bombz

Members
  • Posts

    459
  • Joined

  • Last visited

Everything posted by bombz

  1. Not a bad idea. I will keep that in mind. I went another route being the second server is old hardware that I am using solely for storage 01. create NFS share 02. setup docker on the primary NAS with the host path pointing to the other NAS NFS share 03. follow the guide to setup the docker on the primary NAS 04. Done Why I couldn't get SWAG on the secondary nas to pull certs is beyond me. Thanks!
  2. Cool. Is there a step guide that explains this? Been trying to point my SWAG to another docker service / system I have been trying to setup another swag instance on another unraid server without success. Not sure if I can run 2 instances on the same network on 2 different servers.
  3. +1 I would like to know this too ! To be able to point SWAG running on unraid -> another unraid server running other dockers
  4. Hello, I have successfully setup the SWAG docker on one of my unraid servers and has been working well for some time. I setup another unraid server I would like to run some dockers on separate from my current server. These servers are on the same network/subnet I have added the port forwarding rules and firewall rules I have added the swag to this new server and attempted to get the cert for this subdomain I would like to use on this second server however I always received the following error Certbot failed to authenticate some domains (authenticator: standalone). The Certificate Authority reported these problems: Domain: ***************** Type: unauthorized Detail: Invalid response from https:*************/.well-known/acme-challenge/GDsJPauIBpmR07lLXweaxJDIqW3wgFA10Fd3dKSUr1w [WAN IP ADDRESS]: " <html>\n <head>\n <title>Welcome to our server</title>\n <style>\n body{\n " Hint: The Certificate Authority failed to download the challenge files from the temporary standalone webserver started by Certbot on port 80. Ensure that the listed domains point to this machine and that it can accept inbound connections from the internet. Some challenges have failed. Ask for help or search for solutions at https://community.letsencrypt.org. See the logfile /var/log/letsencrypt/letsencrypt.log or re-run Certbot with -v for more details. ERROR: Cert does not exist! Please see the validation error above. The issue may be due to incorrect dns or port forwarding settings. Please fix your settings and recreate the container I can ping this domain (dns) from the internet and replies back as well If I add this same subdomain on my SWAG docker I already have setup it gets the cert with no issues.... the problem with that is I cannot point it to the other docker on the other server..... I cannot figure out why it is not working, I have tried different ports, rules, etc. and nothing seems to be working. Can I have 2 separate SWAG docker instance running on the same network/subnet... as I don't think there is a way to use my existing SWAG docker to point to another docker container on another unraid server Going to have to set it up on my server running swag successfully until I can figure this out or someone can assist Any ideas?
  5. Hello, I have posted my diagnostics for some assistance. Keep in mind this NAS is sort of a test NAS I created from old hardware and upgraded RAM and CPU to what the motherboard would support. Fix uncommon problems is reporting: Rootfs file is getting full (currently 92 % used) Is this cause of the RAM? unraidNAS-diagnostics-20210808-1202.zip
  6. Hey Frank, As always thanks for reaching out. I dug down into the firewall today and opened it up to test. Seems that was the concern. I will reach out if there are any further concerns. Thanks again!
  7. I attempted to Deleting /boot/config/._Trial.key and Trial.key which allowed me to attempt to start the process over, same issue persists.
  8. Hello, Attempting to use the trial key to test some hardware before purchase Prompted with: no connection and states cannot connect to the key server I am able to ping outside the network to public addresses with success here are the reoccurring logs Jul 8 15:11:36 Tower ntpd[3017]: ntpd 4.2.8p15@1.3728-o Tue Oct 20 18:42:21 UTC 2020 (1): Starting Jul 8 15:11:36 Tower ntpd[3017]: Command line: /usr/sbin/ntpd -g -u ntp:ntp Jul 8 15:11:36 Tower ntpd[3017]: ---------------------------------------------------- Jul 8 15:11:36 Tower ntpd[3017]: ntp-4 is maintained by Network Time Foundation, Jul 8 15:11:36 Tower ntpd[3017]: Inc. (NTF), a non-profit 501(c)(3) public-benefit Jul 8 15:11:36 Tower ntpd[3017]: corporation. Support and training for ntp-4 are Jul 8 15:11:36 Tower ntpd[3017]: available at https://www.nwtime.org/support Jul 8 15:11:36 Tower ntpd[3017]: ---------------------------------------------------- Jul 8 15:11:36 Tower ntpd[3019]: proto: precision = 0.042 usec (-24) Jul 8 15:11:36 Tower ntpd[3019]: basedate set to 2020-10-08 Jul 8 15:11:36 Tower ntpd[3019]: gps base set to 2020-10-11 (week 2127) Jul 8 15:11:36 Tower ntpd[3019]: Listen normally on 0 lo 127.0.0.1:123 Jul 8 15:11:36 Tower ntpd[3019]: Listen normally on 1 br0 10.1.0.108:123 Jul 8 15:11:36 Tower ntpd[3019]: Listen normally on 2 lo [::1]:123 Jul 8 15:11:36 Tower ntpd[3019]: Listening on routing socket on fd #19 for interface updates Jul 8 15:11:36 Tower ntpd[3019]: kernel reports TIME_ERROR: 0x41: Clock Unsynchronized Jul 8 15:11:36 Tower ntpd[3019]: kernel reports TIME_ERROR: 0x41: Clock Unsynchronized Jul 8 15:11:36 Tower root: Starting NTP daemon: /usr/sbin/ntpd -g -u ntp:ntp Jul 8 15:11:37 Tower emhttpd: error: get_limetech_time, 256: Invalid argument (22): -2 (60) Jul 8 15:11:37 Tower emhttpd: error: get_limetech_time, 256: Invalid argument (22): -2 (60) Jul 8 15:11:38 Tower emhttpd: error: get_limetech_time, 256: Invalid argument (22): -2 (60) Jul 8 15:11:39 Tower emhttpd: error: get_limetech_time, 256: Invalid argument (22): -2 (60) Jul 8 15:11:40 Tower emhttpd: error: get_limetech_time, 256: Invalid argument (22): -2 (60) Jul 8 15:11:43 Tower emhttpd: error: get_limetech_time, 256: Invalid argument (22): -2 (60) Jul 8 15:11:44 Tower emhttpd: error: get_limetech_time, 256: Invalid argument (22): -2 (60) Jul 8 15:11:45 Tower emhttpd: error: get_limetech_time, 256: Invalid argument (22): -2 (60) Any recommendations are welcome. Thank you,
  9. Awesome thanks! Docker update pushed, updating now.
  10. Hey, Awesome! I appreciate that. Glad to hear it is still alive and active. Thank you for your time and support. I look forward to more posts moving forward. Thank you to the whole community as well!
  11. It would be nice to see a way to manage user 2FA from the admin GUI. There was a time I had a user created, but lost the 2FA code on the phone. The only work around was to make a new ADMIN user on AG and disable the old one as there was no way to reset that previous ADMIN user to setup 2FA again on that user (if I explained that correctly) Love the app, looking forward to new updates to come down the pipe!
  12. Fair enough. Find it odd the change required on the workstation side, never had to have RDP exception enabled on the local workstation in the past and was functional with AG.... It makes sense it needs to be, was puzzled was all of what changed recently. Thanks again for the support and fast response, I wasn't sure if this thread was 'dead' Appreciate it !
  13. Hello, Yes that is correct. Hostname = internal IP of system Port = RDP port Confirmed -- "GUACAMOLE PROXY PARAMETERS (GUACD)" are empty I was messing around with the local workstations 'Windows Firewall' It seems: Disabling the local workstations firewall allows AG to connect Adding the RDP exception to the windows firewall (while the firewall is enabled) works as well However, I am worried that may be a potential security risk of the sort. Thoughts?
  14. Hello, I was using AG with no issue and recently have ran into this concern I can connect to everything else but this one system. I can't see to track down what the concern may be. Anyone else have this concern? guacd[758]: INFO: User "@5835a4e1-fbd6-4273-a68c-b90cb9634f11" disconnected (0 users remain) guacd[758]: INFO: Last user of connection "$bc849b57-11d4-4807-83b1-39f9b0482739" disconnected guacd[30]: INFO: Connection "$bc849b57-11d4-4807-83b1-39f9b0482739" removed. guacd[30]: INFO: Creating new client for protocol "rdp" guacd[30]: INFO: Connection ID is "$0b6b9bd1-1933-4d62-81a3-065b121a6a41" guacd[775]: INFO: Security mode: NLA guacd[775]: INFO: Resize method: display-update guacd[775]: INFO: User "@491f6ba2-db58-42e9-adcd-30d53c12f8e7" joined connection "$0b6b9bd1-1933-4d62-81a3-065b121a6a41" (1 users now present) guacd[775]: INFO: Loading keymap "base" guacd[775]: INFO: Loading keymap "en-us-qwerty" guacd[775]: INFO: RDP server closed/refused connection: Connection failed (server unreachable?) guacd[775]: INFO: User "@491f6ba2-db58-42e9-adcd-30d53c12f8e7" disconnected (0 users remain) guacd[775]: INFO: Last user of connection "$0b6b9bd1-1933-4d62-81a3-065b121a6a41" disconnected guacd[30]: INFO: Connection "$0b6b9bd1-1933-4d62-81a3-065b121a6a41" removed. guacd[30]: INFO: Creating new client for protocol "rdp" guacd[30]: INFO: Connection ID is "$c4cf9241-1f9f-4654-8db4-305ccbb9228f" guacd[792]: INFO: Security mode: NLA guacd[792]: INFO: Resize method: display-update guacd[792]: INFO: User "@5cff0582-cef0-415e-9bdf-ea8e431fd464" joined connection "$c4cf9241-1f9f-4654-8db4-305ccbb9228f" (1 users now present) guacd[792]: INFO: Loading keymap "base" guacd[792]: INFO: Loading keymap "en-us-qwerty" guacd[792]: INFO: RDP server closed/refused connection: Connection failed (server unreachable?) EDIT: It seems that Windows Firewall prevents the connection now (maybe a windows update). Disabling Windows firewall or allowing RDP via the workstation firewall resolves this concern. What is strange, in the past, Windows firewall did not need the RDP exception set (enabled) to make the connection to the workstation via AG/RDP. Anyone else see this change as of recent? Thanks,
