danioj
-
Posts
1,530 -
Joined
-
Last visited
-
Days Won
1
Content Type
Profiles
Forums
Downloads
Store
Gallery
Bug Reports
Documentation
Landing
Posts posted by danioj
-
-
Feedback for script:
- a way to set xx backups stored automatically would be great (see it's already on the wish list)
- VMs should only be restarted IF they were already running, or at least an option to choose. I have VMs that aren't always on that I don't want starting after the backup
Point 1: I am implementing this now.
Point 2: I give an option (albeit with a logging issue until now) to restart a vm after a backup. You can specify this in the options. But so I understand you want this:
- if vm is started and option to restart is set then start
- if vm is NOT started and option to restart is set then DONT start (because it wasn't started to begin with)?
Yes, exactly:
1a - start VM after backup - yes/no
1b - if 1a is yes, only start VM if VM previously on - yes/no
Thanks for looking into this
NP. Easy to implement. Tested and seems to be working ok. Just working on getting the function to only keep backups of a certain age. Want to make sure I get this right as I am deleting files.
For those who are keeping watch, am implementing system whereby backups of # days old are kept not # of backups.
E.g.:
If backup_days_to_keep = 3 then backups of 3 days and younger will be kept. Anything older will be deleted.
Some restrictions:
- Only works when timestamp switch is also enabled.
- Only works with files which match script time stamping format.
- Only executes on a successful backup.
- Will ensure there is always at least 1 backup remaining.
Meaning (as per example above) create as many #'s of backups and if they are younger than 3 days they will all be left alone. As soon as they are older they will all be deleted.
I like this method better than just defining number of backups to keep.
-
Feedback for script:
- a way to set xx backups stored automatically would be great (see it's already on the wish list)
- VMs should only be restarted IF they were already running, or at least an option to choose. I have VMs that aren't always on that I don't want starting after the backup
Point 1: I am implementing this now.
Point 2: I give an option (albeit with a logging issue until now) to restart a vm after a backup. You can specify this in the options. But so I understand you want this:
- if vm is started and option to restart is set then start
- if vm is NOT started and option to restart is set then DONT start (because it wasn't started to begin with)?
-
Hi Danioj!
I have finally found time to play around with this script for my VMs, I used it on a test VM first just to be safe. It all worked perfectly however some of the configuration options confused me slightly (not difficult!)
For example the startvm setting, in the config file
1) default is 0 but set this to 1 if you would like to start a vm after it has successfully been backed up
in the log file while running this set to 1 it shows
2) information: start_vm_after_backup is 1 vms will not be started following a successfull backup
and the log after the backup shows
3) action: start_vm_after_backup is 1. starting Ubuntu.
so it looks like the first log note is incorrect noting that if set to 1 the vm will not be restarted. This also applies to killvm and startvm_afterfailure
other than that it was entirely successful, thanks!
Captured this. This was a typo error in the logging.
-
What are you trying to accomplish?
You should have a strong password assigned to your root account if you have had security issues on the LAN side.
But the Telnet access (and you should have shut straight Telnet down and be using SSH) and the GUI are administrator logins and are to be used only for administrative functions. Whenever you are using the GUI, you have full administrator (or root) privileges on the server and you should only be logging if you are intending to use them. You should 'feel' like you are the root user and realize exactly what you can do. And you should be attempting to deny any other users from having access to either of these interfaces.
As a matter of fact, you will find out that root is not allowed to log into a a user share on SMB (and I would presume NFS). This was done for security reasons.
A big security hole still to be plugged is the use of http for the GUI. Conversion to https is on the drawing boards and should be coming soon.
I wanted to put some real thought into this reply, hence the delay. Not sure how that has worked though, given I am replying in the hotel bar
I think what I have teased out here is a new requirement.
I understand that access the webgui is seen as an administrative task. However, I access the webgui regularly for information only. I see this access as non administrative. As a result I don't want to store my server "root" credentials in my browser NOR do I want to type them in every time I want check some information in the webgui.
