Skip to content
View in the app

A better way to browse. Learn more.

Unraid

A full-screen app on your home screen with push notifications, badges and more.

To install this app on iOS and iPadOS
  1. Tap the Share icon in Safari
  2. Scroll the menu and tap Add to Home Screen.
  3. Tap Add in the top-right corner.
To install this app on Android
  1. Tap the 3-dot menu (⋮) in the top-right corner of the browser.
  2. Tap Add to Home screen or Install app.
  3. Confirm by tapping Install.

ati

Members
  • Joined

  • Last visited

  1. ati replied to Iker's topic in Plugin Support
    I used the 'create dataset' button in ZFS master to create a folder/dataset (at the top level). Later I noticed that unRAID created a share matching that dataset name and assigned it the incorrect primary storage. It didn't seem to matter what unRAID did, the folder/dataset (and it's data) still only existed on the ZFS pool, but it was a but interesting to see that unRAID assigned the BTRFS pool as the primary share for it. Thanks for the info. It is good to know that is 'normal'. I was mostly playing with ZFS at this point trying to get the feel for how I wanted to use it before moving all my data to the new ZFS cache pool.
  2. ati replied to Iker's topic in Plugin Support
    Just wondering if this is normal expected behavior. I have 2 cache pools: 2 drive BTRFS pool (called cache) 2 drive ZFS pool (called nvmecache) I used the ZFS master plugin to make a new testing dataset on the root of my nvmecache (/mnt/nvmecache/testdataset) The data set was made and all appeared normal, however, if I go into the shares tab on the unRAID GUI I have a new share. It is called testdataset and it is set to use my cache pool, not the nvmecache pool. Is it normal for it to create a share like that? Especially using the wrong pool?
  3. I am going on a adventure to try and better harden my containers and better isolate them from one another as well as the host server itself. I use IPVLAN and isolate my containers into VLANs based on 'activities'. For example: *arr stack is one VLAN, personal utilities (paperless or trillium notes is another VLAN, etc. First question: Why can I not add VLANs to unRAID without having an IP address associated with it? The unRAID server itself doesn't need to have any presence on the VLAN for my *arr stack for example. The containers in the stack are isolated and firewalled off so I can only access them via a reverse proxy, but because unRAID puts an interface in that VLAN there are no firewall rules to stop it as it is layer 2. It seems like the docker engine 'blocks it' by I am not sure at what level it is blocked. Are there any other best practices for host isolation? I have host access to custom networks disabled in my Docker settings. I don't have a single container that I run that should ever need access to unRAID directly, and I want to be sure it is 100% blocked otherwise. I only run containers in br0.x on VLANs outside if the native VLAN for unRAID itself, so that should help as well. Is it better to use custom docker networks, or use external VLANs for containers? I am much more comfortable using my external router/firewall, but if there is an inherent advantage to using Docker custom networks I can go that route as well. I recently learned that Docker uses the DNS settings of the host by default, so I am also in the process of adding the --dns=x.x.x.x to all the containers that I don't wish to use my internal DNS server. Looking for feedback, best practices and opinions on how to better harden my system and containers. There is a lot of trust in the FOSS community where we blindly trust run containers. As vibe coding becomes more and more common (thinking a bit about the Huntarr fiasco) I think a little hardening is a good idea.
  4. I have been running my binhex-flaresolverr behind my binhex-delugevpn container for some time. Just recently I noticed that it is failing to work with Prowler (also running via binhex-delugevpn). It results in a connection refused every time. If I move the binhex-flaresolverr out from behind the binhex-delugevpn it works fine. I am a bit lost as to how to troubleshoot this as there isn't any useful logging showing why it fails.an I can curl flaresolverr from my Prowlarr container just fine: sh-5.3# curl http://192.168.xx.xx:8191 {"msg": "FlareSolverr is ready!", "version": "3.4.6", "userAgent": "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36"}sh-5.3#
  5. ati replied to TQ's topic in Docker Containers
