022:1493] 00:18.3 Host bridge: Advanced Micro Devices, Inc. [AMD] Starship Device 24; Function 3 [1022:1494] 00:18.4 Host bridge: Advanced Micro Devices, Inc. [AMD] Starship Device 24; Function 4 [1022:1495] 00:18.5 Host bridge: Advanced Micro Devices, Inc. [AMD] Starship Device 24; Function 5 [1022:1496] 00:18.6 Host bridge: Advanced Micro Devices, Inc. [AMD] Starship Device 24; Function 6 [1022:1497] 00:18.7 Host bridge: Advanced Micro Devices, Inc. [AMD] Starship Device 24; Function 7 IOMMU group 12:[1002:68f9] 01:00.0 VGA compatible controller: Advanced Micro Devices, Inc. [AMD/ATI] Cedar [Radeon HD 5000/6000/7350/8350 Series] [1002:aa68] 01:00.1 Audio device: Advanced Micro Devices, Inc. [AMD/ATI] Cedar HDMI Audio [Radeon HD 5400/6300/7300 Series] IOMMU group 13:[1022:148a] 02:00.0 Non-Essential Instrumentation [1300]: Advanced Micro Devices, Inc. [AMD] Starship/Matisse PCIe Dummy Function IOMMU group 14:[1022:1485] 03:00.0 Non-Essential Instrumentation [1300]: Advanced Micro Devices, Inc. [AMD] Starship/Matisse Reserved SPP IOMMU group 15:[1022:148c] 03:00.3 USB controller: Advanced Micro Devices, Inc. [AMD] Starship USB 3.0 Host Controller IOMMU group 16:[1022:1482] 20:01.0 Host bridge: Advanced Micro Devices, Inc. [AMD] Starship/Matisse PCIe Dummy Host Bridge IOMMU group 17:[1022:1482] 20:02.0 Host bridge: Advanced Micro Devices, Inc. [AMD] Starship/Matisse PCIe Dummy Host Bridge IOMMU group 18:[1022:1482] 20:03.0 Host bridge: Advanced Micro Devices, Inc. [AMD] Starship/Matisse PCIe Dummy Host Bridge IOMMU group 19:[1022:1483] 20:03.1 PCI bridge: Advanced Micro Devices, Inc. [AMD] Starship/Matisse GPP Bridge IOMMU group 20:[1022:1482] 20:04.0 Host bridge: Advanced Micro Devices, Inc. [AMD] Starship/Matisse PCIe Dummy Host Bridge IOMMU group 21:[1022:1482] 20:05.0 Host bridge: Advanced Micro Devices, Inc. [AMD] Starship/Matisse PCIe Dummy Host Bridge IOMMU group 22:[1022:1482] 20:07.0 Host bridge: Advanced Micro Devices, Inc. [AMD] Starship/Matisse PCIe Dummy Host Bridge IOMMU group 23:[1022:1484] 20:07.1 PCI bridge: Advanced Micro Devices, Inc. [AMD] Starship/Matisse Internal PCIe GPP Bridge 0 to bus[E:B] IOMMU group 24:[1022:1482] 20:08.0 Host bridge: Advanced Micro Devices, Inc. [AMD] Starship/Matisse PCIe Dummy Host Bridge IOMMU group 25:[1022:1484] 20:08.1 PCI bridge: Advanced Micro Devices, Inc. [AMD] Starship/Matisse Internal PCIe GPP Bridge 0 to bus[E:B] IOMMU group 26:[10de:13c0] 21:00.0 VGA compatible controller: NVIDIA Corporation GM204 [GeForce GTX 980] (rev a1) [10de:0fbb] 21:00.1 Audio device: NVIDIA Corporation GM204 High Definition Audio Controller (rev a1) IOMMU group 27:[1022:148a] 22:00.0 Non-Essential Instrumentation [1300]: Advanced Micro Devices, Inc. [AMD] Starship/Matisse PCIe Dummy Function IOMMU group 28:[1022:1485] 23:00.0 Non-Essential Instrumentation [1300]: Advanced Micro Devices, Inc. [AMD] Starship/Matisse Reserved SPP IOMMU group 