Everything posted by Smith007
-
[Support] Linuxserver.io - SWAG - Secure Web Application Gateway (Nginx/PHP/Certbot/Fail2ban)
But this is to set up "internal" docker IP, isn't it? What I'm missing is how to assign additional docker host IPs, and how to steer containers to bind only to particular host IP (from those additional ones). Or am I mixing it all completely? I know, and apologise. I wanted to start new general topic in Docker Containers forum, but there is no way to post there. Please move my questions to whatever place it fit best. Also - many thanks for helping me .
-
[Support] Linuxserver.io - SWAG - Secure Web Application Gateway (Nginx/PHP/Certbot/Fail2ban)
Thanks for your answer, but how exactly to assign an IP to the docker? Sorry, but this is the part I'm probably struggling with...
-
[Support] Linuxserver.io - SWAG - Secure Web Application Gateway (Nginx/PHP/Certbot/Fail2ban)
Hi, I have the following mapping for my SWAG docker container: 172.16.0.2:443/TCP 192.168.1.10:1443 172.16.0.2:80/TCP 192.168.1.10:180 where 192.168.1.10 is the main IP address of my Unraid server and hence I use ports 1443/180 instead of 443/80, as those are already taken. I do have free IP address in 192.168.1.0/24 range and would like SWAG to listen on dedicated IP, i.e. 192.168.1.11 (and possibly other IPs from this range, for different proxied services). That way I could bind it to regular 443/80 ports (assuming no other docker containers would use that IP). How shall I approach this? I'm thinking some additional parameters for SWAG container would help? if so, shall I somehow make additional IPs available for the docker first?
-
[Plugin] CA Appdata Backup / Restore v2
Hello, seeking for help. One of my discs won't suspend. The only active stream is this one: Seems like hang? What could be causing this behavior?
-
Update hangs forever when adding more than one mount tag
Seems I'm facing the same problem. Is it still existing, known issue?
-
Time Machine with separate user (Ransomeware protection)
Thanks for your answers. I will try to clarify a bit: I'm working on macOS Monterey 12.1 on iMac and Macbook (thus two TM shares below, but I tried with one only as well with the same effects). Time Machine on UNRAID is (somehow) working. Standard setup is quite straight forward and difficult to make it wrong. However my problem is that to make it work TM share user must be the same as regular smb user AND time machine share must be mounted first, before mounting any other share (I saw other chaps having the same problem in the above links you both have provided). What I want is: reg_user – r/w rights to regular SHARE_A, SHARE_B, SHARE_C, etc... tm1_user – r/w rights to TM1_SHARE (Time Machine enabled, for my iMac) tm2_user – r/w rights to TM2_SHARE (Time Machine enabled, for my Macbook) I do not want to access TM shares as smb shares at all. They should be not visible and not writable for reg_user. Such a config was working perfectly fine on Synology. The only disadvantage was that I had to limit TM volumes size by creating .com.apple.TimeMachine.quota.plist file in each share: <!DOCTYPE plist PUBLIC "-//Apple//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd"> <plist version="1.0"> <dict> <key>GlobalQuota</key> <integer>SIZE_IN_BYTES_HERE</integer></dict> </plist> but this is a side comment and was not an issue. There was no problem with TM share visibility, different users for TM and regular shares nor with an order of mounting shares (in fact requirement to mount TM share first is quite annoying). On UNRAID 6.9 Time Machine config seems to be broken. It can probably be fixed by using some combinations of direct smb-extra.conf configs, but I think I will pass for now and wait until it is done properly out-of-the-box. Anyways, many thanks for your help.
-
Time Machine with separate user (Ransomeware protection)
Thanks, but I reckon it would be rather difficult to implement this approach for Apple Time Machine application. Best would be really to have a possibility to connect to TM share using different, dedicated user account – as it was meant to be originally.
-
Time Machine with separate user (Ransomeware protection)
As this is my the very first port here - hello to everyone . I'm new to UNRAID, migrating from Synology. My problem is with Apple Time Machine. Probably as for many users it serves two purposes: hardware fault and ransomware protection. This second option is equally important as the first one. So far I considered Time Machine as quite good ransomeware protection, as not only its share is not widely visible, but also dedicated user is required to connect to connect in Time Machines setting on Mac OS. Thus day-to-day user cannot access Time Machine shares directly (as a share) which means that potential ransomware will have much harder task accessing and encrypting Time Machine data. Unfortunately in UNRAID such a setup is not possible. Even if theoretically it is possible to create dedicated user which will have access to Time Machine shares, it is not working in practice. The very same user must be able to access both regular shares, as well as Time Machine shares. Otherwise Time Machine shares are not visible in Mac OS settings (not listed in Time Machine settings). The only thing which can be done is to set Time Machine share as not visible. That way is far from perfect from ransomware protection point of view. Once ransomware will gain access as day-to-day user account it can easily access and encrypt Time Machine data. Is is possible to define Unraid Time Machine as it is in Synology? (Time Machine not visible and not accessible via SMB; visible and accessible with dedicated user via Mac OS settings panel only) Thanks in advance for any answers and advises!