Leaderboard

Popular Content

Showing content with the highest reputation on 05/12/21 in all areas

  1. Wir freuen uns, Unraid-Lizenzen für Bildungseinrichtungen bereitzustellen 🙂 https://unraid.net/de/blog/unraid-an-bildungseinrichtungen
    2 points
  2. Should be back up. Please let me know if not....
    2 points
  3. Hi, Review the link I gave in my OP (https://github.com/Chia-Network/chia-blockchain/wiki/Farming-on-many-machines) to understand the underlying objectives. Step by step : - copy the mainnet/config/ssl/ca directory of your full node in a path accessible from the container, e.g. appdata/chia - edit the container settings : farmer_address : IP address of your farmer/full node machine farmer_port : 8447 harvester_only : true - start the container - enter the container console - enter "top", you should have only two chia processes : "chia_daemon" and "chia_harvester" - enter the venv : ". ./activate" - stop the running processes : "chia stop -d all" - check the processes stopped properly with "top" - create the keys for the container harvester signed by the farmer node : "chia init -c /root/.chia/ca" (if you copied the famer's ca directory as suggested above, adjust if needed) - restart the harvester : "chia start harvester" - check both logs (container and farmer nodes), you will see successful connections between both nodes if your logs are set at INFO level - if everything is fine, delete the adddata/chia/ca directory so that you don't have multiple copies of your keys around your network as a safety measure
    2 points
  4. Man kann aber ankreuzen bitte um die Zeiten nicht runterfahren, wenn die anderen Gegebenheiten stimmen müsste der dann auch zeitnah runterfahren.
    2 points
  5. Schönes Projekt. Dann hoffen wir, dass das Schule macht 😉
    2 points
  6. Tons of posts related to Windows 10 and SMB as the root cause of the inability to connect to unRaid that were fruitless so I'm recording this easy fix for my future self. If you cannot access your unRaid shares via DNS name ( \\tower ) and/or via ip address ( \\192.168.x.y ) then try this. These steps do NOT require you to enable SMB 1.0; which is insecure. Directions: Press the Windows key + R shortcut to open the Run command window. Type in gpedit.msc and press OK. Select Computer Configuration -> Administrative Templates -> Network -> Lanman Workstation and double click Enable insecure guest logons and set it to Enabled. Now attempt to access \\tower Related Errors: Windows cannot access \\tower Windows cannot access \\192.168.1.102 You can't access this shared folder because your organization's security policies block unauthenticated guest access. These policies help protect your PC from unsafe or malicious devices on the network.
    1 point
  7. This release contains bug fixes and minor improvements. To upgrade: First create a backup of your USB flash boot device: Main/Flash/Flash Backup If you are running any 6.4 or later release, click 'Check for Updates' on the Tools/Update OS page. If you are running a pre-6.4 release, click 'Check for Updates' on the Plugins page. If the above doesn't work, navigate to Plugins/Install Plugin, select/copy/paste this plugin URL and click Install: https://s3.amazonaws.com/dnld.lime-technology.com/stable/unRAIDServer.plg Bugs: If you discover a bug or other issue in this release, please open a Stable Releases Bug Report. Thank you to all Moderators, Community Developers and Community Members for reporting bugs, providing information and posting workarounds. Please remember to make a flash backup! Edit: FYI - we included some code to further limit brute-force login attempts; however, fundamental changes to certain default settings will be made starting with 6.10 release. Unraid OS has come a long way since originally conceived as a simple home NAS on a trusted LAN. It used to be that all protocols/shares/etc were by default "open" or "enabled" or "public" and if someone was interested in locking things down they would go do so on case-by-case basis. In addition, it wasn't so hard to tell users what to do because there wasn't that many things that had to be done. Let's call this approach convenience over security. Now, we are a more sophisticated NAS, application and VM platform. I think it's obvious we need to take the opposite approach: security over convenience. What we have to do is lock everything down by default, and then instruct users how to unlock things. For example: Force user to define a root password upon first webGUI access. Make all shares not exported by default. Disable SMBv1, ssh, telnet, ftp, nfs by default (some are already disabled by default). Provide UI for ssh that lets them upload a public key and checkbox to enable keyboard password authentication. etc. We have already begun the 6.10 cycle and should have a -beta1 available soon early next week (hopefully).
