[Additional Scripts For User.Scripts Plugin]

On 4/28/2021 at 4:45 AM, p.wrangles said:

Does anyone know if its possible to remotely execute a user script? Im looking to have Home Assistant remotely (using ssh) call a User script to stop or start docker containers when different things within the system happen (For example when someone begins to watch Plex - shut down my Tdarr Node - or when i have finished gaming on my Unraid Gaming VM - shut down my 3 core plex and start up my 5 core plex etc.

just invoke it like this

bash /boot/config/plugins/user.scripts/scripts/rcloneSync/script

 

where rcloneSync is the name given to the user script.

However, this name might be different from the current name because renaming a user script doesn't change the directory the script is in in which case you need to mouse over the gear icon in the User Script settings until the settings menu opens

 

[Passwordless SSH login]

@ionred maybe posting your diagnostics will shed some light on this issue...

but it really is weird that something is recreating the authorized keys file with that old time stamp.

[Passwordless SSH login]

Odd. Can you post a screenshot (or text copy) of what you are seeing now?

particularly running

root@MediaStore:~# ls -al /root/.ssh /boot/config/ssh /boot/config/ssh/root
lrwxrwxrwx 1 root root   21 Apr  8 02:48 /root/.ssh -> /boot/config/ssh/root/

/boot/config/ssh:
total 120
drwx------  3 root root 8192 Mar 22 18:44 ./
drwx------ 11 root root 8192 Apr 27 21:07 ../
drwx------  2 root root 8192 Apr 19 22:47 root/
-rw-------  1 root root  668 May  3  2019 ssh_host_dsa_key
-rw-------  1 root root  605 May  3  2019 ssh_host_dsa_key.pub
-rw-------  1 root root  227 May  3  2019 ssh_host_ecdsa_key
-rw-------  1 root root  177 May  3  2019 ssh_host_ecdsa_key.pub
-rw-------  1 root root  411 May  3  2019 ssh_host_ed25519_key
-rw-------  1 root root   97 May  3  2019 ssh_host_ed25519_key.pub
-rw-------  1 root root  980 May  3  2019 ssh_host_key
-rw-------  1 root root  645 May  3  2019 ssh_host_key.pub
-rw-------  1 root root 1679 May  3  2019 ssh_host_rsa_key
-rw-------  1 root root  397 May  3  2019 ssh_host_rsa_key.pub
-rw-------  1 root root 1773 Aug 12  2020 ssh_known_hosts
-rw-------  1 root root 3312 Mar 22 18:47 sshd_config

/boot/config/ssh/root:
total 48
drwx------ 2 root root 8192 Apr 19 22:47 ./
drwx------ 3 root root 8192 Mar 22 18:44 ../
-rw------- 1 root root  418 Mar  9 08:19 authorized_keys
-rw------- 1 root root  883 Mar  9 08:19 id_rsa
-rw------- 1 root root  209 Apr 19 22:47 id_rsa.pub
-rw------- 1 root root 3473 Apr 19 22:45 known_hosts

 

[Spin up script not working since update 6.9]

On 3/14/2021 at 10:04 PM, Squid said:

This script will spin up every drive and keep the GUI in sync with everything (as it does it the exact same way the GUI does). 

 

It doesn't appear the emhttp supports spin up or spin down.  Rather it only supports toggling between the two, hence the script checking for spundown

 

If someone want to convert to bash feel free

#!/usr/bin/php
<?

function emhttpd($cmd) {
  global $state, $csrf;
  $ch = curl_init("http://127.0.0.1/update");
  $options = array(CURLOPT_UNIX_SOCKET_PATH => '/var/run/emhttpd.socket',
                   CURLOPT_POST => 1,
                   CURLOPT_POSTFIELDS => "$cmd&startState=$state&csrf_token=$csrf");
  curl_setopt_array($ch, $options);
  curl_exec($ch);
  curl_close($ch);
}

$disks = (array)parse_ini_file('/var/local/emhttp/disks.ini',true);
$vars = parse_ini_file('/var/local/emhttp/var.ini',true);
$state = $vars['mdState'];
$csrf = $vars['csrf_token'];

foreach ($disks as $disk) {
  if ($disk['status'] != 'DISK_OK') continue;
  if ( ! $disk['spundown'] ) continue;
  echo "Spinning up {$disk['name']}\n";
  emhttpd("cmdSpinup={$disk['name']}");
}
?>

 

 

Because of a weird speed issue where I now need to spin up my array before running parity checks etc. and my personal opinions about php,

I had to take up the bash challenge (this might even be sh compatible)

Only did the spin them all up one though.

#!/bin/bash
. /usr/local/emhttp/state/var.ini

curl --unix-socket /var/run/emhttpd.socket \
  --data-urlencode cmdSpinupAll=apply \
  --data-urlencode startState=$mdState \
  --data-urlencode csrf_token=$csrf_token \
  http://127.0.0.1/update

 

[Unraid OS version 6.9.2 available]

17 hours ago, Zonediver said:

It's an intermittent problem.

