testdasi

Update (18/09/2020): Added OpenVPN HyRoSa docker Recoded HyDeSa and HyRoSa to use centralised static repo Coded a Web quick launcher for HyDeSa and HyRoSa

Update (17/09/2020): Added OpenVPN HyDeSa docker Fixed some minor bugs

Update (15/09/2020): Fixed some bugs. On request, added tag stable-torless-amd64 for a version without TOR for marginally less resource usage.

@Toskache, @FlippinTurt: CA has updated the latest template. Give that another try.

Firstly, you picked "bridge" network. That will never work because Unraid sits on port 53, which is required for DNS lookup. You should pick br0 or br1 (i.e. the Unraid macvlan bridge. If you don't see br0/br1 option, go to Settings -> Dockers to enable it, you might have to disable docker for the option to show up). Secondly, your port mappings are off. The 5 ports should be 53tcp 53udp 67 80 443. That probably was because of the bridge network mappings getting carried over. The server IP should be the static IP you assign to the docker, not the IP of your Unraid server. I made some changes to the template to make things clearer. I would suggest to uninstall the docker for now, wait about 2 hours for CA to pick up the change and reinstall. If you see "YOU MUST ASSIGN A STATIC IP TO THE DOCKER FOR PIHOLE TO WORK." in the description, that's the new template version. Hmm... same advice as above. Uninstall the docker and wait till you see "YOU MUST ASSIGN A STATIC IP TO THE DOCKER FOR PIHOLE TO WORK." in description (i.e. new version of the template was loaded to CA) and reinstall from CA template i.e. don't reuse your old template. It runs fine on my server so I'm guessing the template was the issue.

Something was clearly writing stuff to your docker image from 16:29 to 16:40, continuously. If you only have Plex and Tautulli running during that period then one of those 2 dockers are writing stuff directly to the docker image so probably incorrect mapping. I would suspect it to be Plex. File sync?

If VPN = no doesn't work for you then you are better off with a non-VPN docker (e.g. LSIO rutorrent). I would imagine it's somewhat trivial to install a test run of the LSIO docker and match + cp appdata over.

Update (12/09/2020): Added Pi-Hole DoT DoH. This This docker supercedes my previous Pi-Hole with DoH and Pi-Hole with DoT dockers. Pondering if I should write a mod module to add VPN to LSIO dockers. Hey, my latest Pi-Hole DoT DoH docker has exposed config files so you can add additional services (and remove cloudflare). Just edit cloudflared.yml in your Unraid appdata folder. Note: Cloudflared is the app the enable DoH. Cloudflare (no "d") is the DNS service.

If there's a use case for a VPN VM over VPN docker, it's yours. Docker networking is extremely complex and I haven't seen anything that works in terms of making a VPN docker become a gateway. Also I fixed the bug so you don't need to add extra space to the ovpn now.

Is your VPN running on port 80? That is a bit unusual. In your OVPN config file, add 3 spaces before 80. (so it's blabla.com 80 -> blabla.com 80). See if it works.

On 2nd thought, you are probably better off using ICH777's DoH Client. The intentention of my Pihole with DoH / DoT is to add DoH / DoT to Pihole for privacy reasons. Beside not letting your ISP sees your DNS queries, it also centralises blocking / filtering management within YOUR Pihole instead of in some 3rd-party servers. Using a filtering DNS with Pihole wouldn't be quite the use case for the docker. ICH777's docker already allows your to pick different DoH services so you can use a filtering DNS with it. Thanks. Glad to know it is helpful.

Update (10/09/2020): Added OpenVPN AIO Client which I wrote from scratch. Maybe I'll work on exposing cloudflared / stubby config to allow changing underlying DNS services if I have time. Still pondering if I should make a Pi-Hole with both DoH and DoT (cuz that's what I run on my actual RPi4) Thanks but I'm a little OCD so I'll fix them regardless haha. I'll see if I have time to work on that. It sort of was in the to-do list.

Update (16/09/2020): Added Pi-Hole with DoT Made changes so Pi-Hole-based dockers work on both Raspberry Pi and Unraid Fixed various missing TemplateURL Ponder if I should make a Pi-Hole with both DoH and DoT (cuz that's what I run on my actual RPi4) Perhaps see if this works?

