Jump to content

karateo

Members
  • Content Count

    179
  • Joined

  • Last visited

Community Reputation

1 Neutral

About karateo

  • Rank
    Advanced Member

Converted

  • Gender
    Undisclosed

Recent Profile Visitors

The recent visitors block is disabled and is not being shown to other users.

  1. I am in the same boat! The only reason is the resources (which i dont have a problem right now but less is better!) but with docker i dont believe there is much of a difference.
  2. Just fixed the two errors for headers. The problem was that they were added in multiple places. So I cleared my config files and it resolved. Now i try to fix caldav and the real IP reporting problem. Fixed caldav after reading this post
  3. Hi! I am using latest stable letsencrypt and nextcloud dockers. My problem is that in security tab I see only the internal docker ip so it does not work properly. How can I pass clients real IP to nextcloud? Also I get those minor errors My nextcloud.subdomain.conf # make sure that your dns has a cname set for nextcloud # assuming this container is called "letsencrypt", edit your nextcloud container's config # located at /config/www/nextcloud/config/config.php and add the following lines before the ");": # 'trusted_proxies' => ['letsencrypt'], # 'overwrite.cli.url' => 'https://nextcloud.your-domain.com/', # 'overwritehost' => 'nextcloud.your-domain.com', # 'overwriteprotocol' => 'https', # # Also don't forget to add your domain name to the trusted domains array. It should look somewhat like this: # array ( # 0 => '192.168.0.1:444', # This line may look different on your setup, don't modify it. # 1 => 'nextcloud.your-domain.com', # ), server { listen 443 ssl; listen [::]:443 ssl; server_name xxxxxxx.*; add_header X-Robots-Tag "none"; include /config/nginx/ssl.conf; client_max_body_size 0; location / { include /config/nginx/proxy.conf; resolver 127.0.0.11 valid=30s; set $upstream_nextcloud nextcloud; proxy_max_temp_file_size 2048m; proxy_pass https://$upstream_nextcloud:443; } location = /.well-known/carddav { proxy_pass https://$upstream_nextcloud:443/remote.php/dav; } location = /.well-known/caldav { proxy_pass https://$upstream_nextcloud:443/remote.php/dav; } } My proxy.conf ## Version 2019/10/23 - Changelog: https://github.com/linuxserver/docker-letsencrypt/commits/master/root/defaults/proxy.conf client_body_buffer_size 128k; #Timeout if the real server is dead proxy_next_upstream error timeout invalid_header http_500 http_502 http_503; # Advanced Proxy Config send_timeout 5m; proxy_read_timeout 240; proxy_send_timeout 240; proxy_connect_timeout 240; # TLS 1.3 early data proxy_set_header Early-Data $ssl_early_data; # Basic Proxy Config proxy_set_header Host $host; proxy_set_header X-Real-IP $remote_addr; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; proxy_set_header X-Forwarded-Proto https; proxy_set_header X-Forwarded-Host $host; proxy_set_header X-Forwarded-Ssl on; proxy_redirect http:// $scheme://; proxy_http_version 1.1; proxy_set_header Connection ""; #proxy_cookie_path / "/; HTTPOnly; Secure"; # enable at your own risk, may break certain apps proxy_cache_bypass $cookie_session; proxy_no_cache $cookie_session; proxy_buffers 32 4k; proxy_headers_hash_bucket_size 128; proxy_headers_hash_max_size 1024; My nextcloud nginx conf upstream php-handler { server 127.0.0.1:9000; # server unix:/var/run/php/php7.0-fpm.sock; } server { listen 80; server_name _; # enforce https # return 301 https://$server_name$request_uri; add_header X-Frame-Options "SAMEORIGIN"; } server { listen 443 ssl; server_name _; ssl_certificate /config/keys/cert.crt; ssl_certificate_key /config/keys/cert.key; # Add headers to serve security related headers add_header Strict-Transport-Security "max-age=15768000; includeSubDomains; preload;"; add_header X-Content-Type-Options nosniff; #add_header X-Frame-Options "SAMEORIGIN"; add_header Referrer-Policy "no-referrer"; add_header X-XSS-Protection "1; mode=block"; add_header X-Robots-Tag none; add_header X-Download-Options noopen; add_header X-Permitted-Cross-Domain-Policies none; # Path to the root of your installation root /config/www/nextcloud/; # set max upload size client_max_body_size 10G; fastcgi_buffers 64 4K; # Enable gzip but do not remove ETag headers gzip on; gzip_vary on; gzip_comp_level 4; gzip_min_length 256; gzip_proxied expired no-cache no-store private no_last_modified no_etag auth; gzip_types application/atom+xml application/javascript