tuxbass

I've seen that issue with loopback. Some routers don't like to play nice, do you have any loopback options you can play with? Try disabling loopback and see what happens. Interesting. Turned NAT loopback off and now mydomain.eu resolves. But - no cert is detected and browser deems the page insecure. Edit: scrap that - just tried from incognito window & another device - now it routes to router configuration landing page.

Not sure if this belongs here, but have you guys encountered a situation where you're unable to access pages from within your LAN? My nginx config routes all http traffic to https. When some machine in the LAN tries to access the server via mydomain.com, then the protocol can be seen to change to https (meaning server is reached), but then request times out. Everything is OK from outside the LAN and target service is reached. Checked router config - NAT loopback is enabled. What gives?

Any particular reason why most (if not all) of your containers have /mnt/user mounted at /unraid by default? Is it mostly just a convenience mount? Feels like a potential security risk most of the cases if left at such a high level (as in just 2 dirs from root).

That was it - NAT rules were assigned for the wrong router interface. Really sorry for the noise guys. Cheers CHBMB!

PUID 100* It's my regular user on unraid (instead of default nobody). IP is correct, DNS settings are confirmed. mydomain.eu is owned by me, bought via gandi.net. Only other thing I can think of is that there's an issue with your ports then. Although they look fine on that pic, Try http://www.yougetsignal.com/tools/open-ports/ Nothing unusual about your network at all? VPN or anything? EDIT: Other thing I just thought of, if you're using Cloudflare then turn off the proxying. Good ideas. 1) not using cloudflare 2) 443 is closed, but I assume that's because there's no service sitting on this side; any quick ways to put up some service to validate ports? 3) my router config might be wrong after all. discovered there's more than one interface (for WAN/LAN). router UI is in spanish, having a bit trouble with that

PUID 100* It's my regular user on unraid (instead of default nobody). IP is correct, DNS settings are confirmed. mydomain.eu is owned by me, bought via gandi.net.

Post your docker run command and the log and we might be able to help a little more. Generating a 2048 bit RSA private key .............................+++ ..........+++ writing new private key to '/config/keys/cert.key' ----- Subject Attribute /C has no known NID, skipped [cont-init.d] 30-keygen: exited 0. [cont-init.d] 50-config: executing... Creating DH parameters for additional security. This may take a very long time. There will be another message once this process is completed Generating DH parameters, 2048 bit long safe prime, generator 2 This is going to take a long time .......................... DH parameters successfully created - 2048 bits SUBDOMAINS entered, processing Sub-domains processed are: -d www.mydomain.eu -d emby.mydomain.eu -d seafile.mydomain.eu Generating new certificate Failed authorization procedure. www.mydomain.eu (tls-sni-01): urn:acme:error:connection :: The server could not connect to the client to verify the domain :: Failed to connect to 217.111.111.111:443 for TLS-SNI-01 challenge, mydomain.eu (tls-sni-01): urn:acme:error:connection :: The server could not connect to the client to verify the domain :: Failed to connect to 217.111.111.111:443 for TLS-SNI-01 challenge IMPORTANT NOTES: - If you lose your account credentials, you can recover through e-mails sent to [email protected]. - The following errors were reported by the server: Domain: www.mydomain.eu Type: connection Detail: Failed to connect to 217.111.111.111:443 for TLS-SNI-01 challenge Domain: mydomain.eu Type: connection Detail: Failed to connect to 217.111.111.111:443 for TLS-SNI-01 challenge To fix these errors, please make sure that your domain name was... Router NAT settings: Docker run: /plugins/dynamix.docker.manager/scripts/docker create --name="nginx-letsencrypt" --net="bridge" --privileged="true" -e TZ="Europe/Paris" -e HOST_OS="unRAID" -e "EMAIL"="[email protected]" -e "URL"="mydomain.eu" -e "SUBDOMAINS"="www,emby,seafile" -e "ONLY_SUBDOMAINS"="false" -e "DHLEVEL"="2048" -e "PUID"="1000" -e "PGID"="100" -p 89:80/tcp -p 449:443/tcp -v "/mnt/user/appdata/nginx-letsencrypt":"/config":rw -v "/mnt/user":"/unraid":rw linuxserver/letsencrypt Btw, is there a more convenient way of checking the run command than clicking 'Save' in template page?