I think what I am looking for is an unRAID webgui "Information View" - much like dd-wrt has (for those who are familiar) - without the raised privileges of root. I believe there is a usecase here that is not limited to just me. I have taken note of my behaviour over the last few days (which I think represents my typical behaviour) and the amount of times I access the webgui WITHOUT performing administrative tasks (i.e. for information / status only) is almost 95 (information)/5 (action)% split. This means that under the current design I am elevating myself to root when I really have no need to.
Obviously this comes down to definitions of what information you consider to be "administrative only" but IMHO status of disks, reads/writes, docker status, vm status and the like etc is safe enough to expose without elevating to root OR at least give me an option to (like dd-wrt).
I will think about this some more and will work on articulating this requirement (and now I read my dd-wrt comparison, I feel like I have mentioned this before - but can't remember the link) as per LT's guidance on doing so.
P.S. Both replies so far have mentioned root access to shares. I am familiar with this design / restriction. This is not about shares.
-
Sorry for the delays guys. I've been working interstate past couple of weeks and am in Sydney now.
I have a new version running on my servers at home. If they have run without error when I get back I shall upload. I think I've ironed out much of the remaining bugs.
-
As far as I know the unRAID GUI can only be accessed using the root user.
Note that shares are not allowed to use the root user for protected shares. For Public shares then the user is ignored.
Given the lack of search results I started to think that would be the case. Nice to have it confirmed. Guess I'll have to save the root user and password combo in Safari for quick access.
Good note re root user and shares for others who stumble on the post and don't know.
Thanks for the quick response, I appreciate it.
-
I'm sure this has been answered before but a few searches have not shown me any results.
I've just had a significant security event which has led me to address my policy of "trusting" the LAN and clients on the LAN.
As a result I am adding users, securing shares etc.
One question I have relates to the root user. Principally I was always taught never to use root. I never bothered before because I only used it to telnet into the sever. However now I find myself typing it in to access the GUI and it just "feels" wrong.
Anyway, my question is, can I grant WebGUI access to a different user account? If so, how is this achieved? Just adding that user to a group (didn't want to guess just in case I wreck something)?
Thanks in advance! [emoji4]
Sent from my iPhone using Tapatalk
-
^^^
* Bump! *
-
...
Just re-read the post I replied to initially.
v2.03 is the fix. It must not be in the AppStore yet. Will wait.
Sorry for jumping the gun with a defect report.
Sent from my iPhone using Tapatalk
Yes, v2.0.3 is under the App Store submission process. Hopefully later today they will ready it for release
Somehow I made a mistake in the initial submission, which distributed an older build, thus the issues.
As soon as this release is stable, I will look into alternative update services (given the app is based on React Native)
About the price, yes it seems expensive (7.99 AUD ~ 6.10 USD). The original price is 4.99 USD, which doesn't seem too unreasonable, but the App Store sets the price for other markets. I wonder if it's applying taxes ? It's 4.99 EUR as well
Thanks for the quick reply. Bloody Australia! We always pay more for stuff "down under".
Like I said, I've seen what you've done with developing and supporting unBalance and with that alone I was happy to pay for the app. Even now, when I haven't even been able to use it yet, I'm sure I am going to be happy!
-
I cannot say enough good things about Emby. It just works. You install the docker. Scan you library. Install the Plugin. Configure the plugin. Sync (VERY fast) with KODI. Done. Ongoing Sync is excellent and-pretty much instantaneous to my eyes.
Issue I have with running MySQL is that every time there is a KODI upgrade you have to mess around with your MySQL library too. Plus you have to run another docker for this. Emby is all in, server and library sync.
I have the Emby plugin running on LibreELEC and it is flawless. Flawless. I don't use that term lightly.
I have tried all the options that you are considering and I have landed on Emby.
I love it!
I'd concur with this.
From a user / usability perspective, the Emby plugin approach is much more manageable and friendly than setting up what's essentially a hack to use a single DB with Kodi. (I looked into it about 18 months ago and didn't take to the process too well).
I use it extensively across several Kodi instances on Windows and OSX and it just works. My clients run mostly 24/7 but in cases where I have occasion to shut them down or restart for any reason, the sync speed is so reasonable as to be largely irrelevant.