I tried but gave up. Binhex scripts are too complex for my amateur head. I managed to get openvpn to load with a random .ovpn file but it fails the privoxy and rutorrent stage. I have got my stuff on git so feel free to have a look if it helps in any way. https://github.com/testdasi/rutorrentvpn-plus-plus/tree/master/stuff

I found this quite useful to be able to build Unraid-based dockers on Unraid (instead of relying on Docker Hub) e.g. integration with Jenkins. This is currently only possible (AFAIK) using a VM with docker installed + run dockerd with something like: -H fd:// -H tcp://0.0.0.0:2375 It's kinda a waste of resource in my opinion to have a VM for this when it's something that I think can be handled by Unraid's own docker (properly with even better performance). Would be a good simple feature to add for developers I would say.

I'll try to help. From the Dashboard, click on the Docker and then Console. On the new console window, what do you see for this command? dig @127.0.0.1 google.com Check the ANSWER SECTION:. If it resolves successfully then it would look something like this (likely different IP but should be a real IP): ;; ANSWER SECTION: google.com. 94 IN A 172.217.20.14 If it's successful then you probably have something else in your network blocking the equinox.io domain. Maybe cuz it's ".io" which isn't a typical domain, I have seen these being arbitrarily / errorneously blocked. If it's not sucessful then your docker network is probably the problem. That would be quite a bit harder to fix.

While we wait for binhex, I built a docker on top of his to randomly pick an .ovpn file from a folder on docker start/restart. Sort of a quick fix for now. Create a folder called 'openvpn_files' under your rtorrentvpn appdata folder (e.g. mkdir /mnt/user/appdata/rtorrentvpn/openvpn_files) Extract / copy the (PIA) .ovpn files to the above openvpn_files folder. Edit your docker template and change Repository to 'testdasi/rutorrentvpn-plus-plus' and Docker Hub URL to 'https://registry.hub.docker.com/r/testdasi/rutorrentvpn-plus-plus/' Apply and check log. If doesn't work then restart the docker and it will pick a random one from the openvpn_files. To revert back to binhex's one, edit the docker template and change Repository to 'binhex/arch-rtorrentvpn' and Docker Hub URL to 'https://registry.hub.docker.com/r/binhex/arch-rtorrentvpn/'

I don't think anything except Canada works now. We should all complain to PIA.

Just got back from holiday and am glad to see some folks found my dockers useful. 🧐 Settings -> Docker -> activate "IPv4 custom network on interface br0". What it does is Unraid would create a macvlan custom docker network so you can assign custom IP for any docker. Caveat: if your VM uses the same bridge as the dockers then under kernel 5.x (Unraid 6.9.0+), you will have spurious errors spamming your syslog. The workarounds for this Linux kernel annoyance is outlined in the Unraid 6.9.0 release notes. It's not a workaround but a requirement. Pointing Unraid network config to an Unraid docker just won't work. So Settings -> Network Settings has to use DNS server not hosted on the Unraid server itself. Hence, I have a RPi4 for this.

You need to give the docker its own IP. There's something using port 443 according to the error. Alternatively map port 443 to a different port. Unbound has very high latency. About 75-100ms slower. Plus I think it does caching, which overlaps what Pihole already does.

@mikegiann: confirmed the bug with the cloudflared path. I have removed it for now from the template (but it will take about 2 hours to cascade). You can wait for the change to cascade down, remove the current template and reinstall. Or you can just remove the Cloudflared path manually by editing the docker.

That sounds like the cloudflared service failed to start. Try removing the path mapping for cloudflared in your Docker config (the 3rd path mapping).

Attach diagnostics (Tools -> Diagnostics -> attach zip file). If you just removed the card and not changed the xml then the onboard graphics could have been renumbered and coincidentally be passed through. But diagnostics should help.

There's no way to know without owning the same config. The HDMI dummy plug only works if there is a GPU (either iGPU or dedicated). Without an actual GPU then headless boot is totally determined by the motherboard BIOS.

