aptalca

I don't understand why you'd need a local dns server. With bridge networking, everything is going to be on your server ip. You just reach them at different ports. Just set up our letsencrypt image and reverse proxy them at subdomains. Then set up heimdall as your homepage with pretty buttons for them all, voila

If all you want are those two things, why don't you just run everything with bridge networking? No need to overcomplicate your setup. I only have two containers on macvlan, and the only reason for that is, my whole internet connection goes through a vpn and I wanted to be able to bypass the vpn gateway for those two containers. I do it via an IP based routing rule in pfsense. Everything else is on bridge.

Not off base, it's a valid argument, but not a simple one. I personally think the benefit of fail2ban far outweighs the potential risk. I mean, I heavily rely on fail2ban for ddos and brute force protection by using http auth with most of my proxied apps. Fail2ban reduces the likelihood of my server getting pawned. As long as I'm not pawned, I don't have to worry about net admin. Also keep in mind that most web servers run nginx directly on the host OS, and it already has net admin capability plus a whole lot more. Nginx service runs as root (the workers run as unrpivilieged users). Here at least nginx is somewhat sandboxed inside a container.

Not sure why it's taking 3-5 minutes for you but it essentially downloads the new geoip database if it's a newly created container. I'll change it so the database resides in the config folder so it would only download once. Until then, you can map an empty file here and it won't download: https://github.com/linuxserver/docker-letsencrypt/blob/master/root/etc/cont-init.d/50-config#L253

Can you report it to ombi on GitHub? It sounds like an ombi bug.

Don't change the proxy conf. In the browser go to address https://jellyfin.xxxxx.duckdns.org

Yes, I believe the 1060 requires a power cable connected

You guys need to use container ports of apps, not host ports

I'm not sure what import folder you are referring to, but you can upload books through the web interface. That is the correct method. However, the location the books reside in has to be accessible by the container, meaning you don't upload through the web, but you use the web to point to the books calibre should import. Calibre-web is a separate app by a separate developer. It is simply an alternative web interface for calibre and it requires an existing calibre db to connect to. This image only replaces the RDP Calibre image that is in my personal repo. This one is more up to date and will continue getting updates whereas the RDP Calibre will be deprecated once I write migration instructions for existing users.

I'll look into creating a "development" tag for their beta releases. It looks like they release them on a sensible schedule.

You'll have to wait. 1.33 is the latest stable version: https://github.com/cdr/code-server/releases

You need to uncomment it (remove the # sign)

Don't mess with mapping folders in those locations. To test, just edit the crontab file under your config folder and restart the container. Make sure you have more than 1 minute between your upcoming script run time and restarting the container.

That's strange. I have a gtx1060 and a gt710. Similarly, 1060 is used for transcoding in emby and 710 is used for a win vm. They both work fine. I did not stub the cards, emby config defines the id for 1060 so it leaves the 710 alone. Are you starting unraid in gui mode? I do headless and it uses the mobo built-in matrox gpu. That could be the main difference between our servers.

Try this: https://blog.linuxserver.io/2019/07/10/troubleshooting-letsencrypt-image-port-mapping-and-forwarding/

That's a new one for me. Check that file /config/etc/letsencrypt/renewal/website.com.conf to make sure it contains all the parameters including this line: dns_cloudflare_credentials = /config/dns-conf/cloudflare.ini

For future reference and other users, you don't need to install nano inside the container as you can edit the file on the host under the mapped config folder

Yes, that should work. I believe I had done just that a while back.

It's simple, just use one of the examples from the default site config and plug in your IIS server's IP and port

Stream module is already installed and enabled. I use it to proxy vpn tcp connections

We need more info than "not connecting" Is this a new container or existing? What address are you going to? What is the docker run command?

Update: this was solved on discord. Pihole / dns settings were preventing outgoing connection to letsencrypt servers

RTFM is universal; applies to people of all ages, genders and medical conditions.

Then you enabled http auth in heimdall. Don't enable it in letsencrypt. Doubling up will cause issues.

Or you could have read the instructions in the readme, which talks about renewals. We do not support running manual commands inside the container. You're on your own from this point on