• Posts

  • Joined

  • Last visited

Everything posted by bigmak

  1. I've been trying for way too long to get a split tunnel VPN working... I've searched this post repeatedly but still am a bit confused. My goal: I want to use my home DNS (dual piholes), have access to local IPs, with all external network data skipping the tunnel (limited upload at site). I have a fully working remote tunneled access setup, wg0. This works perfectly on numerous clients. [Interface] #wg0 PrivateKey=deleted= Address= ListenPort=51820 PostUp=logger -t wireguard 'Tunnel WireGuard-wg0 started' PostDown=logger -t wireguard 'Tunnel WireGuard-wg0 stopped' [Peer] #01 PublicKey=deleted= PresharedKey=deleted= AllowedIPs= ===================================== [Interface] #01 PrivateKey=deleted= Address= DNS=, [Peer] #rehoboam PresharedKey=deleted= PublicKey=deleted= AllowedIPs= I have been trying (unsuccessfully) to get a split tunnel up. Here's my current not working config for wg1. [Interface] #wg1 PrivateKey=deleted= Address= ListenPort=51821 PostUp=logger -t wireguard 'Tunnel WireGuard-wg1 started' PostDown=logger -t wireguard 'Tunnel WireGuard-wg1 stopped' [Peer] #01 PublicKey=deleted= PresharedKey=deleted= AllowedIPs=, ====================================== [Interface] #01 PrivateKey=deleted= Address= DNS=, [Peer] #rehoboamsplit PresharedKey=deleted= PublicKey=deleted= AllowedIPs=, I have repeated all configuration changes for the new tunnel including adding static routes and port forwarding. Static routes Port forwarding overview Detail of the new wg1 address, matches 51820 Resulting WAN in firewall Any tips what I'm doing wrong?
  2. Upgraded 6.9.1 to 6.9.2 successfully. Only issue I'm seeing is that all help sections are starting expanded and some can't be minimized.
  3. What's the type of device? If it's a Windows PC running the Wireguard client, you have to edit the tunnel and disable "Block untunneled traffic (kill-switch)".
  4. Static, non pi-hole DNS lookup on main network settings seems to have cleared it up. I'll look through the pihole logs to see if I can see what is being blocked to add to a whitelist. Thanks for the help @Squid, all you do is appreciated.
  5. Shutting array down to change to static public DNS addresses. One question: will changing this make all docker containers on the server now use these for DNS and bypass my piholes? I know this isn't necessarily the right section to ask this question...
  6. I'm currently experiencing problems as well. I assumed it was DNS, made some changes, then came here and saw others are having issues as well. Do you know what specific domain it's trying to reach? Maybe pihole is blocking it on accident? Download of appfeed failed. Community Applications requires your server to have internet access. The most common cause of this failure is a failure to resolve DNS addresses. You can try and reset your modem and router to fix this issue, or set static DNS addresses (Settings - Network Settings) of and and try again. Alternatively, there is also a chance that the server handling the application feed is temporarily down. Last JSON error Recorded: Syntax error
  7. Are you proxying through cloudflare by chance? Cuz you can't proxy wireguard, has to be set to dns only.
  8. Figured I'd post an update to this. I got home, shut the server down, and pulled the USB drive. I then looked through the edited files and saw that when it died, the only changes were in the Wireguard section of the settings. I deleted the Wireguard folder and then reinstalled into the server. It then booted up and ran. Must have created some IP conflict with my changes; I haven't had a chance to do a post-mortem on the files to see what was wrong.
  9. So I failed to follow the old adage of "don't screw with any settings when you're several states away" and got myself into a pickle. Was hoping I could get some advice. Today, I decided to change some settings with my Wireguard configuration. I normally use Wireguard to touch my server over a remote tunneled access, but because I was changing settings I instead did a Chrome Remote Desktop to another PC at my house so I wouldn't drop my connection. From that PC I then browsed local to the server. While I was changing settings (only in the Wireguard section), at one point it paused on hitting Save/Apply which was unusual. I then realized that Unraid was completely unresponsive over the network from that local box. All services (containers, reverse proxies) immediately were offline. My Unraid server doesn't have any remote KVM capabilities. I had my wife tap the power button and a few minutes later it did eventually shutdown. I had her reboot it afterwards. It is still completely unresponsive over the network. Doesn't respond to ping, webpage doesn't load with either the IP address or the servername (both bare and .localdomain). I do see in my Unifi panel some data traffic which is confusing; only 30 MB in the past few hours. Is it possible that something in the config files got borked when saving the Wireguard configuration? Is the best course of action to just pull the USB and modify something in there? I'm just trying to figure out what I should do next... I'll be near the server in a few days.
