Bulletoverload

Hello, Regarding Kiwix-Serve Does anyone know of a way or process I could use to add a cron expression for redownloading an updated wiki dump? As it is right now by design, the docker redownloads the file every time it is restarted. I know I can disable this by removing the download link or download parameter but I would much rather somehow automate it to download, say, once a month. Any ideas?

This is for USB backup? I might just steal it then.

Does the USB backup within CA Appdata backup still work? I would like to have USB dated/versioned USB backups, instead of just 1 backup on unraid.net. Is this possible or another way of doing this?

You saved my ass here. This loop was driving me absolutely crazy, I was about ready to nuke the whole system. Thanks so much and nice job figuring it out! So this pops up for more people who might be searching for the issue: Unraid server docker container was stuck in a loop rebuilding because its network was set such that it was dependent on another docker that no longer existed. Simply editing the Docker attempting to rebuilt itself and changing the network solved the problem!

@ich777 Sorry to spam you. When you get a chance, do you have any idea what is going on here? Thanks!

@ich777Hi. I am having trouble swapping from the deprecated OpenVPN dperson version to yours. I didn't change anything at all, appdata folders lined up but for some reason I am getting "2022-07-17 18:17:14 sitnl_send: rtnl: generic error (-101): Network is unreachable" while trying to connect to PIA. I downloaded new ovpn files and confirmed my credentials in auth.vpn were correct. I even wiped the appdata folder and image and completely fresh installed. No luck. Any idea what is going on here? It looks like it is talking to and logging into the vpn server I have selected but something is failing. Appreciate any insight. Thanks! Edit: I'd like to add that PIA includes (requires?) a .crt and a .pem file. Not sure what either of them do and/or if they are necessary for this setup, but I didn't see how to handle these extra files within the documentation. I have them both in /vpn/ but no change. I've since figured out they are just separate files that contain what is already in the .ovpn. I did not do anything special within the dperson package so it must not have been using those files, as far as I can tell. I attempted to call these files in both the .ovpn and a .config file based on the instructions in the documentation but I still couldn't get anything to happen. This is way more than I did with the dperson package so I am assuming it is unecssary and I am just missing something rudimentary. 2022-07-17 18:07:16 Initialization Sequence Completed ---Checking for optional scripts--- ---No optional script found, continuing--- ---Taking ownership of data...--- ---Starting...--- Error: ipv4: FIB table does not exist. Dump terminated + exec sg vpn -c 'openvpn --cd /vpn --config /vpn/vpn.ovpn --script-security 2 --redirect-gateway def1 --auth-user-pass /vpn/vpn.auth ' 2022-07-17 18:17:14 DEPRECATED OPTION: --cipher set to 'aes-128-cbc' but missing in --data-ciphers (AES-256-GCM:AES-128-GCM). Future OpenVPN version will ignore --cipher for cipher negotiations. Add 'aes-128-cbc' to --data-ciphers or change --cipher 'aes-128-cbc' to --data-ciphers-fallback 'aes-128-cbc' to silence this warning. 2022-07-17 18:17:14 WARNING: file '/vpn/vpn.auth' is group or others accessible 2022-07-17 18:17:14 OpenVPN 2.5.1 x86_64-pc-linux-gnu [SSL (OpenSSL)] [LZO] [LZ4] [EPOLL] [PKCS11] [MH/PKTINFO] [AEAD] built on May 14 2021 2022-07-17 18:17:14 library versions: OpenSSL 1.1.1n 15 Mar 2022, LZO 2.10 2022-07-17 18:17:14 CRL: loaded 1 CRLs from file -----BEGIN X509 CRL----- REDACTED -----END X509 CRL----- 2022-07-17 18:17:14 TCP/UDP: Preserving recently used remote address: [AF_INET]140.228.24.198:1198 2022-07-17 18:17:14 UDP link local: (not bound) 2022-07-17 18:17:14 UDP link remote: [AF_INET]140.228.24.198:1198 2022-07-17 18:17:14 [montreal430] Peer Connection Initiated with [AF_INET]140.228.24.198:1198 2022-07-17 18:17:14 WARNING: You have specified redirect-gateway and redirect-private at the same time (or the same option multiple times). This is not well supported and may lead to unexpected results 2022-07-17 18:17:14 sitnl_send: rtnl: generic error (-101): Network is unreachable 2022-07-17 18:17:14 TUN/TAP device tun0 opened 2022-07-17 18:17:14 net_iface_mtu_set: mtu 1500 for tun0 2022-07-17 18:17:14 net_iface_up: set tun0 up 2022-07-17 18:17:14 net_addr_v4_add: 10.9.112.64/24 dev tun0 2022-07-17 18:17:14 WARNING: OpenVPN was configured to add an IPv6 route. However, no IPv6 has been configured for tun0, therefore the route installation may fail or may not work as expected. 2022-07-17 18:17:14 add_route_ipv6(2000::/3 -> :: metric -1) dev tun0 2022-07-17 18:17:14 WARNING: this configuration may cache passwords in memory -- use the auth-nocache option to prevent this 2022-07-17 18:17:14 Initialization Sequence Completed