Only two things bug me;
1. Emby itself can take some time to recognise new media dropped into it's watched folders. Therefore it doesn't show up, even in Emby web UI, for a while
2. There doesn't seem to be auto-update of the Kodi plug-in. (maybe I've missed something?).
Emby has a real time scan enabled by default and this is what you are saying can "take a while":
I agree it is not always instantaneous, but I find that its always a matter of minutes rather than hours etc. I would suggest people think practically about how often they are sat in from of their TV waiting for a scan where by seconds / minutes matter that much! But hey-ho, each to their own!
However, if you're not happy with the real time monitoring then you can enable scheduled tasks to scan your library on intervals of your choosing. Remembering that after the initial scan all future scans are incremental and fast.
I personally however think if one was unhappy with the real time monitoring then there is a better way (so you don't have to do the scheduled incremental library scan) - IF you use an application to get your media for you. Often such applications have "notification settings" where in which you can set said application to "notify" Emby when a new file has been added to the folder structure and it is instantly added to the Emby library. You need the Emby API key for this and it is located (almost hidden in Emby settings) here:
Emby>Manage Server> Scroll to bottom of main window>bottom of page link called "Api"
Once Emby is updated, the KODI Add-On is that good that updates to KODI are almost instantaneous to my eyes.
Furthermore, in LibreELEC (I don't know if this is in Vanilla KODI) under the Emby Add-on settings there is an option called "Auto-update". Tick this and then the add-on gets updated automatically just like any other add-on.
Hope this helps!
-
Obviously, we have numerous choices now for syncing Kodi libraries and watch status (plexconnect, embyconnect, mysql). While I like the idea of using Plex or Emby for my Kodi library needs, the thing that has always bothered me is the fact that it is not instantaneous (like mysql). It writes the data locally and then syncs it. Correct? If so, I just see this process barfing too often.
My other niggle is that I like to keep my Kodi (OpenELEC) instances as stock as possible. Having to install addons to perform a function that I can do via a couple of lines in advancedsettings.xml bothers me...more things that could break.
Then again, mysql isn't exactly and Out-Of-the-Box, simple solution. And, upgrading presents its own challenges.
Is my concern justified at all?
Please be objective. I'm not looking for perspective that is completely tainted with brand loyalty.
John
I cannot say enough good things about Emby. It just works. You install the docker. Scan you library. Install the Plugin. Configure the plugin. Sync (VERY fast) with KODI. Done. Ongoing Sync is excellent and-pretty much instantaneous to my eyes.
Issue I have with running MySQL is that every time there is a KODI upgrade you have to mess around with your MySQL library too. Plus you have to run another docker for this. Emby is all in, server and library sync.
I have the Emby plugin running on LibreELEC and it is flawless. Flawless. I don't use that term lightly.
I have tried all the options that you are considering and I have landed on Emby.
I love it!
-
I've submitted v2.0.3 to both Play Store and App Store.
It should fix the issues with adding servers on iOS.
As for Android, a forum member is kindly helping me debug the issue. Hope to get to the bottom of it.
iOS v: 9.3.5
Phone: iPhone 6
App v: 2.02
I read the thread 5 mins ago over my morning coffee and without skipping a beat I went to the App Store and purchased the app.
$7.99 (AUD) is usually more than I care to pay for apps but I figure I owe you as a contribution to unBalanace anyway!
Saying that, I can't get the app to work. I cannot add a server.
I tried automated discovery first. It scans each IP until it gets to my first unRAID server and then hangs. See pic.
Then I tried manually adding the server. Unfortunately that doesn't work either. The keyboard eventually raises (after a few taps) but then I can't enter anything in any box. All that happens is that an error comes up asking me to enter a valid IP address. Which given nothing is entering into the text box, I can't. See pic.
For each issue I've tried to kill the app and restart. Even tried a fresh install. Nothing is working.
I thought I had to stay on iOS v9.3.5 because of a compatibility issue with a work app but a fix is coming out today for that so I'm upgrading to iOS10 now. Don't know if that will fix it.
Sent from my iPhone using Tapatalk
Just re-read the post I replied to initially.
v2.03 is the fix. It must not be in the AppStore yet. Will wait.
Sorry for jumping the gun with a defect report.
Sent from my iPhone using Tapatalk
-
I've submitted v2.0.3 to both Play Store and App Store.
It should fix the issues with adding servers on iOS.