29:[1022:1486] 23:00.1 Encryption controller: Advanced Micro Devices, Inc. [AMD] Starship/Matisse Cryptographic Coprocessor PSPCPP IOMMU group 30:[1022:148c] 23:00.3 USB controller: Advanced Micro Devices, Inc. [AMD] Starship USB 3.0 Host Controller IOMMU group 31:[1022:1487] 23:00.4 Audio device: Advanced Micro Devices, Inc. [AMD] Starship/Matisse HD Audio Controller IOMMU group 32:[1022:1482] 40:01.0 Host bridge: Advanced Micro Devices, Inc. [AMD] Starship/Matisse PCIe Dummy Host Bridge IOMMU group 33:[1022:1483] 40:01.1 PCI bridge: Advanced Micro Devices, Inc. [AMD] Starship/Matisse GPP Bridge IOMMU group 34:[1022:1483] 40:01.2 PCI bridge: Advanced Micro Devices, Inc. [AMD] Starship/Matisse GPP Bridge IOMMU group 35:[1022:1483] 40:01.3 PCI bridge: Advanced Micro Devices, Inc. [AMD] Starship/Matisse GPP Bridge IOMMU group 36:[1022:1482] 40:02.0 Host bridge: Advanced Micro Devices, Inc. [AMD] Starship/Matisse PCIe Dummy Host Bridge IOMMU group 37:[1022:1482] 40:03.0 Host bridge: Advanced Micro Devices, Inc. [AMD] Starship/Matisse PCIe Dummy Host Bridge IOMMU group 38:[1022:1483] 40:03.1 PCI bridge: Advanced Micro Devices, Inc. [AMD] Starship/Matisse GPP Bridge IOMMU group 39:[1022:1482] 40:04.0 Host bridge: Advanced Micro Devices, Inc. [AMD] Starship/Matisse PCIe Dummy Host Bridge IOMMU group 40:[1022:1482] 40:05.0 Host bridge: Advanced Micro Devices, Inc. [AMD] Starship/Matisse PCIe Dummy Host Bridge IOMMU group 41:[1022:1482] 40:07.0 Host bridge: Advanced Micro Devices, Inc. [AMD] Starship/Matisse PCIe Dummy Host Bridge IOMMU group 42:[1022:1484] 40:07.1 PCI bridge: Advanced Micro Devices, Inc. [AMD] Starship/Matisse Internal PCIe GPP Bridge 0 to bus[E:B] IOMMU group 43:[1022:1482] 40:08.0 Host bridge: Advanced Micro Devices, Inc. [AMD] Starship/Matisse PCIe Dummy Host Bridge IOMMU group 44:[1022:1484] 40:08.1 PCI bridge: Advanced Micro Devices, Inc. [AMD] Starship/Matisse Internal PCIe GPP Bridge 0 to bus[E:B] IOMMU group 45:[1022:57ad] 41:00.0 PCI bridge: Advanced Micro Devices, Inc. [AMD] Matisse Switch Upstream IOMMU group 46:[1022:57a3] 42:02.0 PCI bridge: Advanced Micro Devices, Inc. [AMD] Matisse PCIe GPP Bridge IOMMU group 47:[1022:57a3] 42:03.0 PCI bridge: Advanced Micro Devices, Inc. [AMD] Matisse PCIe GPP Bridge IOMMU group 48:[1022:57a3] 42:04.0 PCI bridge: Advanced Micro Devices, Inc. [AMD] Matisse PCIe GPP Bridge IOMMU group 49:[1022:57a3] 42:05.0 PCI bridge: Advanced Micro Devices, Inc. [AMD] Matisse PCIe GPP Bridge IOMMU group 50:[1022:57a4] 42:08.0 PCI bridge: Advanced Micro Devices, Inc. [AMD] Matisse PCIe GPP Bridge [1022:1485] 47:00.0 Non-Essential Instrumentation [1300]: Advanced Micro Devices, Inc. [AMD] Starship/Matisse Reserved SPP [1022:149c] 47:00.1 USB controller: Advanced Micro Devices, Inc. [AMD] Matisse USB 3.0 Host Controller [1022:149c] 47:00.3 USB controller: Advanced Micro Devices, Inc. [AMD] Matisse USB 3.0 Host Controller IOMMU group 