    Does anyone else have issues with the WebUI for this container working? It is the only container I seem to constantly have to restart and fiddle with to get the WebUI to work. The logging shows nothing either. Same issue across several versions.
  6. I currently have a Supermicro 826 that I got used with the motherboard, CPU and RAM many moons ago and it is time to upgrade. I would like to build my own server (motherboard/CPU/RAM) vs, getting one with used components. As a result it would be much easier in a 3U or 4U case as those will support commodity hardware/coolers better. I really want a full depth case with rails, not a shallow screw mount rack case. I also would like to have more than my current 12 hot sway bays. 16+ would be ideal. Any recommendations for cases? Preferably used. The Supermicro 836 comes up a lot on forums, but I want to consider all options. SIDE NOTE: This would be my first go a 'rolling my own' in a server chassis. Any concerns with consumer CPU coolers in a 3U case?
  7. Well this ended up breaker my entire docker image and freezing my server. I believe it is a result of some type of network conflict. Similar to here: https://forums.unraid.net/topic/181342-docker-engine-freeze-locks-up-unraid/ Not really sure how to do this correctly now...
  8. Well I got it to work once making a custom internal network, now I get this error after I try to start the stack again: Error response from daemon: driver failed programming external connectivity on endpoint immich_server (04565a5b1f19222fe7a7245130294e2f27b8b6fe6c51dc81b6fd7bbc36b00da0): Error starting userland proxy: listen tcp4 192.168.10.137:2283: bind: cannot assign requested address
  9. I am still running into issues. I am trying, to start, to just run the Immich server on my main VLAN which is br0 and leave all the other Immich containers on their default network. So I have this in my otherwise default from Immich compose file. (from here: https://github.com/immich-app/immich/releases/tag/v2.4.1) name: immich services: immich-server: ... ports: - 192.168.10.137:2283:2283 ... networks: br0: ipv4_address: 192.168.10.137However, when I do this, the sever will not start. Presumably there is a missing link between my br0 network and the default Immich compose network? How do I set the main server to have 2 interfaces? The network the other containers use is 'immich_default', but I see no reference to that in the compose file, so how do I add that as a network for the immich_server docker? Whenever I do try and add it, it says it is not defined in the compose messages when starting the stack.
  10. I have not, but I didn't think it applies? If you look at the help it is for macvlans, but I am using ipvlans. Regardless, it looks like it could be the issue and the help is just incorrect?
  11. I am running Nginx Proxy Manager via a Br0.80 interface. So it is running on VLAN 80, with an IP address of 192.168.80.50. It is all setup a working great for several other Br0.80 services, as VLAN 80 is my DMZ. I am trying to setup a few 'LAN only' proxies so I can access local resources using domain names instead of IP addresses. I was able to add several other Br0.VLAN services just fine. However the issue is any service that is running in bridge mode (using the same IP address as my unRAID server) will not work. I cannot even curl the sites from the Nginx Proxy Manager. It seems like something in the unRAID docker engine is blocking me from being able to access the unRAID host IP address.
  12. I am an absolute idiot when it comes to compose files, this is my first try at one. I am trying to run Immich (which I have working via this guide), but I want to set it to run on a separate IP instead of the bridged IP with my unRAID server. My unRAID server is 192.168.10.40, and by default Immich runs at 192.168.10.40:2283. I want to edit the compose file to run the Immich server (or stack?) via br0 on a different network. All my dockers that I allow external access to are on a different VLAN, so I would like Immich do exist on that VLAN as well. How do I modify my compose file to do this? name: immich services: immich-server: container_name: immich_server image: ghcr.io/immich-app/immich-server:${IMMICH_VERSION:-release} # extends: # file: hwaccel.transcoding.yml # service: cpu # set to one of [nvenc, quicksync, rkmpp, vaapi, vaapi-wsl] for accelerated transcoding volumes: # Do not edit the next line. If you want to change the media storage location on your system, edit the value of UPLOAD_LOCATION in the .env file - ${UPLOAD_LOCATION}:/data - /etc/localtime:/etc/localtime:ro - ${PHONE_PHOTOS}:/home/user/PhonePhotos:ro env_file: - .env