As for Android, a forum member is kindly helping me debug the issue. Hope to get to the bottom of it.
iOS v: 9.3.5
Phone: iPhone 6
App v: 2.02
I read the thread 5 mins ago over my morning coffee and without skipping a beat I went to the App Store and purchased the app.
$7.99 (AUD) is usually more than I care to pay for apps but I figure I owe you as a contribution to unBalanace anyway!
Saying that, I can't get the app to work. I cannot add a server.
I tried automated discovery first. It scans each IP until it gets to my first unRAID server and then hangs. See pic.
Then I tried manually adding the server. Unfortunately that doesn't work either. The keyboard eventually raises (after a few taps) but then I can't enter anything in any box. All that happens is that an error comes up asking me to enter a valid IP address. Which given nothing is entering into the text box, I can't. See pic.
For each issue I've tried to kill the app and restart. Even tried a fresh install. Nothing is working.
I thought I had to stay on iOS v9.3.5 because of a compatibility issue with a work app but a fix is coming out today for that so I'm upgrading to iOS10 now. Don't know if that will fix it.
Sent from my iPhone using Tapatalk
-
Hey Sparkley, I've installed the PhotoShow docker, but it's giving me a 504 Gateway Timeout error every time I try to access the user interface. Well, almost every time - when I first launched the WebUI, it gave me the "create admin account" screen, and I did so, every time since that I've gotten the 504.
Here's my configuration:
I changed ports to :8082 so that it doesn't conflict with unRAIDs own menu, otherwise it's pretty stock.
I can see where it's possible that having the ../thumbs path as part of the ../Photos path could create some recursive scanning issues (just thought of that), so I can change that, I'm certainly not married to it.
I'm attaching the access.log and photoshow.log from my /config directory - you can see the 504 errors in there, but I'm not knowledgeable enough to know if there's any other useful info in there.
Beyond changing the /thumbs path, is there anything else I should do? I've already uninstall/deleted it once. I can do it again and remove the config info and start from scratch if that would help.
Just for fun, I've refreshed the browser a few times since posting. Now I'm getting an error 502 Bad Gateway. It seems I've gone from slow to bad...
I spoke with @Sparklyballs and while he hasn't done much with either container for some time, the linuxserver.io version is the one that is going to be maintained going forward.
First and foremost, can you initially try and install that container and see if you have the same issue? If so, post back on that support thread and we shall see if we can help you!
-
Is this a normal pre-clear or was the post read abnormally slow?
Your post read was a little longer than I have seen, but that might be because you didn't use the "faster" script by bjp as I do.
If you just used the normal script, id say that is fine. Certainly the SMART data is fine.
-
I hope I am not being stupid here, but I am trying to install the CalibreServer container and I cannot get it running.
I am running 6.2 RC5. My other settings are:
Host Port 1: Container Port: 5060
Host Path 2: Container Path: /mnt/user/nas/Books/
Host Path 3: Container Path: /mnt/user/downloads/complete/books/
Key 1: Container Variable: user
Key 2: Container Variable: password
I can't see what I am doing wrong. Any help would be appreciated.
