spants

Community Developer
  • Content Count

    571
  • Joined

  • Last visited

Posts posted by spants

  1. 28 minutes ago, mavrrick said:

     

    I ended up just setting up a VM and installing everything manually. It was easy enough. I needed atleast Node.js 12 i think, and maybe Node.JS 14. Thanks for advice. 

    No problem. If you needed Node.js 12 - just use

     

    nodered/node-red:latest-12

     

    in the repository field of the template

  2. Great - thats the way to do it. 

    The template is for the official Pi-hole docker, I don't make any changes so please check their github for issues.

     

    I just changed the template to remove the dns entries from the extra parameters setting though as this was causing issues for some... Unfortunately this change doesnt roll down if you have already have Pihole setup. ( I dont think this fixes your issue though).

     

    I will take another look tomorrow (I'm in the UK).

  3. On 3/30/2021 at 1:29 PM, mavrrick said:

    I have recently run into a snag that i believe has been determined to be related to the version of Node.JS used by Node red in the docker. Is there any way to upgrade that to a newer version?

     

    Which version of NodeJS do you need? You can change the version by using the appropriate tag in the Repository field:

    https://hub.docker.com/r/nodered/node-red/tags?page=1&ordering=last_updated

     

  4. 8 hours ago, Roxedus said:


    They both do the work, and cater to different scenarios. My reasoning for my suggestion is that I dont want to be able to reach /admin at all with my reverse proxy.
    Another thing to think about is the resulting error code, where my suggestion gives a 404, while the deny gives a 403. A 403 might say to a potential attacker that there is something there (you could have it respond with a 404 instead)

     

    The problem with the 404 method is that if you use a custom network (say PROXYNET for dockers that can be reached from outside), then you cannot (well, I couldn't!) reach the /admin endpoint from inside either.

     

    I have made some changes regarding the 403/401 error codes and now use this.... (based on an old bitwarden template)
     

    #BITWARDEN
    # make sure that your domain has dns has a cname or a record set for the subdomain bitwarden 
    # This config file will work as is when using a custom docker network the same as letesencrypt (proxynet).
    # However the container name is expected to be "bitwardenrs" as it is by default the template as this name is used to resolve.  
    # If you are not using the custom docker network for this container then change the line "server bitwardenrs:80;" to "server [YOUR_SERVER_IP]:8086;" Also remove line 7
    
    resolver 127.0.0.11 valid=30s;
    upstream bitwarden {
        server bitwardenrs:80;
    }
    
    
    server {
      # return error code 404 if 401 or 403 would be returned to hide admin endpoint
      # no need to create the 404.html file unless you want to customise
      error_page 401 403 404 /404.html; 
        listen 443 ssl;
        server_name bitwarden.*;
        include /config/nginx/ssl.conf;
      client_max_body_size 128M;
      
      location /admin {
        # allow LAN access (match your IP range)
        allow 192.168.1.0/24;
        # allow VPN access (match your IP range)
        allow 10.0.10.0/24;
        # BLOCK all other access
        deny all;
        proxy_pass http://bitwarden;   
      }
      
      location / {
       proxy_pass http://bitwarden;
        proxy_set_header Host $host;
        proxy_set_header X-Real-IP $remote_addr;
        proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
        proxy_set_header X-Forwarded-Proto $scheme;
      }
      
      location /notifications/hub {
       proxy_pass http://bitwarden;
        proxy_set_header Upgrade $http_upgrade;
        proxy_set_header Connection "upgrade";
      }
      
      location /notifications/hub/negotiate {
        proxy_pass http://bitwarden;
      }
    }

     

  5. For folks that want to protect the /admin page from being accessed from outside of the internal network when using SWAG, I think this is a better way.....

     

    Note 192.168.1.0 is the LAN network and 10.0.10.0 is a VPN network attaching remotely

     

      location /admin {
        allow 192.168.1.0/24; 
        allow 10.0.10.0/24;
        deny all;
        # enable the next two lines for http auth
        # auth_basic "Restricted";
        # auth_basic_user_file /config/nginx/.htpasswd;
        proxy_pass http://bitwarden;   
      }

     

  6. Dockers can't point to pi-hole, is my understanding, and my docker and plug-in update checks were taking upwards of 6-10 minutes.
     
    Also now I can do service on my server without taking down DNS for the whole house.
     
    The pi-hole docker is sweet but my needs are much better served with a real device.
     
    I have two network cards to avoid any problems and my main pihole is the docker. I have a secondary pihole as a physical machine with opnsense providing both DNS ips for DHCP

    Sent from my SM-N976B using Tapatalk

  7. If you use RETAINED topics, it can write them to a temporary db in case of restarting. Most people dont need this.

    There seems to be a permissions issue with some dockers, I should take a look at this as I made it some time ago (it just works for me!).
    I saw on another thread that someone had similar issues on another docker and was advised to run a script (attached). It will reset the directory permissions on the appdata directory. Run it at your own risk (I just tried it)

     

    fixAppdataPerms.sh

    • Like 1
  8. 7 hours ago, Tsumitsuki said:

    about two weeks ago i setup this docker for my smarthome stuff.
    since then it was ideling cause i haven't setup my devices yet.

    Today i checked unraid and saw the docker stopped.
    i wanted to set my devices up this weekend but i cant get the docker up again.
    every time i start the docker i get this:
     

    
    Warning: store_clean_interval is no longer needed.
    
    1611308988: Error: No error information.
    
    1611308988: Error: Couldn't open database.
    
    Warning: store_clean_interval is no longer needed.
    
    1611308997: Error: No error information.
    
    1611308997: Error: Couldn't open database.


    After this error the docker stops itself again.

    i havent changed anything. no update, no config changes.

    i tryed to remove the docker completly and set it up from scratch but still the same error.
    any idea?

     

    Does your MQTT directory look like this?:

    image.png.fa371c3abcb4c9cab7b11bde96892c3b.png

     

    You can also try setting open permissions on that directory:

     

    cd /mnt/user/appdata

    chmod -R 777 MQTT

     

     

     

  9. I already did change the iconUrl on my side, but with each NodeRed update, it was overwritten hence my cry for help  
    Glad to hear that I won't be needing to do this manually from now on.
    You may have to keep changing it as the template is not refreshed on the update. Check your /boot/config directory structure for the cached templates and also edit it there


    Sent from my SM-N976B using Tapatalk

    • Thanks 1
  10. 21 hours ago, UNOPARATOR said:

    @spants, have you missed my message? I know this is a cosmetic issue but it is a nice *nice to have* feature. ;)

    I have pushed this - note that you will not see the change if you already downloaded NR as the template is cached on your boot drive.

    Thanks for the link - I didnt see it when I first made the template in 2016!

     

    You can change it on your own system btw

    • Thanks 1
  11. 3 minutes ago, mgutt said:

    @spants 

    Thanks for the answer. But I tested it a few moments ago. Its still /mnt/cache?!

     

    @Niaxa

    Du kannst den Pfad also anpassen. Dh du stoppst den PiHole Container und ersetzt bei beiden Pfaden das /mnt/cache gegen /mnt/user und startest den Container wieder.

    I've not changed it yet....... :-) WRONG!! I did change it some time ago to /mnt/user/appdata/nodered/ .It must be cached on your boot/config volume.....