Everything posted by Living Legend
-
[Support] Linuxserver.io - SWAG - Secure Web Application Gateway (Nginx/PHP/Certbot/Fail2ban)
Has anyone modified the index.html file in the www folder? I was thinking of making landing page which would list out all of my dockers with links which are behind the reverse proxy. Has anyone done anything similar?
-
[Support] Linuxserver.io - SWAG - Secure Web Application Gateway (Nginx/PHP/Certbot/Fail2ban)
I suppose it's been close to 90 days since I initially set this up. Has been working flawlessly since, but the gap in time has rendered this docker foreign to me once again. I was surprised a search within the thread for "renew" did not create more results. I have been receiving regular emails for the past week from the LetsEncrypt Expiry Bot stating: --------------------- Hello,Your certificate (or certificates) for the names listed below will expire in1 days (on 01 Mar 17 03:37 +0000). Please make sure to renewyour certificate before then, or visitors to your website will encounter errors. -------------------- I reviewed my log file to see this: <------------------------------------------------->cronjob running on Wed Mar 1 05:59:53 PST 2017Running certbot renew-------------------------------------------------------------------------------Processing /etc/letsencrypt/renewal/***.duckdns.org.conf-------------------------------------------------------------------------------The following certs are not due for renewal yet:/etc/letsencrypt/live/***.duckdns.org/fullchain.pem (skipped)No renewals were attempted.2017-03-01 05:59:54,446 fail2ban.server [258]: INFO Starting Fail2ban v0.9.42017-03-01 05:59:54,447 fail2ban.server [258]: INFO Starting in daemon mode[cont-init.d] 50-config: exited 0.[cont-init.d] done.[services.d] starting services[services.d] done. So according to this, they're not due for renewal? I'm a little confused. Is there something I can manually due to renew, or is this going to take care of it? As of now, it seems to still be up and running. Thanks!
-
[Support] Linuxserver.io - Nextcloud
Random question. I get nextcloud all set up. Have an app on my phone for it too. Works well for syncing up photos to the cloud. Occasionally though, I'm at the PC and would like to move a file into the "files" folder of my user through Windows Explorer so that I can access from my phone. Unfortunately, I'm hit with a "You need permission to perform this action" error. What modifications to the docker do I need to make to be able to write to my share using windows explorer?
-
[Support] Linuxserver.io - SWAG - Secure Web Application Gateway (Nginx/PHP/Certbot/Fail2ban)
Ah yes, that was it! On the letsncrypt template, I never added "nextcloud" as a new subdomain. Where does this actually make a change within one of the config files? For uniformity purposes, do you have all of your dockers listed as docker.server.com? Or do you have them mixed in with other server.com/docker? I think I'm an all one way type of guy to try and keep things neat and not have to remember anything. Also, sent you a PM, CHBMB.
-
[Support] Linuxserver.io - SWAG - Secure Web Application Gateway (Nginx/PHP/Certbot/Fail2ban)
We're close, but now a new error it seems. When attempting to connect, I'm now faced with: With a different browser, I can bypass this, but it's not a secure https connection. I checked to make sure that my certs were in the proper location mentioned in the new nextcloud file, and they are.
-
[Support] Linuxserver.io - SWAG - Secure Web Application Gateway (Nginx/PHP/Certbot/Fail2ban)
Now attempting to configure letsencrypt to work with nextcloud. I'm trying to piece things together from different posts. This is what I have done: 1. On the nextcloud end: Edit nextcloud/www/nextcloud/config/config.php <?php $CONFIG = array ( 'memcache.local' => '\\OC\\Memcache\\APCu', 'datadirectory' => '/data', 'instanceid' => 'xxxxxxxxxx', 'passwordsalt' => 'xxxxxxxxxxxxxxxxxxxxxxxxxx', 'secret' => 'xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx', 'trusted_domains' => array ( 0 => '192.168.1.3:444', 1 => 'server.com', ), 'overwrite.cli.url' => 'https://server.com', 'overwritehost' => 'server.com', 'overwriteprotocol' => 'https', 'overwritewebroot' => '/nextcloud', 'dbtype' => 'mysql', 'version' => '9.1.2.2', 'dbname' => 'nextcloud', 'dbhost' => '192.168.1.3:3306', 'dbport' => '', 'dbtableprefix' => 'oc_', 'dbuser' => 'oc_xxxxxx', 'dbpassword' => 'xxxxxxxxxxxx', 'logtimezone' => 'UTC', 'installed' => true, ); 2. On the letsencrypt end Edit letsencrypt/nginx/site-confs/default location /nextcloud { proxy_pass https://192.168.1.3:444/nextcloud; } On a local machine I try to go to: 192.168.1.3:444 It auto redirects to https://server.com/nextcloud/index.php/apps/files Same error for https://server.com/nextcloud. Addtionally, if I edit the letsencrypt file and leave out the /nextcloud in the proxy_pass section, I get this error: Thanks again for the help! And don't forget my offer to write up a n00bie guide on how to do stuff. Check my signature. So severely outdated, but I wrote up a very basic how to back in the day on how to add mysql.