Here is the log snippet:
*** Running /etc/my_init.d/00_regen_ssh_host_keys.sh... No SSH host key available. Generating one... Creating SSH2 RSA key; this may take some time ... Creating SSH2 DSA key; this may take some time ... Creating SSH2 ECDSA key; this may take some time ... Creating SSH2 ED25519 key; this may take some time ... invoke-rc.d: policy-rc.d denied execution of restart. *** Running /etc/my_init.d/firstrun.sh... Installing Clean - Apply any Custom Edits 2016-09-15 23:52:15 URL:https://raw.githubusercontent.com/kovidgoyal/calibre/master/setup/linux-installer.py [26007/26007] -> "-" [1] Traceback (most recent call last): File "<string>", line 1, in <module> File "<string>", line 673, in main File "<string>", line 658, in run_installer File "<string>", line 634, in download_and_extract File "/usr/lib/python2.7/shutil.py", line 256, in rmtree onerror(os.rmdir, path, sys.exc_info()) File "/usr/lib/python2.7/shutil.py", line 254, in rmtree os.rmdir(path) OSError: [Errno 16] Device or resource busy: '/opt/calibre' Installing to /opt/calibre Downloading tarball signature securely... Will download and install calibre-2.67.0-x86_64.txz Downloading calibre-2.67.0-x86_64.txz Downloaded 5.003515% Downloaded 10.007029% Downloaded 15.010544% Downloaded 20.014059% Downloaded 25.017574% Downloaded 30.021088% Downloaded 35.024603% Downloaded 40.028118% Downloaded 45.031632% Downloaded 50.035147% Downloaded 55.038662% Downloaded 60.042176% Downloaded 65.045691% Downloaded 70.049206% Downloaded 75.052721% Downloaded 80.056235% Downloaded 85.059750% Downloaded 90.063265% Downloaded 95.066779% Downloaded 62542916 bytes Checking downloaded file integrity... cp: cannot stat ‘/downloads/calibre-edits/calibre/resources/content_server’: No such file or directory /etc/my_init.d/firstrun.sh: line 12: /opt/calibre/calibre-server: No such file or directory Defining Cron job from crons.conf /opt/calibre/crons.conf: No such file or directory Launching Cron e /etc/my_init.d/firstrun.sh: line 23: /opt/calibre/calibredb: No such file or directory *** Running /etc/rc.local... *** Booting runit daemon... *** Runit started as PID 111 /usr/sbin/cron: can't lock /var/run/crond.pid, otherpid may be 107: Resource temporarily unavailable /usr/sbin/cron: can't lock /var/run/crond.pid, otherpid may be 107: Resource temporarily unavailable /usr/sbin/cron: can't lock /var/run/crond.pid, otherpid may be 107: Resource temporarily unavailable /usr/sbin/cron: can't lock /var/run/crond.pid, otherpid may be 107: Resource temporarily unavailable /usr/sbin/cron: can't lock /var/run/crond.pid, otherpid may be 107: Resource temporarily unavailable /usr/sbin/cron: can't lock /var/run/crond.pid, otherpid may be 107: Resource temporarily unavailable /usr/sbin/cron: can't lock /var/run/crond.pid, otherpid may be 107: Resource temporarily unavailable /usr/sbin/cron: can't lock /var/run/crond.pid, otherpid may be 107: Resource temporarily unavailable /usr/sbin/cron: can't lock /var/run/cron
-
Thanks for the script, very useful.
One suggestion, since vdisks by default are sparse use --sparse on rsync (or cp instead) to make the backups, say you have a 120GB vdisk but only 20GB are allocated, the way it is now the backup will use 120GB, with --sparse or cp it would only use 20GB.
Thanks. Excellent suggestion.
I will probably use the rsync switch.
-
2nd cron backup worked fine. The next issue I see is the multiple dated backups taking up considerable space. Will look at deleting after a set number or time period
Would you like to see only one maintained or a simple switch which allows you to choose how many you can keep?
-
That's great do you know if the version of par2 you guys have used in this container can use the switch in my pic?
Sent from my Nexus 5 using Tapatalk
Isn't that the switch to "enable" multi core support for certain versions of par2?
Without getting too technical about it, I guess the root of my question is - if it's enabled by default in this container, what would you need that switch for?
Sent from my iPhone using Tapatalk
-
Hi guys,
Love your containers, and see that you've mentioned previously in the thread that PAR2 Multicore should be enabled as part of this container however when i browse the default skin and check my PAR2 settings there is NO tick in the greyed out enable multicore par2... Is this to be expected? And if it is enabled and this is related to PAR2 not being recognized as there are there any default PAR2 parameter settings that are being used straight out the box? i'm getting PAR2 switch error using the following:
I don't believe that this option in sabnzbd is indicative of multi-core par2 being installed. I know that sounds weird but my understanding (and I might be wrong) is that sabnzbd has no idea whether it is or not as all it can see is par2.
I checked with the group and it doesn't appear you have to do anything else to enable it. The container is configured to use multicore par2 by default.
If you wanted "proof" for yourself I guess downloading a large corrupt download then when repairing you could use the "top" command and if there is more than one instance I guess that would be reasonable enough proof that more than one core is being used.
I guess if I'm wrong someone will correct me!! [emoji4]
Sent from my iPhone using Tapatalk
-
That looks great!
