Everything posted by loukaniko85
-
Future Unraid Feature Desires
HTML5 rewrite for modern portal; including native mobile rendering. SSO capabilities; such as OIDC.
-
UnRAID need better login security's, login&password are not enought.
We're in agreement about the fact that unraid shouldn't be exposed directly - unsure why the remark. Perhaps you misread my statement or misunderstood my initial statement about having a default position of X shouldn't be exposed to the internet, not being a current one. As I stated in my post, and what you also outlined in yours are various ways of exposing unraid/ui to the internet; via a reverse proxy, in my case - and via a VPN, in yours. You're simply proving my premise that even services not designed to be exposed directly, such as unraid/ui in this case, can still be exposed indirectly, securely. Thus the position of X shouldn't be exposed to the internet, is no longer the status quo as there are many ways of exposing services, securely - irrespective of their design. Your two statements seem like a contradiction here. Though, I wouldn't expose my service with the unraid connect method; they require you to port forward directly to your unraid machine. Though, only https is exposed here, not any other part of the OS. Its not just the root credentials/2fa thats required with their method- you authenticate with your forum credentials, then the 2nd factor - then once successful, you're at your unraid/ui landing page.. now its time for your local root credentials. Though again, I dont and wouldnt use this method. VPN is a good option in general. Though if you look at the OP (below) the initial query was specifically about not using VPNs and implementing 2FA. Hence my statement about using a reverse proxy, which can introduce 2FA to all your services. Whether you expose it on the internet, or simply use it internally. With all that said, I prefer using a reverse proxy to expose internal services, as this can provide the same level of secure access. They also support 2FA. They also protect the internal services from attack.
-
UnRAID need better login security's, login&password are not enought.
Externally, I'm using Traefik, via Authentik to expose all my services including the Unraid UI. Have SSO and multiple MFA options implemented; OTP, WebAuthn and Duo Push. All services are routed through middlewares like crowdsec and modsecurity WAF. 443 to Traefik is the only port open. Internally, I'm using Traefik, via Authelia with SSO and multiple MFA options implemented; OTP and Duo Push; have network segregation with multiple vlans, but one specifically for sensitive workloads, including unraid and a backup NAS; with firewall policies which denies incoming traffic to the vlan, with very few ports being exposed internally to other vlans, and all whitelisted endpoints. Vlan has no inbound internet connectivity (return traffic initiated from the vlan is allowed) and it isnt allocated to any wifi ssid. There's only 1 ethernet port in my house that has access to this vlan. Completely overkill, but why not If you want security, you can implement it. Also the default position of X shouldn't be exposed to the internet is invalid. It's all contextual. Of course, don't simply port forward your unraid ui/port externally. As everyone has stated unraid wasn't designed to be directly, externally visible. Keep in mind, the unraid team have implemented their own plugin, to allow 2FA remote access to the dashboard.
-
[SUPPORT] - Reaparr - A cross-platform Plex media downloader that seamlessly adds media from other Plex servers to your own!
hey mate - some assistance. I have the new 0.10 RC release. added my plex account, its enabled and validated.. and in the logs I can see its successful and that the right number of servers I have access to have been returned.. though in the GUI, it states, theres no servers available. Bug, or have I missed something? Cheers. -- Seems like the issue is due to using a custom plex server url..
-
[Support] Josh5 - Steam (Headless)
How can I ensure the xorg.conf file doesnt get recreated? I am trying to utilise a custom refresh rate. Or is there an alternative method? Thanks.
-
Every 6.10.x release - server freezes within a few days.
Please help me discern the issue. jj-diagnostics-20220511-1657.zip
-
Resizable BAR RTX 3000
did you get this working?
-
[Support] Linuxserver.io - Transmission
Add USER and PASS variables in container to set authentication.
-
[Support] SpaceinvaderOne - Macinabox
Thank you sir - you're correct. I am now able to connect.
-
[Support] SpaceinvaderOne - Macinabox
I then get this. I have changed the vm libvert storage location from its default - perhaps this is why.
-
ASRock Rack X570D4U
cheers - will try this shortly :)
-
ASRock Rack X570D4U
I am using 32GB of ECC ram @ 2666 - one of the Kingstons listed on the supported list for the MB.
-
ASRock Rack X570D4U
I have installed the IPMI plugin and everything is displayed correctly; fan control is something I am still unable to rectify. It states fan is not configured.
-
ASRock Rack X570D4U
actually really well - everything is working perfectly.
-
[Plugin] IPMI for unRAID 6.1+
I have the same board and issue - keep us updated
-
ASRock Rack X570D4U
I pre-ordered a couple of weeks ago and it is arriving in a few of days - I guess I'll be the test bench.
-
ASRock Rack X570D4U
Hi All, As I await the components for my new server - has anyone had any experience with this board in Unraid? Is everything working, like GPU passthrough? Thanks
-
Unraid Feature Request Wishlist
ZFS