Every time when the disks sleep and i start the test, some weird things happen (see screenshot).

But when i wakup all disk and "then" start the test, all is normal... stange but ok.

I've only been observing this behavior since v6.9.2 but not sure if this is an unraid problem, a driver or something else...

 

 

Holy --- ! You're correct about the spin up thing.... hmm I think I'll look into this angle... and probably create a cron script to wake up the drives prior to major activities

 

[Passwordless SSH login]

Are you absolutely sure you do not have anything in your system? user scripts plugin? cron jobs? and if you delete/rename /boot/config/ssh/root folder and reboot? does it come back?

[Unraid OS version 6.9.2 available]

It might be, but I've only heard from @Zonediver so have no other points of reference and am not having luck seeing anything like this in the wild (or my ability to google has failed me)

 

In any case I'll try some hardware tweaks when I am able and report back.

[Unraid OS version 6.9.2 available]

On 4/24/2021 at 10:35 AM, ken-ji said:

Ok. now that I have time to try upgrading again. I did and the problem has gone away.

The one thing I did though beforehand was to finally flash my controller to P40 so maybe that was it.

 

So there really is something wrong with 6.9.2 and some LSI controllers

I had a parity check run start and was wondering why it said it was running at 90MB/s at the start. So I stopped it and ran some benchmarks and saw this:

 

 

Disk 4 actually read 60MB/s at one point but restarting the benchmark painted the usual 244MB/s value

I don't see any other issues in my logs.

 

I'm currently allowing a parity check to complete before I try anything else.

I'll probably try things like switching ports on the controller or switching controllers to an LSI 9200-8e (I think) when I get back home to my server

 

mediastore-diagnostics-20210424-1011.zip

[Unraid OS version 6.9.2 available]

On 4/15/2021 at 8:46 PM, ken-ji said:

I'm wondering if anybody with an LSI card using the mpt3sas driver has noticed any speed issues?

I'm using a LSI SAS9206-16E HBA and its dual linked to an expander / enclosure - ARC-4036

I've had this setup for a long while now and I've always gotten the maximum speed out of all my HDDs from it.

But when I upgraded to 6.9.2 this weekend, half of my drives on the HBA started running at 60MBs only compared to the usual ~200MBs

When I reverted back to 6.9.1 the drives all ran at their max speed

 

When I have time, I'll try to upgrade again and see if the problem occurs again

I don't have the all drives benchmark in 6.9.2 which gives really weird results.

^ This is Disk 5 (black is 6.9.2)

Ok. now that I have time to try upgrading again. I did and the problem has gone away.

The one thing I did though beforehand was to finally flash my controller to P40 so maybe that was it.

 

[Is there any sort of way to force a password login screen when logging into docker through reverse proxy?]

The reverse proxy can be configured to require a login before the docker container URLs can be accessed.

However, this will not be anything fancy like the usual login pages

I'm not using the specific docker container, but nginx is fairly universal so:

 

A sample location I'm using that is password protected.

    location /transmission {
        satisfy any;
        auth_basic "Transmission Remote Web Client";
        auth_basic_user_file /etc/nginx/transmission.passwd;
        proxy_pass http://192.168.95.20:9091;
    }

Which makes the browser pop this during access

 

You can create the password file with the following command line (can be run on the Unraid CLI or inside the NGINX container)

echo USER:$(echo PASSWORD | openssl passwd -apr1) >> site.passwd

The command assumes the login USER with the password PASSWORD (replace as needed) and if you repeat the command for a different user and password, both users can be used to login

 

cf https://www.digitalocean.com/community/tutorials/how-to-set-up-password-authentication-with-nginx-on-ubuntu-14-04

 

[[6.9.2] HOW TO PRINT FROM VM OVER VPN TO LOCAL PRINTER (SOLVED)]

I'm not sure about this, but i think bridging must be enabled so br0 has to exist.

Enabling it means that you need to stop the array and mess with the network settings

Depending on your actual config, there might some other changes that you'll need to implement

[[6.9.2] HOW TO PRINT FROM VM OVER VPN TO LOCAL PRINTER (SOLVED)]

@nerbonne The VM should be connected to the br0/eth0 network interface instead of vibr0

This will then allow you to enable the Remote Desktop function (which presumes you are using Windows 10 Pro).

You should also assign the VM a fixed IP address either via a DHCP reservation on the remote router, or a statically assigned setting.

Then you connect to it via the IP address from your local Windows and set RDP to map your printer over.

 

[Unraid OS version 6.9.2 available]

7 hours ago, Zonediver said:

 

Yep - there is something wrong... or the DiskSpeed-Docker needs an upgrade...

Well I had a parity check run then and the speeds got capped to the slow 60MBs so its not the DiskSpeed-Docker's fault I think.

[Unraid OS version 6.9.2 available]

I'm wondering if anybody with an LSI card using the mpt3sas driver has noticed any speed issues?