application/json application/ld+json application/manifest+json application/rss+xml application/vnd.geo+json application/vnd.ms-fontobject application/x-font-ttf application/x-web-app-manifest+json application/xhtml+xml application/xml font/opentype image/bmp image/svg+xml image/x-icon text/cache-manifest text/css text/plain text/vcard text/vnd.rim.location.xloc text/vtt text/x-component text/x-cross-domain-policy; # Uncomment if your server is build with the ngx_pagespeed module # This module is currently not supported. #pagespeed off; index index.php; error_page 403 /core/templates/403.php; error_page 404 /core/templates/404.php; #rewrite ^/.well-known/caldav /config/www/nextcloud/remote.php/dav/ permanent; #rewrite ^/.well-known/carddav /config/www/nextcloud/remote.php/dav/ permanent; # The following 2 rules are only needed for the user_webfinger app. # Uncomment it if you're planning to use this app. #rewrite ^/.well-known/host-meta /public.php?service=host-meta last; #rewrite ^/.well-known/host-meta.json /public.php?service=host-meta-json last; location = /.well-known/carddav { return 301 $scheme://$host:6443/remote.php/dav; } location = /.well-known/caldav { return 301 $scheme://$host:6443/remote.php/dav; } location = /robots.txt { allow all; log_not_found off; access_log off; } location ~ ^/(build|tests|config|lib|3rdparty|templates|data)/ { deny all; } location ~ ^/(?:\.|autotest|occ|issue|indie|db_|console) { deny all; } location / { rewrite ^/remote/(.*) /remote.php last; rewrite ^(/core/doc/[^\/]+/)$ $1/index.html; try_files $uri $uri/ =404; } location ~ \.php(?:$|/) { fastcgi_split_path_info ^(.+\.php)(/.+)$; include /etc/nginx/fastcgi_params; fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; fastcgi_param PATH_INFO $fastcgi_path_info; fastcgi_param HTTPS on; fastcgi_param modHeadersAvailable true; #Avoid sending the security headers twice fastcgi_pass php-handler; fastcgi_intercept_errors on; } # Adding the cache control header for js and css files # Make sure it is BELOW the location ~ \.php(?:$|/) { block location ~* \.(?:css|js)$ { add_header Cache-Control "public, max-age=7200"; # Add headers to serve security related headers add_header Strict-Transport-Security "max-age=15768000; includeSubDomains; preload;"; add_header X-Content-Type-Options nosniff; add_header X-Frame-Options "SAMEORIGIN"; add_header X-XSS-Protection "1; mode=block"; add_header X-Robots-Tag none; add_header X-Download-Options noopen; add_header X-Permitted-Cross-Domain-Policies none; # Optional: Don't log access to assets access_log off; } # Optional: Don't log access to other assets location ~* \.(?:jpg|jpeg|gif|bmp|ico|png|swf)$ { access_log off; } }
  4. I like that I can just add any disk to enlarge my pool and that I only lose one disk to protect them. I also like the ease of adding apps using the community applications plugin and docker. I would like to see snapsots for shares and shares with the ability to be cloned to multiple disks so like having multiple parity for specific shares.
  5. Hi! I read a post from last year that ipv6 was not supported then. I would like to know if it is supported now or if there is any workaround to have duckdns with ipv6. Thank you, Theodoros
  6. Is it correct what I get? I type https://karateocollabora.duckdns.org and the browser changes to https://192.168.1.2:9980/ with invalid ssl certificate. I have triple checked everything! Also, nextcloud can not connect to collabora.
  7. Hi! The docker was working perfectly for a long time >1 month but I found today that my ratio groups and scheduler settings have been lost. I have backups of my appdata folder and tried to copy it back but this didnt fix it. Where are those settings stored? I think this happened after the last update. Thank you!
  8. Hi! I am looking for an ethernet adapter to passthrough to a VM (pfsense/untangle/sophos/...) in order to use as a firewall or UTM and apply some QOS. I need at least 2-ports and I can't think why i might need 4 in the future. I use a modem in bridge mode and a mikrotik for firewall/nat/pppoe-client right now which I will create a route to the VM to use it if it's online and skip it if for some reason the VM is not online. So any recommendations on which ethernet card to look for? For example is this enough or should I look for something more advanced-expensive! https://www.ebay.co.uk/itm/Dual-Port-GigaBit-1000Mbps-Ethernet-PCI-e-x4-IBM-39Y6127-Intel-PRO-1000-PT/113165640421?epid=2255387122&hash=item1a5932a2e5:g:73oAAOSwvx5bVvwj#shpCntId Thank you!
