Curious_George

Members
  • Posts

    5
  • Joined

  • Last visited

Everything posted by Curious_George

  1. Thanks for the brilliant guide - I followed it some time ago and it has been working fine. However I noticed some behaviour today that made me question if I knew just what I thought it was doing, or indeed how private data in the tunnel is. Was at a mate's place who's ISP has some very strict content filters done at the ISP level, not at his home network level. I have WireGuard configured on my phone to connect back to my unRaid server in "Remote Tunneled Access" mode. Connecting to his WiFi and then turning WireGuard on I could access addresses on my home LAN - WireGuard was connected correctly. I then searched for a few terms that would trigger his ISP's content filter, and I was redirected to the "access denied" page from his ISP. I thought this wasn't possible? Surely my search should have been directed through the tunnel and out my home ISP? How is his ISP capturing the data in the tunnel between my phone and my server? We both use different ISP's, so it was very obvious that it was his ISP filtering/restricting my VPN traffic, not mine. Things I tried: Connect to my home lan via data/WireGuard - no restrictions. Connect to my home lan via mate's Wifi/WireGuard - content restrictions. Check "My IP" while connected via mate's WiFi/WireGuard - showed my home static address. Interestingly, I turned on the bundled VPN in the latest Opera mobile browser while connected to mate's WiFI - "My IP" showed an address in Sweden, and the same searches that would trigger the content filter while connected to my VPN would now work without restriction. This experience has shaken my faith in using WireGuard on insecure networks, say coffee shops etc, as it seems as if a "man in the middle" is able to read the supposedly-encrypted traffic between my device and my server. I'd really appreciate if someone was able to cast some light on just what is going on here. Thanks.
  2. In SpaceInvaderOne's excellent tutorial for setting up a reverse proxy, he talks about creating a custom docker network: docker network create proxynet Is there a way to define which NIC that gets created on? I have one already on BR0, but would like to create another separate one on BR1
  3. Not specifically a unraid question, but is someone able to explain what the new "keep link" option is in post processing? There doesn't appear to be a wiki entry for it, and the github request kinda seems odd. The way I understood, "symlink" kept the files in the download directory, and created a symlink to the media directory. "Hardlink" moves the files to the media directory and creates a symlink back to the download directory. What does keep link to thats different to either of the above?
  4. I don't have letsencrypt, nor port forwarding. This is a simple local install for the time being as I am behind CG-NAT - direct local connection between two machines on the same LAN.
  5. I think I am starting to lose my mind trying to make NextCloud work, just as a local service at this stage, without reverse proxy etc. I have followed both the installation guide at the beginning of this thread, and SpaceInvaderOne's guide to the letter, multiple times now over the last day. MariaDB installs ok, I am able to create the databases required. When I get to the WebUI setup for NextCloud, I am always brought to a halt by "504 Gateway TimeOut" Checking the NextCloud error log I see "2020/04/29 11:35:41 [error] 358#358: *4 upstream timed out (110: Operation timed out) while reading response header from upstream, client: 192.168.1.101, server: _, request: "POST /index.php HTTP/2.0", upstream: "fastcgi://127.0.0.1:9000", host: "192.168.1.69:4445" If I try again, I get an error that "user already exists" but I can't seem to be able to get past the installation webui. I see that this question has been asked previously in this thread, but there was no response to it. I also see a couple of reddit posts specifically asking the same question in relation to unraid and nextcloud, but with no solutions either. Any help or suggestions would be most appreciated please.