-
This script did not seem to shutdown the VM for me. I had no problem shutting down the VM manually, after which, the script ran fine. Also, I expected the log window to echo the comments as it stepped through the script but, it waited until after my 100GB VM img file was copied and the rest of the script fully executed before showing the echoed comments.
The main part is it works as intended. The rest is cosmetic.
I was going to look into adding mount / umount for my external backup hdd. Is it something you have considered? I was going to look at adding it to the script or adding a wrapper script to call you script in between mounting and unmounting my drive
I did some work on this yesterday. I found a number of bugs based on the comments that have been made to date.
I am putting together an update.
-
I found that the recent update reset the admin password to default. I've updated it again, but how do I avoid this with future updates?
Sent from my iPhone using Tapatalk
As the description indicates, every time you update / reinstall the container you have to reset the password.
As a reminder, you do this from the Cli.
docker exec -it openvpn-as passwd admin
Also, you will have to re-add any uses you use beyond admin too.
docker exec -it openvpn-as adduser <user>
Nice and quick though!!
Isn't this a huge security risk?
Sent from my iPhone using Tapatalk
Well it has to be done locally so it's up to you to harden your Unraid SSH / local access.
If your question is in relation to local Cli access @CHBMB is spot on. A quick forum search will show you how to enable SSH (which in itself offers more security than Telnet), use of certificate keys for logging on and even disabling Telnet via a script in your go file.
SSH is standard with unRAID in v6. Here is the post I keep in my notes for this:
https://lime-technology.com/forum/index.php?topic=35107.0
For disabling Telnet you have to edit your Go file:
http://lime-technology.com/forum/index.php?topic=51486.0
However, if you are talking broader security with OpenVPN-AS you are right it "could" pose a slight security issue. Essentially this is due to the fact that by resetting the Admin password to default you are making accessing the Admin and Connect interfaces accessible via the default password.
That being said, if you follow these simple rules then I think you are safe:
1. Do not expose the Connect or Admin interfaces to the Internet.
There is literally no need to open these interfaces to the internet in the majority of cases. You're a home user (I imagine, as are the majority of those who use unRAID) and you can access these interfaces on your LAN to configure / download config files.
2. Use UDP protocol on port 1194 (or other) only for VPN access.
When TCP mode is chosen for the VPN Server protocol, the VPN Server can optionally provide access to these services through its IP address and port. You don't want to do this or forget that its set. So just don't enable it. These settings are however maintained across updates.
3. Update your Container carefully.
If you are really worried, before you update the Container: disable your port forwarding, have a terminal session open with the command ready to execute. If you are even more worried you could have your unRAID server (along with any configuring client) on a dedicated switch so you can isolate other local clients from being able to access the unRAID server for that period of time.
I want to add that #3 is way OTT IMHO but #1 and #2 should be followed to maintain security. I don't run in an environment where LAN clients are not trusted (in that I would never expect someone on the LAN side to maliciously "hack" into the OpenVPN-AS interfaces in the short time they are open when I upgrade). Therefore #3 is not something I really thought about until your question. I would suggest that most unRAID users (without getting Philosophical about it) would consider their LAN secure.
Anyway, in summary, not that much of an issue IMHO.
-
I found that the recent update reset the admin password to default. I've updated it again, but how do I avoid this with future updates?
Sent from my iPhone using Tapatalk
As the description indicates, every time you update / reinstall the container you have to reset the password.
As a reminder, you do this from the Cli.
docker exec -it openvpn-as passwd admin
Also, you will have to re-add any uses you use beyond admin too.
docker exec -it openvpn-as adduser <user>
Nice and quick though!!
Kodi - PlexConnect vs. EmbyConnect vs. MySQL
in Lounge
Posted
I don't have the considerations where other devices have Plex already so for me it's a straight Emby vs Plex and for me Emby wins. So now I have a working setup, moving to Plex offers me nothing (that I can see) that I want.
As for boxsets in Emby. There is a plugin to Emby server called "autoboxsets" which uses TMDB to get Collection data. Then creates the sets in Emby for you. Change Kodi to display sets (via simple switch in Video settings in KODI) and then do a one off manual sync. Done. 5 mins.