    1 point
  8. Graylog accepts remote syslog messages only if i manually set the protocol/format to RSYSLOG_SyslogProtocol23Format. To do this you currently need to: activate the Remote Syslog Server in the Settings GUI Login via ssh as root and edit /etc/rsyslog.conf, add ";RSYSLOG_SyslogProtocol23Format" to the end of the syslog line *.* @@YOUR_REMOTE_SERVER_IP:514;RSYSLOG_SyslogProtocol23Format Change something in the WEBUI again (not touching the remote syslog options) to reload the rsyslog service After editing the config like this the GUI Options for the Remote syslog server seem to no longer have an effect. Can you add a dropdown for the rsyslog format template options?
    1 point
  9. ...Andere Slots durchprobiert und Energiesparen bzw ASPM auf aus, für PCIe. Ausserdem Fast-Boot usw beim Kaltstart deaktivieren und das Standard Post Programm zulassen. Es fehlen nur die Disks? Der Controller postet aber beim Kaltstart? Wenn, dann im Controller BIOS evtl. nach Timings suchen und zB staggered spinup/ spinup groups aktivieren. Evtl. Braucht das System einfach mehr Zeit zum aufwachen.... Gesendet von meinem SM-G960F mit Tapatalk
    1 point
  10. Dich zu entschuldigen brauchst du nicht. Ich habe ja das Problem und DU hilfst MIR! Das mit NZBGet teste ich aus, wenn ich wieder zuhause bin. Wenn ich soweit bin, gibt's direkt eine Rückmeldung!
    1 point
  11. Unbelivable, thank you for your Great work. Gonna try this now
    1 point
  12. You need to restart the container before the changes will kick in. I don't think those warnings are anything to be worried about, but read through this if you're worried about the health of you farm https://github.com/Chia-Network/chia-blockchain/wiki/Is-my-farm-healthy---I-am-not-finding-proofs
    1 point
  13. Could be a disk, but it's not that uncommon for newer kernels to be slightly slower, and since your CPU is not very powerful and the speed loss is not much my money is more on that.
    1 point
  14. So after the third attempt everything is working as before. Thanks for the help! Next step will be converting the disks from reiser to xfs.
    1 point
  15. Not sure if you CPU is affected, worth checking:
    1 point
  16. Von Windows und macOS wird XFS jedoch nicht nativ unterstützt. Quelle: Wikipedia
    1 point
  17. Most people on the forum are users helping other users, even the Moderators. It is fine, and for many things nobody can help you without diagnostics.
    1 point
  18. I updated the Docker to include a PASS env variable, so you can now override the default
    1 point
  19. I use this linuxserverio plex docker. I named my plex appdata folder plexms, but that isn't really relevant, you could name it plex and that would be OK. But, here is the folder tree below that: So it doesn't look like what you are suggesting will work exactly as you have it, at least for the appdata folders. Note that there is no Info or tmp folders, maybe you created those paths somehow such as for the transcode folder. And the Plex Media Server folder is down a couple of levels. The Multimedia mapping looks like it should work. Maybe just create the plex docker and then after it has created the appdata folders, stop it and put your Plex Media Server folder where it belongs. If everything is working, you shouldn't need to add the library since the whole point of the migration is so appdata will still know where everything is, which is the folder mapped as Multimedia.
    1 point
  20. Out of the box this docker isn't configured optimally for logging, after some research these are two changes I've made to get better logging. Both changes are made to the config.yaml file that will be in chia's appdata folder: change log_level to INFO (from WARNING) change log_stdout to true (from false) Change one adds more useful info to the logs, change two pushes the logs to the standard docker logging mechanism, which means it is visible from the GUI's log button. Happy hunting!
    1 point
  21. Yes, and post the output once it's done.
    1 point
  22. Rebuilding a disk does nor clear an unmountable state as all it does is put onto the physical didk what shows in the emulated disk.
    1 point
  23. It is a third party tool natively integrated. Limetech has not control over the name of the tool or the features. Still, it is good that it works for you. It is possible that this HP UPS might be a APC design.