Is it required to have some services running (and thus valid nginx site-configs) prior to querying LE, or can we simply spin vanilla docker-letsencrypt container up and it should acquire the certs for the (sub)domains we've defined? DNS settings are ok, but LE server is still unable to see my end. Domain: www.mydomain.eu Type: connection Detail: Failed to connect to 217.111.111.111:443 for TLS-SNI-01

php is kind of useful for web servers, hence LEMP stacks (Linux, Nginx, MySQL, PHP) and the derivatives of this. 'P' in the stack acronym doesn't necessarily stand for PHP Besides, it's 2016 2017; wouldn't consider php a must-have dependency on a webserver.

Why are php packages in the Nginx-letsencrypt docker? Does something depend on that?

Alrighty, thanks. Out of curiosity, why foxel seems to be the go-to solution, when there are more popular dockers like https://hub.docker.com/r/m3adow/seafile/ / https://hub.docker.com/r/jenserat/seafile/? foxel does provide mysql & nginx setups, but don't see why would one want it baked inside seafile container.

Yeh I get Docker, but can't figure out what's the correct way of using docker-compose from unraid. That's the part I don't like with unraid - they've converted nice and simple docker api into some php-based clustertruck. Really can't see the benefit of typing out your dockerfiles instead of using 'templates'. Just weird.

The official github appears to be https://github.com/haiwen/seafile-docker. As you see, the 'official' installation method is via their script wizardry - there isn't even a Dockerfile (see https://github.com/haiwen/seafile-docker/issues/1). In the issue no. 1 page, some user points to their Dockerfile (https://github.com/foxel/seafile-docker), that uses docker compose. What would be a sane way of using that? How have you guys gone about getting seafile installed on unraid boxes?

Wouldn't require mapping /watch volume; what if it's not necessary?

Whenever Win 10 VM is started, it first drops to UEFI shell, requiring manual intervention. Immediately after the VM boot-up, black screen with text "Press any(?) key to...??" (currently it's hooked to low-res TV, and the margins are cut off, so can't read the text completely). No matter what you do there, you still end here: UEFI Interactive Shell v2.1 EDK II UEFI v2.50 (EDK II, 0x00010000) Mapping table FS0: Alias(s): CD7a1.... PciRoot(0x0)/Pci...../Ata(0x0)/CDROM(0x1) BLK0: Alias(s): PciRoot(0x0)/Pci...../Floppy(0x0) BLK1: Alias(s): PciRoot(0x0)/Pci...../Floppy(0x1) BLK2: Blias(s): PciRoot(0x0)/Pci...../Ata(0x0) BLK3: Blias(s): PciRoot(0x0)/Pci...../Ata(0x0)/CDROM(0x0) BLK5: Blias(s): PciRoot(0x0)/Pci...../Ata(0x0) Press ESC in <countdown> seconds to skip startup.nsh or any other key to continue. Shell> _ Again, pressing ESC or any other key here won't do anything; need to type 'exit', after which land in BIOS: Standard PC (i440FX + PIIX, 1996) ?c-i440fx-2.5 There I need to select 'Continue' from menu, and only then it boots to windows installation. unraid ver unRAIDServer-6.2.0-beta21 Edit: could it be, that https://lime-technology.com/forum/index.php?topic=39493.0 is still valid, and hasn't been fixed in a year? Edit2: fyi, IIRC, the issue went away after the windows was installed; this problem occurred only during initial vm startup. So I passed that screen as described, and afterwards it was okay when the vm was rebooted.

Yes there is a workaround and that is to mount it manually in the go file like below. #Mount the intel 750 nvme mkdir /mnt/nvme mount /dev/nvme0n1 /mnt/nvme You also have to partition and format it if you haven't already done that. More info in this post by dAigo But this still doesn't let me create share on it, meaning VMs cannot be run off from it. not sure why you would think you need a share to run a VM? I have a SSD that I mount in the go file and my VMs run from it with no problem. You guys were right indeed. VMs can be run from any mount on the system.

Yes there is a workaround and that is to mount it manually in the go file like below. #Mount the intel 750 nvme mkdir /mnt/nvme mount /dev/nvme0n1 /mnt/nvme You also have to partition and format it if you haven't already done that. More info in this post by dAigo But this still doesn't let me create share on it, meaning VMs cannot be run off from it. Forgive my ignorance, but why do you feel the need to create a share for your VMs to install into? Wouldn't a simple folder do the job? Isn't this the requirement/limitation of unraid?

