Skip to content
View in the app

A better way to browse. Learn more.

Unraid

A full-screen app on your home screen with push notifications, badges and more.

To install this app on iOS and iPadOS
  1. Tap the Share icon in Safari
  2. Scroll the menu and tap Add to Home Screen.
  3. Tap Add in the top-right corner.
To install this app on Android
  1. Tap the 3-dot menu (⋮) in the top-right corner of the browser.
  2. Tap Add to Home screen or Install app.
  3. Confirm by tapping Install.

Mik3

Members
  • Joined

  1. You are missing the API key...need to set that up for it to work correctly. Follow again the guide!
  2. The CONF file is if you want to setup a remote access to your crowdsec instance. Thus it's not needed. If you need to access your crowdsec instance remotely is better to setup a VPN tunnel.
  3. Dear limetech, first of all thanks for this RC1..much awaited and appreciated. Below find a list of some minor bugs/improvements that I encountered. I also encountered a major issue during the upgrade. As far as I know not reported in the upgrade dev notes. I'll try to be as clear and detailed as possible. 1) [IMPORTANT] - Upgrade issue: After upgrade from 6.12.3 to 7.0.0rc1 upon first boot into 7.0.0rc1 the nvme cache (single disk, xfs formatted) was not recognized. The drive was correctly listed but of course unraid saw it as new so all data would have been erased. [SELF FIX] I created a backup of the whole drive using the unassigned device plugin, deleted the cache, rebooted and created a new cache with the same name. Upon assigning the drive unraid correctly recognized the drive. No content lost as no format was required. 2) [MEDIUM] - (docker tab - folder view plugin installed): When I edit a docker container to access it's setting and I try to select "advanced view" the tab crashes which makes you return to the "basic view" docker settings. 3) [MINOR] - UX/UI issue (share tab): Upon adjusting all the shares settings and the disk assignments under share tab I noticed that, if you assign as primary storage the Array and secondary storage to none, under the column "Storage" under the main share tab there is just a circle and no text present. IMO it's useful/good to have some indications there. The problem does not arise if you select cache or cache and array as secondary storage. See screenshot for clarity. 4) [MINOR] - UX/UI issue (docker tab - folder view plugin installed): When there is a docker update, the "apply update" label/button is correctly shown however the docker is not highlighted. In the previous version the docker to be updated was highlighted as the docker name was orange. Would be useful to have the docker highlighted like before. This are the issues I encountered so far which are still present today (apart the issue 1 which was fixed). I hope I was clear enough, if not please ask.
  4. Dear Unraid devs, thanks for your hard work and continuos support and for the amazing product unraid is. I know you are actually busy developing the next unraid version but as stated before by other community members would be nice to receive some updates regarding the base system for security reason. I am on latest unraid version which according to PHP info ships PHP version 8.2.7 which is vulnerable to the CVE-2024-4577 according to the advisory. There is an exploit on the wild already and a PoC, I haven't tested it myself. Could you please confirm unraid is vulnerable? Could you please provide a system update to fix this and probably other vulnerable packages that are presents on the system while we wait for the next big major upgrade? Thank you! @ljm42
  5. Before expanding my array further I am waiting the next major unraid release where multiple pool/array will finally be a reality. Not really a fan using only 2 parity drive for 28 data drive, particularly if you consider the rebuild time when you use 18+TB hard drive. I experienced a drive failure twice and unraid was great into rebuilding that but guys, lost some sleep for 2/3 days. If multiple arrays becomes a reality I would like to build 2/3 "unraid array" in a single server each containing 12 disk (2 parity).