-
[Support] Linuxserver.io - SWAG - Secure Web Application Gateway (Nginx/PHP/Certbot/Fail2ban)
Yeah, the WEB GUI works, but apps don't. Oh well! I read some complicated stuff about attempting to resolve this, but far above what I can deal with.
-
[Support] Linuxserver.io - SWAG - Secure Web Application Gateway (Nginx/PHP/Certbot/Fail2ban)
I've gotten a few others working messing around with this. I love it! One issue I'm having is with Plex. I can get it to work with https://server.com/plex. But now, after removing the forwarding of port 32400 on my router, I can no longer access it through my apps. Only through a web interface. Is there a way to fix this?
-
[Support] Linuxserver.io - SWAG - Secure Web Application Gateway (Nginx/PHP/Certbot/Fail2ban)
Thumbs up! Finally working! Time to start closing down some ports, and adding this to other dockers. If you guys are interested, I could certainly try and put together some sort of generic tutorial on how to get this working. Sometimes it's best understood coming from someone with minimal knowledge on the stuff so it's dumbed down.
-
[Support] Linuxserver.io - SWAG - Secure Web Application Gateway (Nginx/PHP/Certbot/Fail2ban)
Going to https://server.com brings me to the index.html page created by letsencrypt: I added the trailing slash: location ^~ /plexpy/ { proxy_pass http://192.168.1.3:8181; include /config/nginx/proxy.conf; proxy_bind $server_addr; proxy_set_header X-Forwarded-Host $server_name; proxy_set_header X-Forwarded-Ssl on; auth_basic "Restricted"; auth_basic_user_file /config/.htpasswd; I'm still brought to: I've also noticed, once I make those two changes to the settings, to enable the proxy and add /plexpy, I can no longer access Plexpy through the web GUI. EDIT: Just ran a quick test. The checkbox for "Enable for HTTP Proxy" works. I can check this and restart without an issue. It's once I add /plexpy and restart that I can no longer access the GUI.
-
[Support] Linuxserver.io - SWAG - Secure Web Application Gateway (Nginx/PHP/Certbot/Fail2ban)
Ahh, the comments! Always miss something. However, now I have a new error: when I type in https://myserver.com/plexpy it redirects me to https://_/plexpy/auth/logout and I get this message.
-
[Support] Linuxserver.io - SWAG - Secure Web Application Gateway (Nginx/PHP/Certbot/Fail2ban)
So I think I have everything right on the Letsencrypt end, as myserver.com/plexpy is getting a the green lock on chrome for https acceptance, but it's taking me to a 404 not found screen. When my plexpy settings are this: I get this: Inside my nginix/site-confs/default my code is: location ^~ /plexpy { proxy_pass http://192.168.1.3:8181; include /config/nginx/proxy.conf; proxy_bind $server_addr; proxy_set_header X-Forwarded-Host $server_name; proxy_set_header X-Forwarded-Ssl on; auth_basic "Restricted"; auth_basic_user_file /config/.htpasswd; And on check, if I go to http://192.168.1.3:8181 I get taken directly to the plexpy home. Any ideas where I'm going wrong? I think I'm close!
-
[Support] Linuxserver.io - SWAG - Secure Web Application Gateway (Nginx/PHP/Certbot/Fail2ban)
Holy smokes. Thanks CHBMB for taking the time to write that out. I'll have time later this evening to thoroughly read through and attempt to apply what you've said. I think I have a better understanding from a brief glance. This is supposed to make the system more secure by limiting the amount of ports I'm opening. Post #521373... https://lime-technology.com/forum/index.php?topic=53542.msg521373#msg521373 ...should be a go-to post for super n00b questions like my own.
-
[Support] Linuxserver.io - SWAG - Secure Web Application Gateway (Nginx/PHP/Certbot/Fail2ban)
I certainly have a very rudimentary understanding of how these dockers interact as I'm still quite confused as to what needs to be modified, and how. For instance, if I simply want Plexypy to run through https I would: 1. Modify the nginx.conf by copy and pasting the following: # PlexyPy # https://github.com/linuxserver/docker-plexpy # # Settings => Web Interface # Change http root to /plexpy # location ^~ /plexpy/ { proxy_pass http://192.168.1.28:8181; include /config/nginx/proxy.conf; proxy_bind $server_addr; proxy_set_header X-Forwarded-Host $server_name; proxy_set_header X-Forwarded-Ssl on; } Then I'd also have to place an .htpasswd file in ~/plexpy/. But what are the contents of this .htpasswd file? It looks like letsencrypt is a bit more involved then some of your more basic plug and play apps. My goal is to be able to interact with these dockers securely from outside of my network. So to do that, I've opened each ones respective port and assumed that as long as I have https running on each open port, I should be good to go? Maybe if there's some basic primer on how this stuff works, if someone could point me in the right direction I could do some of my own readings rather than having to ask all of these random questions and re ask them when they're answered at a level beyond my understanding
-
[Support] Linuxserver.io - SWAG - Secure Web Application Gateway (Nginx/PHP/Certbot/Fail2ban)
Where do I place the created .htpasswd file? And what type of security does this bring to the containers?
-
[Support] Linuxserver.io - SWAG - Secure Web Application Gateway (Nginx/PHP/Certbot/Fail2ban)
Thanks for the reply CHBMB. I did a quick search earlier and saw those lines of code. The post was looking to see if there was more of an all encompassing type of guide on how to do this. What file am I modifying with those lines of code? Is it some sort of .conf file within Letsencrypt? And I'm not sure I follow what you're saying about it being unnecessary. All of the dockers are on the same unraid box. Why would using https be unnecessary if I'm trying to reach my unraid box from outside of my network? Maybe I'm misunderstanding some basic security concepts here...
-
[Support] Linuxserver.io - SWAG - Secure Web Application Gateway (Nginx/PHP/Certbot/Fail2ban)
Are there any guides or tutorials around on how to have Letsencrypt interact with my other dockers on unraid? I understand the general concept behind Letsencrypt, but I'm not sure what files need to be modified, and how to modify these files. My current setup is your standard dynamic IP address provided by my ISP. I have this tracked by duckdns so I can associated the IP with the static name. I'd like to be able to attach to all of my different dockers through https: https://insertname.duckdns.org:2020 - Docker 1c https://insertname.duckdns.org:3030 - Docker 2 https://insertname.duckdns.org:4040 - Docker 3 A few of the dockers I run now are: crashplan owncloud plex plexpy plexrequests couchpotato sonarr Any fingers to point me in the right direction would be greatly appreciated
-
[Support] Linuxserver.io - Plex Media Server
Hmm, I can't get the DVR to show up now. I just upgraded unRAID to 6.2.4 and it said there was an update for most of my dockers even though I thought they were all up to date. When I did the update to Plex, with version set to "plexpass" it still doesn't give me the DVR option that was once there. Not sure if this is correlated, but the docker GUI shows; plex Container ID: 1316e0b38db7 By: linuxserver/plex:latest
-
[Support] Linuxserver.io - Plex Media Server
Thought I'd give this question a shot here. I'm a HDHR Prime user. I used to have great success using the plugin HDHR Viewer. After a few PMS updates, my higher resolution streams can no longer play over the network as it states that the server is not powerful enough to convert video for smooth playback. This never used to be an issue, and begin about 2 months ago. I have since tried tinkering with version types, but to no avail. I'm currently using Plex Media Server: 0.9.16.6 HDHR Firmware: 20161117 HDHR Viewer: 0.9.12 EDIT: Also just gave HD Grand Slam plugin a shot. Same issue where it'll play for 2-3 seconds and then get choppy and freeze up. Different error message about unable to play video, and tells me to look at my playback settings. This leads me to think it's either an HDHR firmware issue, or PMS version. I updated to docker tag to LATEST and I'm now running PMS 1.3.0.3059 with the same issues. I've tried combinations of the latest PMS and older firmware, but still struggling here. Does anyone have any ideas or suggestions? Currently the only thing I can do to make things work is lower playback to something very low, like 720 kbps. Ultimately, I'm looking for a way to be able to view the HDHR remotely. Up until recently, this has worked wonderfully. Anyone else struggling, and/or have a combination of versions that works for them?
-
[support] Bungy's docker repository
Any chance there could be issues with docker and the python OZW library? After doing some research, that's about all that's different between Home-Assistant and something like Home Genie and their implementation of Z-Wave.
-
[support] Bungy's docker repository
Home Genie does have a docker, and I was able to get it running pretty easily from the furthest part of my house. Home-Assistant would not comply at this distance. Even when I lugged my server upstairs to test, it was spotty at best unfortunately. I'm working on testing openHAB now, but am having trouble with the GUI. I'm sure if I scour this thread long enough I will find something...
-
[support] Bungy's docker repository
From testing a few other Home Automation Dockers, I can say for certain that Home-Assistant was the worst when it came to Z-Wave connectivity unfortunately. Unless there was something I was missing, I had to keep the USB stick just feet away from the device for it to register. Quite unfortunate since the GUI and backed programming seemed to be quite promising. I will have to give openHAB a shot. Home genie is working well for now.
-
How Do I Pass Through A USB Device To A Docker Container?
Yep,it worked. Now on to my next problem which is having my Z-Stick maintain it's connection to my devices...
-
[support] Bungy's docker repository
I moved the device upstairs to check. I'm getting incredibly inconsistent results. Sometimes it will work. Other time it says it's on when it's off. or vice versa. The devices are in a straight line of sight, 15 feet away. GE Dimmer to Z-Wave Stick. Any ideas what could be going wrong?
-
[support] Bungy's docker repository
I figured it out. I checked the log of the unRAID box while unplugging and pluggin in the USB stick. It is calling it /dev/ttyACM1. So I add the command: --device /dev/ttyACM1 and then to the .yaml I put theh path as such, and it now notices "Light", the one thing connected to my Z-Wave Stick. But I still can't control it. If I try to hit the toggle switch, it won't budge. I looked at the OZW_Log and I'm seeing some new errors: 2016-05-24 09:30:16.152 Error, Node002, ERROR: Dropping command because node is presumed dead 2016-05-24 09:30:16.152 Detail, Node002, Removing current message 2016-05-24 09:30:16.152 Error, Node002, ERROR: Dropping command because node is presumed dead 2016-05-24 09:30:16.152 Detail, Node002, Removing current message 2016-05-24 09:30:16.220 Info, Node002, Value::Set - COMMAND_CLASS_SWITCH_MULTILEVEL - Level - 0 - 1 - c 2016-05-24 09:30:16.220 Info, Node002, SwitchMultilevel::Set - Setting to level 99 2016-05-24 09:30:16.220 Detail, Node002, Queuing (Send) SwitchMultilevelCmd_Set (Node=2): 0x01, 0x0a, 0x00, 0x13, 0x02, 0x03, 0x26, 0x01, 0x63, 0x25, 0x51, 0xd7 2016-05-24 09:30:16.220 Detail, Node002, Queuing (Send) SwitchMultilevelCmd_Get (Node=2): 0x01, 0x09, 0x00, 0x13, 0x02, 0x02, 0x26, 0x02, 0x25, 0x52, 0xb6 2016-05-24 09:30:16.221 Error, Node002, ERROR: Dropping command because node is presumed dead 2016-05-24 09:30:16.221 Detail, Node002, Removing current message 2016-05-24 09:30:16.221 Error, Node002, ERROR: Dropping command because node is presumed dead 2016-05-24 09:30:16.221 Detail, Node002, Removing current message Could it possibly be because it is out of range? In a straight line it's less than 15 feet, but it is one floor below...