Yes there is a workaround and that is to mount it manually in the go file like below. #Mount the intel 750 nvme mkdir /mnt/nvme mount /dev/nvme0n1 /mnt/nvme You also have to partition and format it if you haven't already done that. More info in this post by dAigo But this still doesn't let me create share on it, meaning VMs cannot be run off from it. Why don't you mount it as a cache drive and run your VMs from there? Because I already have SSD for a cache drive. Adding M.2 to that pool would bottleneck its performance. Also, running vms off from cache feels a bit wrong. Why would storing vm/docker data be considered a cache task. Running VMs and Dockers from the cache is the recommended mode of operation for unraid and is not wrong. I have two VMs and 5 Dockers running off an SSD cache drive with no problems. One of the VMs is a Windows Media Center computer serving extenders and recording TV shows at the same time without any issues with performance on the SSD cache. Would it be reasonable or possible to create the share on cache, but symlink it simply to the m.2 mountpoint?

Yes there is a workaround and that is to mount it manually in the go file like below. #Mount the intel 750 nvme mkdir /mnt/nvme mount /dev/nvme0n1 /mnt/nvme You also have to partition and format it if you haven't already done that. More info in this post by dAigo But this still doesn't let me create share on it, meaning VMs cannot be run off from it. Why don't you mount it as a cache drive and run your VMs from there? Because I already have SSD for a cache drive. Adding M.2 to that pool would bottleneck its performance. Also, running vms off from cache feels a bit wrong. Why would storing vm/docker data be considered a cache task.

Yes there is a workaround and that is to mount it manually in the go file like below. #Mount the intel 750 nvme mkdir /mnt/nvme mount /dev/nvme0n1 /mnt/nvme You also have to partition and format it if you haven't already done that. More info in this post by dAigo But this still doesn't let me create share on it, meaning VMs cannot be run off from it.

And no possibility for work-around I presume?

What exactly do you mean by device designator? I assume these; all devices are as follows: root@Tower:~# lsblk NAME MAJ:MIN RM SIZE RO TYPE MOUNTPOINT md1 9:1 0 3.7T 0 md /mnt/disk1 md2 9:2 0 3.7T 0 md /mnt/disk2 sda 8:0 1 14.3G 0 disk ??sda1 8:1 1 14.3G 0 part /boot sdb 8:16 0 3.7T 0 disk ??sdb1 8:17 0 3.7T 0 part sdc 8:32 0 232.9G 0 disk ??sdc1 8:33 0 232.9G 0 part /mnt/cache sdd 8:48 0 3.7T 0 disk ??sdd1 8:49 0 3.7T 0 part sde 8:64 0 3.7T 0 disk ??sde1 8:65 0 3.7T 0 part loop0 7:0 0 10G 0 loop /var/lib/docker loop1 7:1 0 1G 0 loop /etc/libvirt nvme0n1 259:0 0 477G 0 disk ??nvme0n1p1 259:1 0 477G 0 part

Hi, checked through all the pages in this thread looking for 'm.2', didn't find anything. The m.2 drive I'm using does not show up in unassigned drives section. It is available in cache or parity/drive selections though. Could it be related to unusual device name (nvme0)? Running ver 6.2.0-beta21.

Interesting, but doesn't change our recommendations. When Linus did the gaming + NAS video (not 2 gamers or 7), he had a skylake system and the ACS override didn't work for him. Luck of the draw on the hardware I guess. Certainly doesn't change anything with respect to igd pass through support. @JonP Yeah bit the he got the gpu passed through(it was only the onboard sound he couldnt pass through). I think if you say skylake isnt compatable with unraid, or not recommended for gpu passthrough, it may put alot of people off choosing to try or purchase unraid, as many people may not want to buy older hardware when building a new rig. There have been quite a few of us who have built our unraid rigs with skylake, and many people using kvm with passthough on other linux distros. Why dont you make a section with pros and cons of each main type of cpu. I realise that its hard for you to test everything and expensive, but this would help people deceide what to buy and what to expect. You guys official online manual on the wiki is for 4.7! I know it takes time updating the website (and i would far rather have you guys improving unraid and getting us our 6.2 soon!) Anyway thanks for all your hardwork you do for us. Have to agree with gridrunner here. Was composing my next build for quite a while and almost went with Haswell simply because hardware passthrough was not supposed to work properly on Skylake. Luckily stumbled upon a few success stories, meaning the architecture itself is not unsupported per se. Perhaps marking Skylake as supported with caveats would be better and adding working cpu-mobo-gpu combinations to the supported hardware list?

Any thoughts on @gridrunner comment @jonp?