  6. What you did with nextcloud is partially correct. Everytime you want a service protected by crowdsec, you need the correct parser and the logs. However this is only half of the equation as once crowdsec analyze the log and finds something bad it will report back through the local API that this IP should be banned. However no automatic action are taken as nextcloud doesn't know that. Depending on how you are hosting nextcloud: If it's through a reverse proxy like swag than additional configuration might be required. If you are using the incorporated web server then you need to do some additional configuration in the nextcloud docker itself. I can't help further as I don't use nextcloud and I don't know how you host your instance. Try to post your question/scenario and I'll try my best to help. Crowdsec protection depends on the parser. For example, nextcloud collection protects against bruteforce and enumeration. For how to test: Temporary disable the nextcloud anti-bruteforce tool so to let crowdsec parser do it's job. If it works it should block your attack if it's properly configured. You can ban your ip and try to access your nextcloud instance, if the configuration is correct you shouldn't be able to reach it. For a pattern to verify your best bet is to look at the nextcloud crowdsec parser documentation and see which pattern is looking for and replicate that yourself. Hopefully this helps.
  7. I updated the guide. Try to set your API key without using the ${}. Let me know if you have further issues
  8. Ok Solved the issue. I tested and it's working. There was an error in the guide about setting the api key. You just have to set the api key without the ${}. I updated the guide. Let me know if you have further issues.
  9. I am still working on it. I need to try and setup swag from scratch to see if there is a problem with the custom configurations. Having a busy work schedule which is not helping at all. If you could have a little bit more patience I'll try to solve the issue as soon as I can.
  10. I tested that myself again and I got the same behaviour. Looks like swag is not communicating or blocking the connection. I will investigate the issue and post the solution. I'll keep you updated. Thanks for the report.
  11. Hmm, that's strange. Is the IP a local IP or a public one? Local IP aren't blocked.
  12. Dear community, I have been looking for a quick reference guide on how to setup crowdsec with swag but I wasn't able to find one, hence this post. Hopefully this will be useful to someone else. Please let me know in the comment if there is a mistake, if you would add something else to make it easier to follow or if the setup can be improved in anyway. Comments, suggestion are always welcome and a way for me to learn more. Let's begin... PREREQUISITES: -------------------------- Unraid 6.11.5 or greater (might work on previous version but I didn't test) Unraid community app plugin Swag (linuxserver.io docker) already set up SETUP: ------------ STEP 1 - Installing CrowdSec --------------------------------------------- Go into the community app and search for crowdsec (IBRACORP docker maintainer), then hit install. Before applying you need to set the following variables: Network type => Custom: <swag> Replace with the custom docker network type you created when you first created swag Auth logs to analyze => /mnt/user/appdata/swag/log/nginx Replace the path with the swag log folder (the one listed is the default) Crowdsec logs to analyze => /mnt/user/appdata/swag/log/nginx Collections => crowdsecurity/nginx crowdsecurity/http-cve If you need more check https://hub.crowdsec.net/browse/ Then check that the ports 8080 and 6060 are NOT in use by another container and click apply otherwise you need to change those ports variable as well. STEP 2 - Crowdsec Configuration ---------------------------------------------------- Let the docker pull finish then open the docker logs and wait for it to finishing the initial setup, then look for the following message: msg="Starting processing data" Once you see the message shut down the container. Go to the crowdsec appdata folder (default is /mnt/user/appdata/crowdsec) and edit the acquis.yaml file. Under the first "filenames:" add the following line: /var/log/crowdsec/*.log Your file should look similar to this: filenames: - /var/log/nginx/*.log - ./tests/nginx/nginx.log - /var/log/crowdsec/*.log <------------------------------------ this is the line we added #this is not a syslog log indicate which kind of log it is labels: type: nginx --- [...] By default crowdsec bans for 4h to modify that value we need the profiles.yaml file in the crowdsec appdata folder. Edit profiles.yaml search for the line decisions and replace 4h with whatever vaule you want/need. An example below: [...] decisions: - type: ban duration: 20h <--------Default is 4h, replace this vaule according to your needs. [...] Now we can start the crowdsec docker, again check docker logs to make sure no errors are show and search for the line msg="Starting processing data" time="01-02-2023 00:03:00" level=info msg="Adding file /var/log/swag/access.log to datasources" type=file time="01-02-2023 00:03:00" level=info msg="Adding file /var/log/swag/error.log to datasources" type=file time="01-02-2023 00:03:00" level=info msg="Adding file /var/log/swag/unauthorized.log to datasources" type=file If you see this, it means that everything is OK and crowdsec is now parsing the logs. STEP 3 - SWAG <-> Crowdsec configuration -------------------------------------------------------------------- Crowdsec is parsing the logs and making decisions but no further action is taken and the connection is not effectively blocked as swag doesn't know anything about crowdsec decisions. To make crowdsec communicate with swag we need to configure the swag container and the crowdsec bouncer. First of all we need to install the swag bouncer inside crowdsec, to do so run in the shell the following command: docker exec -t crowdsec cscli bouncers add swag The command will return an API key. Copy that api key as we need it for the next step Now we need to edit the swag docker container and add the following variables: DOCKER_MODS: linuxserver/mods:swag-crowdsec CROWDSEC_API_KEY: ${API} <-------------Replace API with the API key you obtained from the cscli command in crowdsec CROWDSEC_LAPI_URL: http://[IP]:8080 <-----Replace IP with the Ip address of the crowdsec docker. 8080 is the default port, if you changed that you need to change it here as well. NOTE: Replace "${API}" with the api key you obtained. DO NOT USE THE '$' or the brackets '{' '}'. Example: ${API} becomes hj43gg061... To create the above variable you can use the UnRAID webGui. Remember variables and values are case sensitive. Once you have done that click apply and start the container. Open swag docker logs and check that the mod installation is successful and that the following line appears. nginx: [alert] [lua] init_by_lua:8: [Crowdsec] Initialisation done This means that the crowdsec mod is successfully installed and swag is now communicating with crowdsec docker. If you want to double check that the communication between the two docker is successful you can run the following command docker exec -t crowdsec cscli bouncers list The output is a table with the name,latest time and auth method with the bouncer. CONCLUSION --------------------- Now everytime a connection attempt is made, swag will communicate with crowdsec docker, check if the ip is banned and allow/reject the connection. You can check the crowdsec decisions by running the following command: docker exec -t crowdsec cscli decisions list If you want to test the ban you can use the cscli command to ban the ip. Example: docker exec -t crowdsec cscli decisions add --ip [IP] --type ban --duration 15m <--- Replace IP with your IP Then if you try to connect to your swag instance from that IP you should receive a 403 error. To unban the ip just run the following: docker exec -t crowdsec cscli decisions delete --ip [IP] That's all. Hopefully you find it useful. Please let me know if something is not clear and I'll do my best to improve it. Have fun and stay safe! REFERENCES ---------------------- Blocking malicious connections with crowdsec and swag SWAG docker mod Crowdsec COLLECTIONS
  13. Sorry for the late reply I was busy at work. I tried to setup again using the host mode and changing the port to something else. Maybe he doesn't like 808 XD. Anyway now looks like it's working. I'll do more tests and if anything strange comes up I'll report back. To solve this just change the view from basic to advanced and modify the value "WebUI: http://[IP]:[PORT:80]/". Change 80 to the port you use..in your example 9080. Thanks again for your time and help. Have a nice day!
  14. Hi, thanks for your work much appreciated. Probably it's me but the docker is not working. Please find below all the details. OS: Unraid 6.11-rc5 Fresh install of docker, no previous appdata. I change the net to host, change the HTTP and WS port to something not used but when the container is pulled, it still shows port 80 and port 443 in the docker details in unraid. 192.168.1.2:443/TCP192.168.1.2:443 192.168.1.2:5900/TCP192.168.1.2:5900 192.168.1.2:6080/TCP192.168.1.2:6080 192.168.1.2:80/TCP192.168.1.2:80/opt/deCONZ/mnt/user/appdata/deconz Docker logs shows in RED [deconzcommunity/deconz] Using options .......... --http-port=808 --ws-port=4434 Same happens if using the custom network to br0. Even if I leave the standard configurations the red line is still showed in the docker logs. What am I doing wrong?
  15. @Grant123 You can always add extra parameter in the docker by using the appropriate menù. It's at the end of the page. Also consider that some stuff have changed with the latest release since I wrote this guide. I am quite busy at moment, whenever I'll find the time I'll try to update this guide with the latest infos.

Account

Navigation

Search

Search

Configure browser push notifications

Chrome (Android)
  1. Tap the lock icon next to the address bar.
  2. Tap Permissions → Notifications.
  3. Adjust your preference.
Chrome (Desktop)
  1. Click the padlock icon in the address bar.
  2. Select Site settings.
  3. Find Notifications and adjust your preference.