bombz

Members
  • Posts

    459
  • Joined

  • Last visited

Converted

  • Gender
    Undisclosed

Recent Profile Visitors

The recent visitors block is disabled and is not being shown to other users.

bombz's Achievements

Enthusiast

Enthusiast (6/14)

3

Reputation

  1. Not a bad idea. I will keep that in mind. I went another route being the second server is old hardware that I am using solely for storage 01. create NFS share 02. setup docker on the primary NAS with the host path pointing to the other NAS NFS share 03. follow the guide to setup the docker on the primary NAS 04. Done Why I couldn't get SWAG on the secondary nas to pull certs is beyond me. Thanks!
  2. Cool. Is there a step guide that explains this? Been trying to point my SWAG to another docker service / system I have been trying to setup another swag instance on another unraid server without success. Not sure if I can run 2 instances on the same network on 2 different servers.
  3. +1 I would like to know this too ! To be able to point SWAG running on unraid -> another unraid server running other dockers
  4. Hello, I have successfully setup the SWAG docker on one of my unraid servers and has been working well for some time. I setup another unraid server I would like to run some dockers on separate from my current server. These servers are on the same network/subnet I have added the port forwarding rules and firewall rules I have added the swag to this new server and attempted to get the cert for this subdomain I would like to use on this second server however I always received the following error Certbot failed to authenticate some domains (authenticator: standalone). The Certificate Authority reported these problems: Domain: ***************** Type: unauthorized Detail: Invalid response from https:*************/.well-known/acme-challenge/GDsJPauIBpmR07lLXweaxJDIqW3wgFA10Fd3dKSUr1w [WAN IP ADDRESS]: " <html>\n <head>\n <title>Welcome to our server</title>\n <style>\n body{\n " Hint: The Certificate Authority failed to download the challenge files from the temporary standalone webserver started by Certbot on port 80. Ensure that the listed domains point to this machine and that it can accept inbound connections from the internet. Some challenges have failed. Ask for help or search for solutions at https://community.letsencrypt.org. See the logfile /var/log/letsencrypt/letsencrypt.log or re-run Certbot with -v for more details. ERROR: Cert does not exist! Please see the validation error above. The issue may be due to incorrect dns or port forwarding settings. Please fix your settings and recreate the container I can ping this domain (dns) from the internet and replies back as well If I add this same subdomain on my SWAG docker I already have setup it gets the cert with no issues.... the problem with that is I cannot point it to the other docker on the other server..... I cannot figure out why it is not working, I have tried different ports, rules, etc. and nothing seems to be working. Can I have 2 separate SWAG docker instance running on the same network/subnet... as I don't think there is a way to use my existing SWAG docker to point to another docker container on another unraid server Going to have to set it up on my server running swag successfully until I can figure this out or someone can assist Any ideas?
  5. Hello, I have posted my diagnostics for some assistance. Keep in mind this NAS is sort of a test NAS I created from old hardware and upgraded RAM and CPU to what the motherboard would support. Fix uncommon problems is reporting: Rootfs file is getting full (currently 92 % used) Is this cause of the RAM? unraidNAS-diagnostics-20210808-1202.zip
  6. Hey Frank, As always thanks for reaching out. I dug down into the firewall today and opened it up to test. Seems that was the concern. I will reach out if there are any further concerns. Thanks again!
  7. I attempted to Deleting /boot/config/._Trial.key and Trial.key which allowed me to attempt to start the process over, same issue persists.
  8. Hello, Attempting to use the trial key to test some hardware before purchase Prompted with: no connection and states cannot connect to the key server I am able to ping outside the network to public addresses with success here are the reoccurring logs Jul 8 15:11:36 Tower ntpd[3017]: ntpd 4.2.8p15@1.3728-o Tue Oct 20 18:42:21 UTC 2020 (1): Starting Jul 8 15:11:36 Tower ntpd[3017]: Command line: /usr/sbin/ntpd -g -u ntp:ntp Jul 8 15:11:36 Tower ntpd[3017]: ---------------------------------------------------- Jul 8 15:11:36 Tower ntpd[3017]: ntp-4 is maintained by Network Time Foundation, Jul 8 15:11:36 Tower ntpd[3017]: Inc. (NTF), a non-profit 501(c)(3) public-benefit Jul 8 15:11:36 Tower ntpd[3017]: corporation. Support and training for ntp-4 are Jul 8 15:11:36 Tower ntpd[3017]: available at https://www.nwtime.org/support Jul 8 15:11:36 Tower ntpd[3017]: ---------------------------------------------------- Jul 8 15:11:36 Tower ntpd[3019]: proto: precision = 0.042 usec (-24) Jul 8 15:11:36 Tower ntpd[3019]: basedate set to 2020-10-08 Jul 8 15:11:36 Tower ntpd[3019]: gps base set to 2020-10-11 (week 2127) Jul 8 15:11:36 Tower ntpd[3019]: Listen normally on 0 lo 127.0.0.1:123 Jul 8 15:11:36 Tower ntpd[3019]: Listen normally on 1 br0 10.1.0.108:123 Jul 8 15:11:36 Tower ntpd[3019]: Listen normally on 2 lo [::1]:123 Jul 8 15:11:36 Tower ntpd[3019]: Listening on routing socket on fd #19 for interface