Oh wow, that was stupid of me. Ya I just made it a bash script and it worked. Thanks!

Ran what you suggested: PORT STATE SERVICE 25/tcp open smtp 53/tcp open domain 80/tcp open http 143/tcp open imap 443/tcp open https 465/tcp open smtps 587/tcp open submission 993/tcp open imaps 4567/tcp open tram Everything is open. These are just checking for inbound ports, no? My concern is that I think my ISP is blocking outbound 25. Does mail-server only use 25 for outgoing mail or can I swap/select something else? Not talking about mail client -> server but server actually sending out the mail. So far, I have tried emailing like 5 different emails, all various hosters, and nothing can get through.

Thanks a ton for your help here and your info above. I've been able to get everything working 95%, including SSL via NGINX. I can receive email, but cannot send. Below are some logs and my settings. Currently I am using ports 993 and 465, but all are port-forwarded currently for testing purposes. Are these the two I should be using? None are working for submission, so...appreciate any insights! Incoming: *username* *password* *server IP*:993 SSL/TLS SPA Off Outgoing: *Server IP*:465 SSL/TLS Outgoing SMTP requires Authentication: On and using same credentials as incoming LOGS --UPDATE-- Unless you have any ideas, I think the problem is that Verizon blocks outbound:25 by default. I may be out of luck...

Thanks a ton for such an informational response. Ya, I had a lapse in understanding. I was thinking I could use NGINX to direct all of my web traffic and never open ports on my router again, but NGINX is specifically only listening on ports 80 and 443, meaning there is no way the SMTP requests would have gone anywhere. Am I understanding that correctly?

I am new to some of these things and may need some help, if you dont mind. I have the server running and I added my user/password. No issues there. I have SSL off for now until I can get the basic functionality working. Logs aren't really showing any issues. Through NGINX proxy manager and duckdns, I have two domains; mailin.duckdns.org and mailout.duckdns.org. Both are forwarding to the appropriate internal addresses, 192.168.1.3:143 and 192.168.1.3:25, respectively. I have NGINX working with many other projects so I don't think that is the issue. When I attempt to connect to the server via SMTP (No SSL) using those domains, I cannot get through. Any ideas? UPDATE: When I attempt to go to these domains through a web-browser, I get non-smtp command errors, which proves the domains/NGINX are configured correctly. I still just cannot login. I tried outlook and one other mail client but no luck. So far I've gotten "* OK [CAPABILITY IMAP4rev1 SASL-IR LOGIN-REFERRALS ID ENABLE IDLE LITERAL+ AUTH=PLAIN AUTH=LOGIN] Dovecot (Debian) ready. GET BAD Error in IMAP command received by server. Host: BAD Error in IMAP command received by server. * BYE Too many invalid IMAP commands." and "220-mail.REDACTED.org ESMTP 521 5.7.0 Error: I can break rules, too. Goodbye."