  15. Running into a concern with AG. I have setup everything successfully, and I can access the drive share remotely, but I can only upload to the drive share. I cannot download or add any files to the download directory \\guacamole\rdp shares\<hostname>\Download when I attempt to access this share on the local system over the LAN it states I do not have permission to access the share. When I try to change/add an owner to this share, it does not allow it.... I get an error "an error occurred while applying security information to: <share name here> failed to enumerate objects in the container. Access is denied" "unable to set new owner on download. Access is denied" anyone run into this issue?
  16. OK. I will let you know next time I cycle the array :-) Cheers!
  17. Yes, I suppose no one knows a proper fix for my work around. Perhaps in time as the docker updates in the future. My workaround seems to be OK, but I would like to clean up AG docker so so I can better manage the users. Thank you for all the hard work, it's a really great docker!
  18. Hello see attached I should be able to delete the .txz and plex should disappear However, in the past when I have done this. Unraid GUI still shows plex as installed within the 'settings' page. Any thoughts?
  19. Hello, Yes I am going to attempt via UD, that's where I saw it last time. If I can confirm the mount point I should be able to alter the docker host path to the SMB mount point I don't think I will need another path on Tautulli docker, as the main host path by default points at the cache DIR (plex metadata) I could be wrong though. I will know more this week while I attempt this change.
  20. Hello, I was using a docker in the past with the data on my cache drive. I have since moved to the Windows application but looking to move back to the docker app. My concern is The data needed is on a Windows VM (another physical machine) That data will remain on the Windows VM (another physical machine) How can I point the docker to the Windows VM folder share I would like to use. I will be editing the default Host Path 1 of the docker to the SMB share on the Windows VM. Would I need to create this as a new 'share' within the unraid 'shares' section before the docker would be able to point to this path? EDIT: SMB Shares are on Main> SMB Shares I will have to some share permissions to set on the SMB share and test it out. Thanks,
  21. Hello again, The only work around since I could not figure out how to reset 2FA/TOTP was to Login to the original admin account without 2FA/TOTP enabled Create a new admin user Log out of the original admin user Enable 2FA/TOTP on apache guacamole Login with the new admin user Was then prompted with a QR code for the new admin user Disable the original admin user Everything seems to be OK with the new admin user. However, I cannot edit the details of the new admin user (see attached) Not to sure why that is the case, any ideas?
  22. Is there still no current way to perform a TOTP reset to generate a new code to setup on a different device? I did record the secret key initially when I setup TOTP but not sure if that is of any use with this current concern. I don't understand what you mean regarding clearing the database columns.... can you provide some insight?
  23. Hello, How can you reset 2FA on Apache Guacamole (GA). I can disable 2FA successfully, however when I re-enable it, it asks for a code, and doesn't display a QR code to set it back up. I am looking to generate another QR code? Is that possible?
  24. I don't believe so as I do not recognize that name or plugin :-/ hmm I checked 'nerd pack' and I don't see it in there either, so I am going to say no.
  25. Fix common problems report: Extra packages being installed were found in /boot/extra. It is not recommended to install any packages this way. The recommended way is via the NerdPack / DevPack plugins So this I have had for years in /boot/extra PlexMediaServer-1.19.1.2645-ccb6eb67e-x86_64.txz However, I don't run it on my server anymore. When I remove/delete this .txz it doesn't seem to go away, always comes back every boot. Is there a way to eliminate this for good? Open to suggestions.