ports: - '2283:2283' depends_on: - redis - database restart: always healthcheck: disable: false immich-machine-learning: container_name: immich_machine_learning # For hardware acceleration, add one of -[armnn, cuda, rocm, openvino, rknn] to the image tag. # Example tag: ${IMMICH_VERSION:-release}-cuda image: ghcr.io/immich-app/immich-machine-learning:${IMMICH_VERSION:-release} # extends: # uncomment this section for hardware acceleration - see https://docs.immich.app/features/ml-hardware-acceleration # file: hwaccel.ml.yml # service: cpu # set to one of [armnn, cuda, rocm, openvino, openvino-wsl, rknn] for accelerated inference - use the -wsl version for WSL2 where applicable volumes: - model-cache:/cache env_file: - .env restart: always healthcheck: disable: false redis: container_name: immich_redis image: docker.io/valkey/valkey:8@sha256:81db6d39e1bba3b3ff32bd3a1b19a6d69690f94a3954ec131277b9a26b95b3aa healthcheck: test: redis-cli ping || exit 1 restart: always database: container_name: immich_postgres image: ghcr.io/immich-app/postgres:14-vectorchord0.4.3-pgvectors0.2.0@sha256:bcf63357191b76a916ae5eb93464d65c07511da41e3bf7a8416db519b40b1c23 environment: POSTGRES_PASSWORD: ${DB_PASSWORD} POSTGRES_USER: ${DB_USERNAME} POSTGRES_DB: ${DB_DATABASE_NAME} POSTGRES_INITDB_ARGS: '--data-checksums' # Uncomment the DB_STORAGE_TYPE: 'HDD' var if your database isn't stored on SSDs # DB_STORAGE_TYPE: 'HDD' volumes: # Do not edit the next line. If you want to change the database storage location on your system, edit the value of DB_DATA_LOCATION in the .env file - ${DB_DATA_LOCATION}:/var/lib/postgresql/data shm_size: 128mb restart: always volumes: model-cache:
  13. I recently noticed some odd port assignments shown on my main docker page for containers that route their network via another container. Here is a quick example where my Jackett container routes via my Deluge VPN container, which is 192.168.70.xx, and when I access Jackett it is 192.168.70.xx:jackett_port as expected. So, why is jackett showing mappings for 192.168.90.xx a subnet that isn't part of the equation here. I think long before I moved to running Jackett via deluge it was on that subnet, but I guess I never really noticed that they haven't 'gone away' after the change.
  14. I got an email from LetsEncrypt that two of my domains had certificates that were going to expire in 10 days. In the last few years I haven't thought twice about it as NPM just took care of it. I went into the GUI and tried to manually renew the certs and got "Internal Error". I decided to reboot the docker and now it won't boot at all. This is in the log over and over again: ❯ Starting nginx ... nginx: [warn] the "listen ... http2" directive is deprecated, use the "http2" directive instead in /data/nginx/proxy_host/3.conf:14 nginx: [warn] the "listen ... http2" directive is deprecated, use the "http2" directive instead in /data/nginx/proxy_host/3.conf:15 nginx: [warn] the "listen ... http2" directive is deprecated, use the "http2" directive instead in /data/nginx/proxy_host/7.conf:14 nginx: [warn] protocol options redefined for 0.0.0.0:443 in /data/nginx/proxy_host/7.conf:14 nginx: [warn] the "listen ... http2" directive is deprecated, use the "http2" directive instead in /data/nginx/proxy_host/7.conf:15 nginx: [warn] protocol options redefined for [::]:443 in /data/nginx/proxy_host/7.conf:15 nginx: [warn] the "listen ... http2" directive is deprecated, use the "http2" directive instead in /data/nginx/redirection_host/3.conf:10 nginx: [warn] the "listen ... http2" directive is deprecated, use the "http2" directive instead in /data/nginx/redirection_host/3.conf:11 nginx: [emerg] cannot load certificate "/etc/letsencrypt/live/npm-5/fullchain.pem": BIO_new_file() failed (SSL: error:80000002:system library::No such file or directory:calling fopen(/etc/letsencrypt/live/npm-5/fullchain.pem, r) error:10000080:BIO routines::no such file) What happened here, and how can I resolve it? Looks like something with a keyfile has failed?
  15. Just for my own knowledge, how can you tell? I didn't see anything about it 'forcing' an unmount or anything in the log. I saw that was a common solution/problem when searching this, but I couldn't see any signs in the log.

Account

Navigation

Search

Search

Configure browser push notifications

Chrome (Android)
  1. Tap the lock icon next to the address bar.
  2. Tap Permissions → Notifications.
  3. Adjust your preference.
Chrome (Desktop)
  1. Click the padlock icon in the address bar.
  2. Select Site settings.
  3. Find Notifications and adjust your preference.