The program will not lunch my startup script, location "/mnt/user/Dir/Scripts/Onedrive_Appdata_Sync.ph". Am I doing something wrong? it's just a simple rclone command to sync the new backup.

CA Backup/Restore Appdata does not see my script at /boot/config/plugins/user.scripts/scripts/. How can I path to custom start script in this use case? Do I need to save the script somewhere else the plugin can see?

I appreciate this. Will change this setting. Thanks!

2400 it is then. Much appreciated thanks very much!

I have 2 slots filled with single rank, so I think my max is 2933, which is still lower than what I have set, so this must be my issue then I assume.

And you would expect that to be causing the parity errors? My CPU and Motherboard officially support 3200mhz ram, which is what I'm running at, so I'm surprised there would be issues.

Ya I was thinking that but its just XMP. Is it even technically overclocking if the RAM is rated for that speed? But ya, I mentioned that b/c somewhere in the back of my head I've heard complaints of RAM OC and unraid

Hello, I have been dealing with parity errors that won't seem to go away, and now the number appears to be climbing (up to 157 now). I can't seem to get them to to go away. None of my drives seem to be showing any issues and everything is working correctly, but I hate seeing errors. Can someone suggest next steps or where my issues might be? I have attached diagnostics. Potentially helpful info; I run parity checks monthly and keep write correction on (not sure if his is good practice). Last few parity checks have thrown errors. My RAM is non-ECC and running at rated overclock of 3200MHZ (maybe I should try no/lower OC?). Server has been restarted and multiple parity checks with write correction, errors always remain (though not always the same number of errors) Current uptime of this diag. is almost 25 days so it should be enough info. Please let me know if there are any questions that would shed extra light. Appreciate any help! server-diagnostics-20220301-1627.zip

Hi @Squid/Community, I have a few questions regarding both CA Update and CA Backup. Apologies if these are answered elsewhere; For CA Update, how does the delay work? If I have the "check" set to every Monday morning at 4am, and a delay of, lets say 3 days, does it then update Thursday morning at 4am? Would that mean that if I wanted everything to stay 1 week behind, I would set the delay to 7? Meaning every Monday at 4am, it installs last weeks updates that were delayed by 7 days? I know that CA Backup can tell CA Update to run after a backup. If I only want to update my Dockers after a backup, would I look to disable "update check frequency" within docker update settings? Or will this disable the plugin entirely? What about for plugin updates? If I have the delay set but "update check frequency" disabled, does that mean that it will check for updates ONLY after set in motion by CA Backup, and delay accordingly? When does "Delete backups if they are this many days old" occur? If I have it set to 30 days, does it delete as soon as the age of the file hits 30 days, or does it delete the next time CA Backup runs and sees the file is 30 days or older? My end goal here is that I would like CA Backup to run every Monday morning at 4am. After the backup, I want plugins to update the 7 day delayed updates from last week, and want all dockers updated. Does this make sense and am I understanding everything correctly? Thanks for your help! -Ryan

Anything @ljm42? Edit: Nevermind! I just got the wireguard update and its working now. weird.

I am having an issue where my android phone is working fine, but my windows laptop is not. Both are configured identically, see picture. My android phone does everything. I can access my shares and web GUIs. My laptop can access shares but cannot access ANY webGUIs (unraid, dockers, gateway) OR use RDP. My laptop can successfully ping my gateway/local DNS server, as well as the computer I am trying to RDP with. Unraid server can ping my laptop. The local computer I am trying to RDP onto cannot ping my laptop, however. Phone and laptop are on identical wifi as of testing and I have already tried opening the firewalls. My laptop can only succesfully ping using IP address, not hostname, but NSLOOKUP shows correct entries coming from my local DNS/Gatewat. Any thoughts? https://imgur.com/a/Tky0Bcp