  10. Server is .244, pihole is .32 set through br0. I can see on my router (unifi) something at .32 has reached out to the router.
  11. Having trouble getting this to start. I have experience both with docker containers on Unraid as well as pihole running on other systems (pis, hyper-v). On startup, it's getting stuck at the following point in the log shown below. I can't get the web console to work. Starting crond Starting pihole-FTL (no-daemon) as root Starting lighttpd Here's what I've tried so far: chmod 777 on the appdata folder Tried both latest version and v4.3.4 Privileged and unprivileged levels Verified that the IP shows up on my network (I can see the client in Unifi) Removed the default extra parameters from the template Here's my full docker run command. root@localhost:# /usr/local/emhttp/plugins/dynamix.docker.manager/scripts/docker run -d --name='pihole' --net='br0' --ip='' -e TZ="America/New_York" -e HOST_OS="Unraid" -e 'TCP_PORT_53'='53' -e 'UDP_PORT_53'='53' -e 'UDP_PORT_67'='67' -e 'TCP_PORT_80'='80' -e 'TCP_PORT_443'='443' -e 'DNS1'='' -e 'DNS2'='' -e 'TZ'='America/New_York' -e 'WEBPASSWORD'='supersecret' -e 'INTERFACE'='br0' -e 'ServerIP'='' -e 'ServerIPv6'='' -e 'IPv6'='False' -e 'DNSMASQ_LISTENING'='all' -v '/mnt/disk1/appdata/pihole1/pihole/':'/etc/pihole/':'rw' -v '/mnt/disk1/appdata/pihole1/dnsmasq.d/':'/etc/dnsmasq.d/':'rw' --cap-add=NET_ADMIN --dns --dns --restart=unless-stopped 'pihole/pihole:latest' Any tips on what to try?
  12. Did you try dropping the slash after esphome? Also, why do you have :443 after proxy_set_header Host? My configuration is otherwise the same except I do not have the proxy_set_header x-forwarded... set. See mine below. Note that /endpoint/ui is for Node-RED. # make sure that your dns has a cname set for homeassistant and that your homeassistant container is not using a base url server { listen 443 ssl; listen [::]:443 ssl; server_name homeassistant.*; include /config/nginx/ssl.conf; client_max_body_size 0; location / { include /config/nginx/proxy.conf; resolver valid=30s; set $upstream_app; set $upstream_port 8123; set $upstream_proto http; proxy_pass $upstream_proto://$upstream_app:$upstream_port; } location /api/websocket { resolver valid=30s; set $upstream_app; set $upstream_port 8123; set $upstream_proto http; proxy_pass $upstream_proto://$upstream_app:$upstream_port; proxy_set_header Host $host; proxy_http_version 1.1; proxy_set_header Upgrade $http_upgrade; proxy_set_header Connection "upgrade"; } location /api/hassio_ingress { resolver valid=30s; set $upstream_app; set $upstream_port 8123; set $upstream_proto http; proxy_pass $upstream_proto://$upstream_app:$upstream_port; proxy_set_header Host $host; proxy_http_version 1.1; proxy_set_header Upgrade $http_upgrade; proxy_set_header Connection "upgrade"; } location /endpoint/ui { resolver valid=30s; set $upstream_app; set $upstream_port 1880; set $upstream_proto http; proxy_pass $upstream_proto://$upstream_app:$upstream_port; proxy_set_header Host $host; proxy_http_version 1.1; proxy_set_header Upgrade $http_upgrade; proxy_set_header Connection "upgrade"; } }
  13. SWAG shouldn't be on bridge, it should be on a network just for your containers that you're procuring.
  14. For those that haven't heard, this container is being renamed.
  15. I had the same issue; container updated and then it stops working with a 500 error. Looks like there was an update to Dokuwiki that causes some plugins to auto crash. I haven't gone into the details yet to see which plugins specifically are killing my wiki. There are people commenting on the github repo for this LinuxServer container at the following link with more details:
  16. I have a docker container (mikenye/adsbexchange) that uploads data online and then allows me to view the status through a specific address on their website. When I put in the WebUI field a path to this external address, the container updates successfully but the WebUI link does not show up in the overflow menu. Are only internal network addresses allowed in the WebUI field? If so, is there any way to add additional addresses in the overflow menu? It would be convenient on containers to have more than one path, pointing at for instance Docker Hub as well as the related GitHub.
  17. To add this variable to a docker container, do the following. Edit the container Switch view to advanced at top right In "extra parameters", add the following text: -e MAXMINDDB_LICENSE_KEY=[type key here, no brackets] The "-e" means it's an environment variable The next thing after that is the name of the variable Value of variable is then set to the right. I'm also really new to Docker containers and have been figuring this out on the fly.
  18. Any chance anyone can post their working Dokuwiki nginx configuration as well as any changes to settings they made within Dokuwiki itself? I've been trying various things without any success. There have been a few comments in this thread on the subject but nobody ever confirmed what the final configuration was actually... edit: OK, finally figured out what was wrong. In the nginx configuration file, I was updating the port number to match the docker container when it needs to remain as the app port number. Also, zero changes were required within dokuwiki to make it work. Dumb on my part, I know; I'm still learning...