Everything posted by aptalca
-
[Support] Linuxserver.io - SWAG - Secure Web Application Gateway (Nginx/PHP/Certbot/Fail2ban)
Did you follow the steps in the link I posted for you? You didn't even post a full log. You keep saying it doesn't work. I don't know how you expect us to help you more.
-
[Support] Linuxserver.io - SWAG - Secure Web Application Gateway (Nginx/PHP/Certbot/Fail2ban)
Turn off cloudflare proxy (orange cloud)? That's what we recommend anyway. If you want to proxy through cloudflare, we don't officially support that (ie. you're on your own).
-
[Support] Linuxserver.io - SWAG - Secure Web Application Gateway (Nginx/PHP/Certbot/Fail2ban)
Take one step at a time. You have not gotten your certs yet, no point in messing around with reverse proxy. See here: https://blog.linuxserver.io/2019/07/10/troubleshooting-letsencrypt-image-port-mapping-and-forwarding/
-
[Support] Linuxserver.io - SWAG - Secure Web Application Gateway (Nginx/PHP/Certbot/Fail2ban)
Post the commands or settings you tried and the error messages you got.
-
[Support] Linuxserver.io - SWAG - Secure Web Application Gateway (Nginx/PHP/Certbot/Fail2ban)
Extra domains takes fqdn's so add your subdomains in there as additional fqdn's
-
[Support] Linuxserver.io - OpenVPN AS
Finally had time to look into it and figured it out. New build will be available shortly that will fix that error requiring restart of new containers.
-
[Support] Linuxserver.io - OpenVPN AS
In the first scenario, why are you setting interface to eth0? It should be br1. Unraid 6.7 made some changes that introduced that iptables error when openvpn is used in host networking (and I guess macvlan). No idea what causes it.
-
[Support] Linuxserver.io - SWAG - Secure Web Application Gateway (Nginx/PHP/Certbot/Fail2ban)
Are you talking about reverse proxying containers on macvlan? Then the answer is no. It's a docker restriction (security feature) that blocks connections between host and containers on macvlan.
-
[Support] Linuxserver.io - Plex Media Server
When it's officially released as either beta or stable, there will be automatic updates
-
[Support] Linuxserver.io - SWAG - Secure Web Application Gateway (Nginx/PHP/Certbot/Fail2ban)
Code server subdomain config that comes with letsencrypt works with no issues here
-
[Deprecated] Linuxserver.io - CouchPotato
Such fixes should really be done upstream. But seeing as couchpotato isn't well supported anymore (for quite a while now), did you consider switching to radarr?
-
[Support] Linuxserver.io - SWAG - Secure Web Application Gateway (Nginx/PHP/Certbot/Fail2ban)
I'm assuming you're making those go through the vpn only for outgoing connections, not incoming. Then why not make your whole lan go through the vpn? I use PIA and my whole lan goes out through the vpn by default via pfsense. Only for streaming devices (netflix and amazon refuse to work through vpn) I have a rule that lets them bypass the vpn based on their IP. I don't use vlans for containers or streamers (only for a guest network). Then you'll have all containers in bridge or host, and no issues with connecting to each other.
-
[Support] Linuxserver.io - SWAG - Secure Web Application Gateway (Nginx/PHP/Certbot/Fail2ban)
Either your ip is incorrect on your dns, or your port forwarding is incorrect. Try this: https://blog.linuxserver.io/2019/07/10/troubleshooting-letsencrypt-image-port-mapping-and-forwarding/
-
[Support] Linuxserver.io - SWAG - Secure Web Application Gateway (Nginx/PHP/Certbot/Fail2ban)
There are three types of networking for docker: host, bridge and macvlan. Host and bridge networks use the same ip as the host machine. Macvlan let's the container get its own ip. In this case you're using macvlan, and it has that security feature where it blocks communications between the container and the host ip (and everything that's using that ip). I don't know what your other containers are on so can't comment on them.
-
[Support] Linuxserver.io - SWAG - Secure Web Application Gateway (Nginx/PHP/Certbot/Fail2ban)
Our image doesn't use acme, which is a third party script. We use the official client, certbot. Honestly, GoDaddy is not very good at DNS services. I'd take cloudflare over any of those domain registrar provided DNS service any day. Cloudflare is free, very easy to switch to and propagates changes almost instantly. You're better off using cloudflare as your dns provider. I have domains bought from various providers like dynadot and name cheap, but they all point the name servers to cloudflare, which handles dns for me
-
[Support] Linuxserver.io - SWAG - Secure Web Application Gateway (Nginx/PHP/Certbot/Fail2ban)
If sonarr and radarr are on macvlan, and others are on a custom bridge, they won't be able to connect to each other. That's a docker security feature to prevent connections between the host (and the host networks) and macvlan
-
[Support] Linuxserver.io - SWAG - Secure Web Application Gateway (Nginx/PHP/Certbot/Fail2ban)
You need to disable your http to https redirect in your default site config. You can't have both http and stream listening on port 80
-
[Support] Linuxserver.io - SWAG - Secure Web Application Gateway (Nginx/PHP/Certbot/Fail2ban)
Add this to the bottom of your nginx.conf file, put in your ip and port for openvpn stream { log_format basic '$remote_addr [$time_local] ' '$protocol $status $bytes_sent $bytes_received ' '$session_time'; access_log /config/log/nginx/streamaccess.log basic; error_log /config/log/nginx/streamerror.log; server { listen 80; proxy_pass serverip:port; } }
-
[Support] Linuxserver.io - SWAG - Secure Web Application Gateway (Nginx/PHP/Certbot/Fail2ban)
You likely have double auth, once through htpasswd and once through sonarr/radarr Two solutions: 1) remove internal auth in sonarr/radarr and only rely on http auth, or 2) make sure the user pass are exactly the same for htpasswd and the app's internal auth
-
[Support] Linuxserver.io - SWAG - Secure Web Application Gateway (Nginx/PHP/Certbot/Fail2ban)
GitHub readme and the docker hub pages both have changelogs
-
[Support] Linuxserver.io - OpenVPN AS
Do not manually run commands inside the container. Create a fresh container with an empty appdata folder, follow the directions in the readme
-
[Support] Linuxserver.io - SWAG - Secure Web Application Gateway (Nginx/PHP/Certbot/Fail2ban)
Only the city one is provided by the alpine package, but it contains country info as well
-
[Support] Linuxserver.io - SWAG - Secure Web Application Gateway (Nginx/PHP/Certbot/Fail2ban)
Everything's already installed. You just edit the nginx config to enable it however you like
-
[Support] Linuxserver.io - SWAG - Secure Web Application Gateway (Nginx/PHP/Certbot/Fail2ban)
See this post:
-
[Support] Linuxserver.io - SWAG - Secure Web Application Gateway (Nginx/PHP/Certbot/Fail2ban)
Did you forward port 53444 on your router to port 53444 on unraid and also map port 53444 to port 53444 in container settings?