    1 point
  24. so ive been reading for ages but theres so many pages here, my issue is that when the array is stopped the mergerfs mount is not unmounted casuing unraid to keep retrying indefinately to unmount shares, i have to manually kill the PIDs for rclone mounts to get the array to stop. is there a fix for this? ps -ef | grep /mnt/user to find the PIDs then kill PID to kill it i tried adding fusermount -uz /mnt/user to the cleanup script and run at array stop and that kills all the mounts. but im not sure thats the best way to do it (so this didnt actually work on a reboot) i found that if you set it to : umount -l /mnt/user/mount_mergerfs/gdrive_vfs (my mount) then umount -l /mnt/user/mount_rclone/gdrive_vfs in the cleanup script it finishes without error. seems a bit convoluted to get it working for a clean shutdown.
    1 point
  25. You seem to believe that unRAID is a full Linux distribution. It is not. It may never implement users, permissions and security in the way you would expect of a full Linux distro or any other OS. As a special use appliance OS, unRAID does what it is expected to do in the way it was designed to do it. Are there issues and problems that need to be fixed? Yes, absolutely. Does unRAID need to be completely redesigned to fix these issue? No. Obviously, you can quit using unRAID at any time if it does not meet your needs. It is not for everyone and perhaps it does not do what you want or expect it to do. The hacks are a result of unRAID being used improperly rather than unRAID failing to function in the manner in which it was designed. I would expect to see more emphasis on educating and helping users to implement unRAID and its supporting infrastructure properly rather than a product redesign to address problems it was never intended to address.
    1 point
  26. I noticed that after upgrading from 6.8.3 to 6.9.1 that one of my docker containers (which run's on the host) lost its connectivity to a docker container which runs on a user defined network with its own IP. I could not understand why, as all the settings - including the "Host Access to custom networks" option, were checked. After a little playing, I stopped the array, turned the option off - saved. Then turned the option on - saved. Started the array and communication between the docker containers was restored. I am not sure if I can replicate this now that it has been fixed and I have obviously already upgraded but I hope this serves to help someone else who finds themselves in this situation.
    1 point
  27. A few suggestions if I may, from my experiences in the Cloud Infrastructure World; First, Reviewing Docker Folder Mappings (and to some extent VM Shares). Do all you Docker Containers need read and write access to non appdata folders? If it does, is the scope of the directories restricted to what is needed, or have you given it full read/write to /mnt/user or /mnt/user0 ? For example I need Sonnarr and Radarr to have write access to my TV and Movie Share, so they are restricted to just that, they don't need access to my Personal Photos, or Documents etc. Whereas for Plex, since I don't use the Media Deletion Feature, I dont need Plex, to do anything to those Folders, just read the content. So it has Read Only Permissions in the Docker Config. Additionally, I only have a few containers that need read/write access to the whole server (/mnt/user) and so these are configured to do so, but since they are more "Administration" containers, I keep them off until I need them, most start up in less than 30 seconds. That way, if for whatever reason a container was compromised, the risk is reduced in most cases. Shares on my VM's are kept to only the required directories and mounted as Read Only in the VM. For Docker Containers that use VNC or VMs, set a secure password for the VNC component too, to prevent something on the Network from using it without access (great if you don't have VLAN's etc). This may be "overkill" for some users, but have a look at the Nessus or OpenVAS Containers, and run regular Vulnerability Scans against your Devices / Local Network. I use the Nessus one and (IMO) its the easier of the two to setup, the Essentials (Free) version is limited to 15 IPs, so I scan my unRAID Server, VMs, and a couple of other physical devices and it has SMTP configured so once a week sends me an email with a summary of any issues found, they are categorized by importance as well. I don't think many people do this, but don't use the GUI mode of unRAID as a day to day browser, outside of Setup and Troubleshooting (IMO) it should not be used. Firefox, release updates quite frequently and sometimes they are for CVE's that depending on what sites you visit *could* leave you unprotected. On the "Keeping your Server Up-to-Date" part, while updating the unRAID OS is important, don't forget to update your Docker Containers and Plugins, I use the CA Auto Update for them, and set them to update daily, overnight. Some of the Apps, could be patched for Security Issues, and so keeping the up-to-date is quite useful. Also, one that I often find myself forgetting is the NerdPack Components, I have a few bits installed (Python3, iotop, etc), AFAIK these need to be updated manually. Keeping these Up-to-Date as well is important, as these are more likely to have Security Issues