I code for fun and my dockers are mostly about adding niche features to stuff. DockerHub: https://hub.docker.com/u/testdasi If you like my work, a donation to my burger fund is very much appreciated. List: Grafana Unraid Stack OpenVPN HyRoSa OpenVPN HyDeSa OpenVPN AIO Client Pi-Hole DoT DoH DNS DoH companion Grafana Unraid Stack Meet Gus! He has everything you need to start monitoring Unraid (Grafana - Influxdb - Telegraf - Loki - Promtail). Comes with GUS dashboard and falconexe's Ultimate UNRAID Dashboard v1.3 pre-installed. Choice of HDDTemp or S.M.A.R.T for HDD/SSD monitoring. (Hint: both GUS and UUD use S.M.A.R.T) Ability to view Unraid syslog in a Grafana panel with Loki and Promtail. NOTE: uses Host network by default. If you want to run at with Bridge network, remember to map port 3006 to access Grafana. Don't change the port ENV variables unless you are comfortable changing the various config files as things are very tightly integrated. For more detailed instructions, please refer to Docker Hub / Github links below. Docker Hub: https://hub.docker.com/r/testdasi/grafana-unraid-stack Github: https://github.com/testdasi/grafana-unraid-stack Ultimate UNRAID Dashboard official thread: https://forums.unraid.net/topic/96895-ultimate-unraid-dashboard-uud/ OpenVPN HyRoSa (NZB)Hydra2 - RTorrent (Flood GUI) - Sabnzbd. Same as OpenVPN HyDeSa except with rTorrent instead of Deluge. I personally prefer rTorrent + Flood over the alternatives. Port-forwarding is unfortunately not supported at the moment (and it also requires your VPN service to provide a way to do it). Torrent still works fine without port-forwarding but if it's critical to you, I recommend binhex/arch-rtorrentvpn. NOTE: You must create an openvpn subfolder under your appdata folder and place the OpenVPN configuration there (must include openvpn.ovpn + credentials + certs). For more detailed instructions, please refer to Docker Hub / Github links below. Docker Hub: https://hub.docker.com/r/testdasi/openvpn-hyrosa Github: https://github.com/testdasi/openvpn-hyrosa OpenVPN HyDeSa (NZB)Hydra2 - Deluge - Sabnzbd. Now your torrent and usenet are protected behind OpenVPN Client (with kill switch) and DNS-over-TLS. Socks5 + HTTP proxy are also included for your convenience e.g. to also send Sonarr and Radarr web traffic through the VPN. Port-forwarding is unfortunately not supported at the moment (and it also requires your VPN service to provide a way to do it). Torrent still works fine without port-forwarding but if it's critical to you, I recommend binhex/arch-delugevpn. NOTE: You must create an openvpn subfolder under your appdata folder and place the OpenVPN configuration there (must include openvpn.ovpn + credentials + certs). For more detailed instructions, please refer to Docker Hub / Github links below. Docker Hub: https://hub.docker.com/r/testdasi/openvpn-hydesa Github: https://github.com/testdasi/openvpn-hydesa OpenVPN AIO Client An "all-in-one" docker for all your private browsing needs. Including OpenVPN client with nftables kill switch DNS server to DoT (DNS-over-TLS) services Socks5 + HTTP proxy to both VPN and TOR with (additional) piping kill switch for the proxies. Default repository with VPN + TOR: testdasi/openvpn-client-aio:stable-amd64 Optional repository with only VPN: testdasi/openvpn-client-aio:stable-torless-amd64 NOTE: you must place your own OpenVPN configuration to the host path that is mapped to /etc/openvpn (The ovpn file must be named openvpn.ovpn. Credentials + certs can be in the same file or split out into other files - the flexibility is yours.) For more detailed instructions, please refer to Docker Hub / Github links below. Docker Hub: https://hub.docker.com/r/testdasi/openvpn-client-aio Github: https://github.com/testdasi/openvpn-client-aio Pi-Hole DoT DoH Official pihole docker with added DNS-over-TLS (DoT) and DNS-over-HTTPS (DoH). DoH uses cloudflare (1.1.1.1/1.0.0.1) and DoT uses google (8.8.8.8/8.8.4.4). Config files are exposed so you can modify them as you wish e.g. to add more services. This docker supercedes my previous Pi-Hole with DoH and Pi-Hole with DoT dockers. For more detailed instructions, please refer to Docker Hub / Github links below. Docker Hub: https://hub.docker.com/r/testdasi/pihole-dot-doh Github: https://github.com/testdasi/pihole-dot-doh DNS DoH companion Simple DNS server to connect to DNS-over-HTTPS. Easy fast way to add DNS functionality to an OpenVPN docker (using --network=container:) and/or enable DNS encryption for your local network / devices. Emphasis on simplicity (hence a "companion"). If you want bells and whistles, I recommend ICH777's DoH Client. Update (23/09/2020): Grafana Unraid Stack changes: Expose Influxdb RPC port and change it to a rarer default value (58083) instead of the original common 8088. Added falconexe's Ultimate UNRAID Dashboard v1.3