updates Jul 8 15:11:36 Tower ntpd[3019]: kernel reports TIME_ERROR: 0x41: Clock Unsynchronized Jul 8 15:11:36 Tower ntpd[3019]: kernel reports TIME_ERROR: 0x41: Clock Unsynchronized Jul 8 15:11:36 Tower root: Starting NTP daemon: /usr/sbin/ntpd -g -u ntp:ntp Jul 8 15:11:37 Tower emhttpd: error: get_limetech_time, 256: Invalid argument (22): -2 (60) Jul 8 15:11:37 Tower emhttpd: error: get_limetech_time, 256: Invalid argument (22): -2 (60) Jul 8 15:11:38 Tower emhttpd: error: get_limetech_time, 256: Invalid argument (22): -2 (60) Jul 8 15:11:39 Tower emhttpd: error: get_limetech_time, 256: Invalid argument (22): -2 (60) Jul 8 15:11:40 Tower emhttpd: error: get_limetech_time, 256: Invalid argument (22): -2 (60) Jul 8 15:11:43 Tower emhttpd: error: get_limetech_time, 256: Invalid argument (22): -2 (60) Jul 8 15:11:44 Tower emhttpd: error: get_limetech_time, 256: Invalid argument (22): -2 (60) Jul 8 15:11:45 Tower emhttpd: error: get_limetech_time, 256: Invalid argument (22): -2 (60) Any recommendations are welcome. Thank you,
  9. Awesome thanks! Docker update pushed, updating now.
  10. Hey, Awesome! I appreciate that. Glad to hear it is still alive and active. Thank you for your time and support. I look forward to more posts moving forward. Thank you to the whole community as well!
  11. It would be nice to see a way to manage user 2FA from the admin GUI. There was a time I had a user created, but lost the 2FA code on the phone. The only work around was to make a new ADMIN user on AG and disable the old one as there was no way to reset that previous ADMIN user to setup 2FA again on that user (if I explained that correctly) Love the app, looking forward to new updates to come down the pipe!
  12. Fair enough. Find it odd the change required on the workstation side, never had to have RDP exception enabled on the local workstation in the past and was functional with AG.... It makes sense it needs to be, was puzzled was all of what changed recently. Thanks again for the support and fast response, I wasn't sure if this thread was 'dead' Appreciate it !
  13. Hello, Yes that is correct. Hostname = internal IP of system Port = RDP port Confirmed -- "GUACAMOLE PROXY PARAMETERS (GUACD)" are empty I was messing around with the local workstations 'Windows Firewall' It seems: Disabling the local workstations firewall allows AG to connect Adding the RDP exception to the windows firewall (while the firewall is enabled) works as well However, I am worried that may be a potential security risk of the sort. Thoughts?
  14. Hello, I was using AG with no issue and recently have ran into this concern I can connect to everything else but this one system. I can't see to track down what the concern may be. Anyone else have this concern? guacd[758]: INFO: User "@5835a4e1-fbd6-4273-a68c-b90cb9634f11" disconnected (0 users remain) guacd[758]: INFO: Last user of connection "$bc849b57-11d4-4807-83b1-39f9b0482739" disconnected guacd[30]: INFO: Connection "$bc849b57-11d4-4807-83b1-39f9b0482739" removed. guacd[30]: INFO: Creating new client for protocol "rdp" guacd[30]: INFO: Connection ID is "$0b6b9bd1-1933-4d62-81a3-065b121a6a41" guacd[775]: INFO: Security mode: NLA guacd[775]: INFO: Resize method: display-update guacd[775]: INFO: User "@491f6ba2-db58-42e9-adcd-30d53c12f8e7" joined connection "$0b6b9bd1-1933-4d62-81a3-065b121a6a41" (1 users now present) guacd[775]: INFO: Loading keymap "base" guacd[775]: INFO: Loading keymap "en-us-qwerty" guacd[775]: INFO: RDP server closed/refused connection: Connection failed (server unreachable?) guacd[775]: INFO: User "@491f6ba2-db58-42e9-adcd-30d53c12f8e7" disconnected (0 users remain) guacd[775]: INFO: Last user of connection "$0b6b9bd1-1933-4d62-81a3-065b121a6a41" disconnected guacd[30]: INFO: Connection "$0b6b9bd1-1933-4d62-81a3-065b121a6a41" removed. guacd[30]: INFO: Creating new client for protocol "rdp" guacd[30]: INFO: Connection ID is "$c4cf9241-1f9f-4654-8db4-305ccbb9228f" guacd[792]: INFO: Security mode: NLA guacd[792]: INFO: Resize method: display-update guacd[792]: INFO: User "@5cff0582-cef0-415e-9bdf-ea8e431fd464" joined connection "$c4cf9241-1f9f-4654-8db4-305ccbb9228f" (1 users now present) guacd[792]: INFO: Loading keymap "base" guacd[792]: INFO: Loading keymap "en-us-qwerty" guacd[792]: INFO: RDP server closed/refused connection: Connection failed (server unreachable?) EDIT: It seems that Windows Firewall prevents the connection now (maybe a windows update). Disabling Windows firewall or allowing RDP via the workstation firewall resolves this concern. What is strange, in the past, Windows firewall did not need the RDP exception set (enabled) to make the connection to the workstation via AG/RDP. Anyone else see this change as of recent? Thanks,
  15. Running into a concern with AG. I have setup everything successfully, and I can access the drive share remotely, but I can only upload to the drive share. I cannot download or add any files to the download directory \\guacamole\rdp shares\<hostname>\Download when I attempt to access this share on the local system over the LAN it states I do not have permission to access the share. When I try to change/add an owner to this share, it does not allow it.... I get an error "an error occurred while applying security information to: <share name here> failed to enumerate objects in the container. Access is denied" "unable to set new owner on download. Access is denied" anyone run into this issue?