that could be exploited, depending on what you run. Also on the Updates, note, if you have VM's and they are running 24/7 keep these up-to-date too and try and get them as Hardened as possible, these can often be used as a way into your server/network. For Linux Debian/Ubuntu Servers, you can look at Unattended Upgrades, similar alternatives are available for other Distros. For Windows you can configure Updates to Install Automatically and Reboot as needed. Hardening the OS as well, is something I would also recommend, for most common Linux Distros and Windows, there are lots of guides useful online, DigitalOcean is a great source for Linux stuff I have found. If something is not available as a Docker Container or Plugin, don't try and run it directly on the unRAID Server OS itself (unless, its for something physical, e.g. Drivers, or Sensors etc), use a VM (with a Hardened Configuration), keeping only the bare minimum running directly on unRAID, helps to reduce your attack surface. Also, while strictly not part of Security, but it goes Hand in Hand, make sure you have a good Backup Strategy and that all your (important/essential) Data is backed up, sometimes stuff happens and no matter how much you try, new exploits come out, or things get missed and the worst can happen. Having a good backup strategy can help you recover from that, the 321 Backup method is the most common one I see used. If something does happen and you need to restore, where possible, before you start the restore, try and identify what happened, once you have identified the issue, if needed you can restore from Backups to a point in time, where there was no (known) issue, and start from there, making sure you fix whatever the issue was first in your restored server. I have seen a few cases (at work) where peoples Servers have been compromised (typically with Ransomware), they restore from backups, but don't fix the issue (typically a Weak Password for an Admin account, and RDP exposed to the Internet) and within a few hours of restoring, they are compromised again. Other ideas about using SSH Keys, Disabling Telnet/FTP etc, are all good ones, and definitely something to do, and something I would love to see done by default in future releases. EDIT: One other thing I forgot to mention was, setup Notifications for your unRAID server, not all of them will be for Security, but some of the apps like the Fix Common Problems, can alert you for security related issues and you can get notified of potential issues quicker than it may take you to find/discover them yourselves.
    1 point
  28. Nice tips, I just wish it would be easier to setup KeysFile authentication and disable password authentication for the SSH. Just placing your pupkey in the UI and setting a checkbox to disable password auth would be nice. I currently have it setup like ken-ji describes here. Then i edited PasswordAuthentication to "no". Also think about a secure by default approach with future updates. Why not force the user to set a secure password on first load? Why even make shares public by default? Why allow "guest" to access SMB shares by default? Why create a share for the flash in the first place? I get that some of those things make it more convenient, but imo convenience should not compromise security.
    1 point
  29. Everything in /boot/config/ssh/root is now accessible as /root/.ssh so just keep the authorized_keys file in /boot/config/ssh/root and no need to manually copy them over or set permissions
    1 point
  30. I was reading on reddit that some dude solved this by using Postgres instead of MariaDB, but I'm having trouble creating a user in Postgres to test this: https://old.reddit.com/r/unRAID/comments/fy7na5/nextcloud_login_and_navigation_extremely_slow/ Are you able to try this? Edit: Fixed! Ok, I don't know why but the cause of the slowdown was MariaDB. Following the above reddit post, I downloaded Postgres 11 and set up the db using the following commands: su - postgres createuser --interactive --pwprompt [enter desired name e.g. nextcloud] [enter desired password] [confirm desired password] [Superuser?: n] [create databases?: n] [create more roles?: n] createdb nextcloud psql GRANT permissions ON DATABASE nextcloud TO nextcloud Then selected Postgres on the Nextcloud setup page and entered the details. The page actually loads like normal, finally.
    1 point
  31. I've been having a mare with all torrent dockers getting unrar to work, but I found this post so I tried the above on this docker and it didn't work. I then realised it was a post for the binhex version where it worked. Out of interest, does this docker have unrar included and it should have worked?
    1 point
  32. Hey Ich, I'd like to request a DayZ Arma 2 mod docker. Do you think you could add it to your list?
    1 point
  33. Just want to throw this out there, one of the main reasons some of us choose to mess with compose is to get around some of the limitation of the unRAID template system. In particular when it comes to complex multi-container applications, which often use several frontend and backend networks.
    1 point
  34. In the qbittorrent settings "Run external program on torrent completion"
    1 point
  35. Basically install unrar via the nerdpack plugin, then run command on completion: unrar x "%F/*.r*" "%F/"
    1 point