51:[1022:57a4] 42:09.0 PCI bridge: Advanced Micro Devices, Inc. [AMD] Matisse PCIe GPP Bridge [1022:7901] 48:00.0 SATA controller: Advanced Micro Devices, Inc. [AMD] FCH SATA Controller [AHCI mode] (rev 51) IOMMU group 52:[1022:57a4] 42:0a.0 PCI bridge: Advanced Micro Devices, Inc. [AMD] Matisse PCIe GPP Bridge [1022:7901] 49:00.0 SATA controller: Advanced Micro Devices, Inc. [AMD] FCH SATA Controller [AHCI mode] (rev 51) IOMMU group 53:[1b21:3242] 43:00.0 USB controller: ASMedia Technology Inc. Device 3242 IOMMU group 54:[1d6a:07b1] 44:00.0 Ethernet controller: Aquantia Corp. AQC107 NBase-T/IEEE 802.3bz Ethernet Controller [AQtion] (rev 02) IOMMU group 55:[8086:2723] 45:00.0 Network controller: Intel Corporation Wi-Fi 6 AX200 (rev 1a) IOMMU group 56:[10ec:8125] 46:00.0 Ethernet controller: Realtek Semiconductor Co., Ltd. RTL8125 2.5GbE Controller (rev 01) IOMMU group 57:[8086:f1a8] 4a:00.0 Non-Volatile memory controller: Intel Corporation SSD 660P Series (rev 03) IOMMU group 58:[8086:f1a8] 4b:00.0 Non-Volatile memory controller: Intel Corporation SSD 660P Series (rev 03) IOMMU group 59:[1000:0072] 4c:00.0 Serial Attached SCSI controller: Broadcom / LSI SAS2008 PCI-Express Fusion-MPT SAS-2 [Falcon] (rev 03) IOMMU group 60:[1022:148a] 4d:00.0 Non-Essential Instrumentation [1300]: Advanced Micro Devices, Inc. [AMD] Starship/Matisse PCIe Dummy Function IOMMU group 61:[1022:1485] 4e:00.0 Non-Essential Instrumentation [1300]: Advanced Micro Devices, Inc. [AMD] Starship/Matisse Reserved SPP IOMMU group 62:[1022:1482] 60:01.0 Host bridge: Advanced Micro Devices, Inc. [AMD] Starship/Matisse PCIe Dummy Host Bridge IOMMU group 63:[1022:1482] 60:02.0 Host bridge: Advanced Micro Devices, Inc. [AMD] Starship/Matisse PCIe Dummy Host Bridge IOMMU group 64:[1022:1482] 60:03.0 Host bridge: Advanced Micro Devices, Inc. [AMD] Starship/Matisse PCIe Dummy Host Bridge IOMMU group 65:[1022:1482] 60:04.0 Host bridge: Advanced Micro Devices, Inc. [AMD] Starship/Matisse PCIe Dummy Host Bridge IOMMU group 66:[1022:1482] 60:05.0 Host bridge: Advanced Micro Devices, Inc. [AMD] Starship/Matisse PCIe Dummy Host Bridge IOMMU group 67:[1022:1482] 60:07.0 Host bridge: Advanced Micro Devices, Inc. [AMD] Starship/Matisse PCIe Dummy Host Bridge IOMMU group 68:[1022:1484] 60:07.1 PCI bridge: Advanced Micro Devices, Inc. [AMD] Starship/Matisse Internal PCIe GPP Bridge 0 to bus[E:B] IOMMU group 69:[1022:1482] 60:08.0 Host bridge: Advanced Micro Devices, Inc. [AMD] Starship/Matisse PCIe Dummy Host Bridge IOMMU group 70:[1022:1484] 60:08.1 PCI bridge: Advanced Micro Devices, Inc. [AMD] Starship/Matisse Internal PCIe GPP Bridge 0 to bus[E:B] IOMMU group 71:[1022:148a] 61:00.0 Non-Essential Instrumentation [1300]: Advanced Micro Devices, Inc. [AMD] Starship/Matisse PCIe Dummy Function IOMMU group 72:[1022:1485] 62:00.0 Non-Essential Instrumentation [1300]: Advanced Micro Devices, Inc. [AMD] Starship/Matisse Reserved SPP