  9. I get this kind to errors in logs. I understand it's not important and I am not sure if it's a problem of my configuration or a bug. If you need diagnostics please let me know. Jul 13 04:01:59 TOWER rc.diskinfo[30696]: PHP Warning: Use of undefined constant ID_MODEL - assumed 'ID_MODEL' (this will throw an Error in a future version of PHP) in /etc/rc.d/rc.diskinfo on line 470 Jul 13 04:01:59 TOWER rc.diskinfo[30696]: PHP Warning: Use of undefined constant SERIAL_SHORT - assumed 'SERIAL_SHORT' (this will throw an Error in a future version of PHP) in /etc/rc.d/rc.diskinfo on line 470 Jul 13 04:02:00 TOWER rc.diskinfo[30696]: PHP Warning: Use of undefined constant byte11h - assumed 'byte11h' (this will throw an Error in a future version of PHP) in /etc/rc.d/rc.diskinfo on line 662 Jul 13 04:02:00 TOWER rc.diskinfo[30696]: PHP Warning: Use of undefined constant byte10h - assumed 'byte10h' (this will throw an Error in a future version of PHP) in /etc/rc.d/rc.diskinfo on line 662 Jul 13 04:02:00 TOWER rc.diskinfo[30696]: PHP Warning: Use of undefined constant byte9h - assumed 'byte9h' (this will throw an Error in a future version of PHP) in /etc/rc.d/rc.diskinfo on line 662 Jul 13 04:02:00 TOWER rc.diskinfo[30696]: PHP Warning: Use of undefined constant byte8h - assumed 'byte8h' (this will throw an Error in a future version of PHP) in /etc/rc.d/rc.diskinfo on line 662 Jul 13 04:02:00 TOWER rc.diskinfo[30696]: PHP Warning: Use of undefined constant byte15h - assumed 'byte15h' (this will throw an Error in a future version of PHP) in /etc/rc.d/rc.diskinfo on line 663 Jul 13 04:02:00 TOWER rc.diskinfo[30696]: PHP Warning: Use of undefined constant byte14h - assumed 'byte14h' (this will throw an Error in a future version of PHP) in /etc/rc.d/rc.diskinfo on line 663 Jul 13 04:02:00 TOWER rc.diskinfo[30696]: PHP Warning: Use of undefined constant byte13h - assumed 'byte13h' (this will throw an Error in a future version of PHP) in /etc/rc.d/rc.diskinfo on line 663 Jul 13 04:02:00 TOWER rc.diskinfo[30696]: PHP Warning: Use of undefined constant byte12h - assumed 'byte12h' (this will throw an Error in a future version of PHP) in /etc/rc.d/rc.diskinfo on line 663
  10. I have one issue. I downloaded an "ISO" file which is 28GB in size. I have ~20GB available in docker.img and the mount points are all correct. All mount to /mnt/user/shares and it has worked without a problem for a long time. I get "not enough free space" errors in logs and I found the path of the "ISO" was /opt/radarr/ and I don't know why.
  11. Another question! In Filerun I can only have one folder per user. So for user Teo I have mapped /files/ (inside docker) And from container settings I have mapped /mnt/user/Filerun:/files/ I also need Filerun to access /mnt/user/Photos so I added as Read Only /mnt/user/Photos:/files/photos/:ro I just need a confirmation that its a viable solution!
  12. I had to add #!/usr/bin/with-contenv bash on top of the file which I found after a few tries! Thanks for the tip I figured also how to move the thumbnail cache to an external from the photos source folder so I am now going to try and strengthen security. I have already enabled 2-factor login My options 1) VPN and blocking all other access from WAN but I will lose let's encrypt which also would be useless as VPN encrypts everything. 2) allowing through firewall access to my IP addresses AND let's encrypt servers (need to find them) and block everything else 3) Allow all WAN from firewall and add .htaccess as well the extra 2-factor login I will host personal file so I think the option #2 is a good compromise. Any ideas?
  13. Ok next problem now! I needed https://www.imagemagick.org/script/index.php So I got into the docker and installed it using apk add imagemagick Now as I have already found from previous posts after an update everything is cleared. So I put the command in post arguments field but I get an error even it's being installed during docker start (I didn't include the beginning of the log)
  14. Yes! I fixed it copied the file to /php/ and added to php.ini the following line zend_extension = "/config/php/ioncube_loader_lin_7.1.so"
  15. I installed ioncube and did a force update (not sure if it's the same thing) and it uninstalled it Should I copy the file ioncube_loader_lin_7.1.so into appdata folder and add the entry to install the module in php.ini ?