I'm using a LSI SAS9206-16E HBA and its dual linked to an expander / enclosure - ARC-4036

I've had this setup for a long while now and I've always gotten the maximum speed out of all my HDDs from it.

But when I upgraded to 6.9.2 this weekend, half of my drives on the HBA started running at 60MBs only compared to the usual ~200MBs

When I reverted back to 6.9.1 the drives all ran at their max speed

 

When I have time, I'll try to upgrade again and see if the problem occurs again

I don't have the all drives benchmark in 6.9.2 which gives really weird results.

^ This is Disk 5 (black is 6.9.2)

[[SOLVED] How to create a virtual nic for internal/isolated use only?]

You can try making a request to Limetech, but you'll need to know what you need exactly (I'm not sure either)

[[SOLVED] How to create a virtual nic for internal/isolated use only?]

I think most users here limit VMs and dockers at the router level, which would have better control of the network than Unraid itself.

I could do that with my Mikrotik router, but I never needed to.

[[SOLVED] How to create a virtual nic for internal/isolated use only?]

The error: "Specified qdisc not found" indicates that the qdisc modules are not installed/available. So this would probably be unsupported unless the modules are compiled and loaded in (either by Limtech or some plugin)

 

[Docker Network Interfaces Missing]

The first time docker engine starts up (or you've blown away the local-kv.db file) it picks a /16 network for the default docker0 network it starts from 172.17.0.0/16 and keeps going to 172.18.0.0/16 until it gives up

The criteria for picking is the subnet is not used by the local machine, which is odd - so probably your USB ethernet adapter dropped off or wasn't connected when the docker engine last started up

You're screen shots indicate the a bad config:

* br2 is 172.17.0.0/24 (which is a subset of 172.17.0.0/16

* you have 3 default gateways (which will invariably confuse the OS as to which interface to use to talk to the world)

 

I suggest you try renumbering br2 to some other sensible IP range 172.20.0.0/24 or the 192.168.x.0/24 if its a possibility

and make sure the default routes are really what you want (most of the time it isn't), and it can be resolved by either specifying no gateway on the other interfaces.

Also, as a possible security measure, it is not necessary to have an IP on the other interfaces (save for eth0/br0). Docker can still function

as in my setup Unraid is only accessible via br0, but I can run docker containers and VMs on all my subnets (VLANs)

[Migrate from Synology to Unraid]

Unraid also has SFTP, you just need to either enable root access via SSH by:

* assigning root password or

* adding ssh public key for root to login

[Constant issues with unRAID]

For data points:

I'm using 4x 8TB N300 (about 1y 10m poweron time old)

I've haven't seen any weird SMART attribute ever, so it's probably just the firmware on them.

[Unassigned Devices - Managing Disk Drives and Remote Shares Outside of The Unraid Array]

It'll be gone upon reboot

it has no imapct whatsoever as far as I can tell. and if you want to remove it the correct command would be

rmdir /usr/local/emhttp/-

 

[Since upgrading to 6.9 (and now 6.9.1), server crashes every 2 or 3 days]

Chiming in that I'm running a i7-7700 also with UHD630 iGPU using it with Emby with iGPU transcoding as well and my server's rock stable (Unraid bugs not withstanding) - I've only rebooted it to enable VFIO binding and recover from a bad package install (newer Slackware packages don't work as they updated glibc but Limetech didn't)

 

[Unassigned Devices - Managing Disk Drives and Remote Shares Outside of The Unraid Array]

@dlandon

Minor quibble:

You have this line in the plg file

mkdir - /tmp/&name;/scripts

it creating a '-' directory in /usr/local/emhttp

 

[Permissions are not taken into account in /mnt/user/share folders]

Seems like the bug is on the shfs itself.

root@MediaStore:/mnt/user/Downloads# echo x > a
root@MediaStore:/mnt/user/Downloads# chmod 600 a
root@MediaStore:/mnt/user/Downloads# ls -l a
-rw------- 1 root root 2 Mar 23 21:44 a
root@MediaStore:/mnt/user/Downloads# ls -l /mnt/cache/Downloads/a
-rw------- 1 root root 2 Mar 23 21:44 /mnt/cache/Downloads/a
root@MediaStore:/mnt/user/Downloads# cat a
x
root@MediaStore:/mnt/user/Downloads# su nobody -s /bin/sh
nobody@MediaStore:/mnt/user/Downloads$ cat a
x
nobody@MediaStore:/mnt/user/Downloads$ cat /mnt/cache/Downloads/a
cat: /mnt/cache/Downloads/a: Permission denied

 

[Docker Networking, VLANs and Unraid Access]

I recommend sticking all your containers that are grouped together in their own VLAN, and have your router restrict access to the VLAN

This is probably the easiest way to achieve what you want since macvlan networking is like running a virtual switch on the br0.10 interface so everybody on VLAN10 would be able to see the traffic