Same happening to me running 6.8.2.

see Q5 in the following link:- https://github.com/binhex/documentation/blob/master/docker/faq/vpn.md

This is why I trust unraid, accountability to the people that use your software.Thank you unraid team and developers for all your hard work and dedication! Regards, Shane (new unraid builder) Sent from my iPhone using Tapatalk

Available within CA. Either go to the new apps section or search for sysdream or limetech. If it doesnt appear, then you're not running a version of unraid which the plugin will work on (or isn't needed - 6.8.1 / 6.8.2)

I run a virtualized instance of an enterprise-grade firewall on my box. This keeps viruses and other nasties from penetrating my network and infecting my hardware. But at the same time, my friends with benefits can still gain access to my 9TB worth of Hard Disks for their pleasure. It may be hard to swallow, but taking the time to carefully setup your sever will pay dividends later with all that data going in and out, and in, and out.

hey Maciej, i can report: it works! thanks alot! 😃

I’m in a very similar place with my upcoming build. I believe I’ve done a lot of research and can probably help. 1. TDP is really a limit to what the processor will operate at under load. Also, AMD and Intel calculate TDP differently so it’s harder to do a direct comparison. Idle power is usually considerably lower with Intel CPU’s while Ryzen processors tend to only idle a little lower than their TDP (but also have a lower ceiling in terms of power consumption). That 80W Intel processor will idle about 20-30W below that Ryzen processor. It’s important to consider this because if you’re primarily using your server as a Plex/Emby server, it will be at idle most of the time. The P2000 is limited to 75W max but if it’s just transcoding and nothing else, it will consume very little power. **Ideally, the P2000 when it’s sitting idle should be below 10W but due to a bug somewhere in Plex and the P2000, it will stay in an active state even after transcoding is done which will cause it to consume somewhere closer to 20W. Plex is looking into it but who knows when that will be fixed. 2. I’m not saying that UnRAID with Ryzen is unstable or not adequate, but there are some known quirks that are still in the process of being worked out (especially with the X470D4U and X470D4U2-2T). You will most likely need to set the power state to Typical Idle Power or something similar and you’ll be without some temperature sensors that are nice to have but won’t be in until UnRAID updates their Linux kernel. You also might run into issues with your PSU you are using causing your processor to run at very low speeds. This seems to be correctable but it’s something you need to be aware of. UnRAID updates for Ryzen also tend to cause a few more issues on average than Intel. 3. With the Intel CPU and QuickSync, you should be able to easily do 15+ 1080p transcodes with little effort except for a few changes in your BIOS and in your go file. Otherwise, you can run it with any form of UnRAID as long at it has a newer kernel where your iGPU is supported (generally anything 6.8.0rc-1 and above). With Ryzen and the P2000, you’ll need to install the Nvidia version of UnRAID which isn’t updated as fast as the regular UnRAID version (it’s still relatively fast but if you want to update when a newer version of UnRAID comes out you’ll need to wait for the Nvidia guys to bake in their drivers). Granted, with the P2000, you’ll be able to do 20+ 1080p transcodes with ease. I’m personally leaning toward an E-2288G and Supermicro X11SCH-F (I don’t need 10g and I have a Supermicro chassis). It will cost more, have more security patches in the future that will lower performance, and the CPU won’t be upgradeable. With all that said though, QuickSync is incredibly efficient, the CPU will idle below 40W, I’ll get 2 full speed NVME slots, it will be powerful enough to last me about 5 years, and I can always add a P2000 down the road if I need more transcoding power. Ryzen is a very powerful CPU at a very affordable price and if the newer Linux kernels bring forward some much needed improvements and ASRock keeps updating their BIOS to be better, I might end up going that route. We’ll see what the next few months brings.

Good to hear you managed to migrate to this one. Thank you very much for the donation. Much appreciated!

Back up. We updated the Search feature a few days ago to use "Elasticsearch", not sure if anyone noticed. Searches should be better and faster. However, what happened was it crashed with "java.lang.OutOfMemoryError: Java heap space". We'll keep an eye on it and might have to adjust some settings on Elasticsearch if it happens again.

Another component I've found that is missing is unraid's qemu appears to not be compiled with opengl support. This isn't required to make gvt-g function, but there is a dmabuf function that requires it to link the VM display to the mediated card. You can use a client installed vnc, rdp...maybe looking glass, instead but its a real QoL improvement that isn't there. That said, given how unraid is built its not clear to me if openGL would actually work. The i915 driver must be loaded for this to work, but that might not be the only backend piece missing.

I'm about to try going from rc7 to 6.8 - rc8 failed for me, but I didn't know why until now. I currently have: <cpu mode='host-passthrough' check='none'> <topology sockets='1' cores='6' threads='1'/> <feature policy='require' name='topoext'/> </cpu> will this work for my threadripper and maintain AES-NI support? Thanks <cpu mode='custom' match='exact' check='full'> <model fallback='forbid'>Opteron_G5</model> <vendor>AMD</vendor> <topology sockets='1' cores='6' threads='1'/> <feature policy='require' name='vme'/> <feature policy='require' name='x2apic'/> <feature policy='require' name='tsc-deadline'/> <feature policy='require' name='hypervisor'/> <feature policy='require' name='arat'/> <feature policy='require' name='tsc_adjust'/> <feature policy='require' name='bmi1'/> <feature policy='require' name='mmxext'/> <feature policy='require' name='fxsr_opt'/> <feature policy='require' name='cmp_legacy'/> <feature policy='require' name='cr8legacy'/> <feature policy='require' name='osvw'/> <feature policy='disable' name='rdtscp'/> <feature policy='disable' name='svm'/> </cpu> This is all way beyond my VM level so it's a blind cut & paste job for me.

I like this idea!

Wizardry huh. More like rustiness. In fact, even that filter was kinda heavy-handed - a better version would have been lsblk | grep "crypt" | sed -r 's/[^[:alnum:]]*([[:alnum:]]*) .*/\1/' At any rate, I did hack up that script. You can find it here. EDIT: Moved the script to its own thread.

I changed the advanced settings to SeaBios and drive type to sata and it booted my image right up. Now it cant find eth0 device. So im off to fix that. Thanks for the help.

maybe this: