aeleos

Members
  • Posts

    26
  • Joined

  • Last visited

Recent Profile Visitors

The recent visitors block is disabled and is not being shown to other users.

aeleos's Achievements

Newbie

Newbie (1/14)

9

Reputation

  1. If you are willing to look at the official docs you can modify the docker to only run with a token in the extra parameters, and the configuration can be done on the CF website. This should solve any permission issues. On the part about 6.10, my understanding is any permission issues aren't anything to do with the container or unraid but with incorrect permissions that unraid wasn't respecting before. Its possible you may need to force the container to use the user id you want, which can be done with --user 99:100 (for nobody:users) in extra parameters.
  2. I was able to fix this by adding --user 99:100 to extra parameters. You can also fix it by setting the grafana appdata folders to 472:root, which is the user/group the grafana container tries to use (and creates these permission issues)
  3. So I purchased a LSI controller and everything is working great so far, however now I am getting this error. fstrim: /mnt/cache: FITRIM ioctl failed: Remote I/O error Based on some other posts it looks like this is related to the LSI card not supporting fstrim. Should I move my cache drive back onto the onboard sata ports since I moved it to the controller as part of this? or is that likely to give me more issues with the sata controller? I could also try to experiment with changing the firmware version but that isn't ideal.
  4. Unfortunately I have already tried upgrading the BIOS to the latest version. Is there anything else I can do besides buying a PCI card?
  5. I am running into an issue where after a period of uptime my server fails with a bunch of read errors. Here is the logs from one instance. May 10 12:35:18 Tower kernel: ahci 0000:01:00.1: AMD-Vi: Event logged [IO_PAGE_FAULT domain=0x000c address=0x95e7e000 flags=0x0000] May 10 12:35:19 Tower kernel: ata4.00: exception Emask 0x10 SAct 0x400045f SErr 0x0 action 0x6 frozen May 10 12:35:19 Tower kernel: ata4.00: irq_stat 0x08000000, interface fatal error May 10 12:35:19 Tower kernel: ata4.00: failed command: WRITE FPDMA QUEUED May 10 12:35:19 Tower kernel: ata4.00: cmd 61/08:00:b8:ce:27/00:00:2d:00:00/40 tag 0 ncq dma 4096 out May 10 12:35:19 Tower kernel: res 40/00:00:61:d6:27/00:00:2d:00:00/40 Emask 0x10 (ATA bus error) May 10 12:35:19 Tower kernel: ata4.00: status: { DRDY } May 10 12:35:19 Tower kernel: ata4.00: failed command: WRITE FPDMA QUEUED May 10 12:35:19 Tower kernel: ata4.00: cmd 61/08:08:48:d1:27/00:00:2d:00:00/40 tag 1 ncq dma 4096 out May 10 12:35:19 Tower kernel: res 40/00:00:61:d6:27/00:00:2d:00:00/40 Emask 0x10 (ATA bus error) May 10 12:35:19 Tower kernel: ata4.00: status: { DRDY } May 10 12:35:19 Tower kernel: ata4.00: failed command: WRITE FPDMA QUEUED May 10 12:35:19 Tower kernel: ata4.00: cmd 61/08:10:f8:d2:27/00:00:2d:00:00/40 tag 2 ncq dma 4096 out May 10 12:35:19 Tower kernel: res 40/00:00:61:d6:27/00:00:2d:00:00/40 Emask 0x10 (ATA bus error) May 10 12:35:19 Tower kernel: ata4.00: status: { DRDY } May 10 12:35:19 Tower kernel: ata4.00: failed command: WRITE FPDMA QUEUED May 10 12:35:19 Tower kernel: ata4.00: cmd 61/08:18:f0:d3:27/00:00:2d:00:00/40 tag 3 ncq dma 4096 out May 10 12:35:19 Tower kernel: res 40/00:00:61:d6:27/00:00:2d:00:00/40 Emask 0x10 (ATA bus error) May 10 12:35:19 Tower kernel: ata4.00: status: { DRDY } May 10 12:35:19 Tower kernel: ata4.00: failed command: WRITE FPDMA QUEUED May 10 12:35:19 Tower kernel: ata4.00: cmd 61/08:20:c0:d4:27/00:00:2d:00:00/40 tag 4 ncq dma 4096 out May 10 12:35:19 Tower kernel: res 40/00:00:61:d6:27/00:00:2d:00:00/40 Emask 0x10 (ATA bus error) May 10 12:35:19 Tower kernel: ata4.00: status: { DRDY } May 10 12:35:19 Tower kernel: ata4.00: failed command: WRITE FPDMA QUEUED May 10 12:35:19 Tower kernel: ata4.00: cmd 61/08:30:a0:d5:27/00:00:2d:00:00/40 tag 6 ncq dma 4096 out May 10 12:35:19 Tower kernel: res 40/00:00:61:d6:27/00:00:2d:00:00/40 Emask 0x10 (ATA bus error) May 10 12:35:19 Tower kernel: ata4.00: status: { DRDY } May 10 12:35:19 Tower kernel: ata4.00: failed command: WRITE FPDMA QUEUED May 10 12:35:19 Tower kernel: ata4.00: cmd 61/08:50:f8:d5:27/00:00:2d:00:00/40 tag 10 ncq dma 4096 out May 10 12:35:19 Tower kernel: res 40/00:00:61:d6:27/00:00:2d:00:00/40 Emask 0x10 (ATA bus error) May 10 12:35:19 Tower kernel: ata4.00: status: { DRDY } May 10 12:35:19 Tower kernel: ata4.00: failed command: WRITE FPDMA QUEUED May 10 12:35:19 Tower kernel: ata4.00: cmd 61/08:d0:38:ce:27/00:00:2d:00:00/40 tag 26 ncq dma 4096 out May 10 12:35:19 Tower kernel: res 40/00:00:61:d6:27/00:00:2d:00:00/40 Emask 0x10 (ATA bus error) May 10 12:35:19 Tower kernel: ata4.00: status: { DRDY } May 10 12:35:19 Tower kernel: ata4: hard resetting link May 10 12:35:29 Tower kernel: ata4: softreset failed (1st FIS failed) May 10 12:35:29 Tower kernel: ata4: hard resetting link May 10 12:35:39 Tower kernel: ata4: softreset failed (1st FIS failed) May 10 12:35:39 Tower kernel: ata4: hard resetting link May 10 12:35:49 Tower kernel: ata3.00: exception Emask 0x0 SAct 0x600000 SErr 0x0 action 0x6 frozen May 10 12:35:49 Tower kernel: ata3.00: failed command: READ FPDMA QUEUED May 10 12:35:49 Tower kernel: ata3.00: cmd 60/80:a8:18:eb:2f/00:00:53:00:00/40 tag 21 ncq dma 65536 in May 10 12:35:49 Tower kernel: res 40/00:01:00:4f:c2/00:00:00:00:00/00 Emask 0x4 (timeout) Hardware Info: Model: Custom M/B: Gigabyte Technology Co., Ltd. X470 AORUS GAMING 5 WIFI-CF Version Default string - s/n: Default string BIOS: American Megatrends International, LLC. Version F63a. Dated: 02/17/2022 CPU: AMD Ryzen 7 2700X Eight-Core @ 3700 MHz HVM: Enabled IOMMU: Enabled Cache: 768 KiB, 4 MB, 16 MB Memory: 32 GiB DDR4 (max. installable capacity 128 GiB) Network: bond0: fault-tolerance (active-backup), mtu 1500 eth0: 1000 Mbps, full duplex, mtu 1500 Kernel: Linux 5.10.28-Unraid x86_64 OpenSSL: 1.1.1j Uptime: 0 days, 03:25:40 // after restart Ram is running at 2133 MHz, 4 8GB sticks
  6. You can use the GUI easily by taking the run token the tunnel gives you and modifying the command in the docker template. Something like Post Arguments: tunnel run --token <Your Tunnel Token from GUI>
  7. 1) I handle local access using PiHole on a raspberry pi, with Local DNS entires for each of my subdomains to point them back to the internal unraid IP address. I have a dd-wrt router that points DHCP clients to the pihole for DNS requests. I have a reverse proxy (Previously SWAG but now Traefik) on port 443 on unraid, so that the redirected requests look the same from inside and outside the network (same subdomain, https, etc). 2) I'm not exactly sure what you mean here, but you should be able to set up pihole and nextcloud as I have them working with this. In general you can either specify a different origin ip address for a specific subdomain with the cloudflare configuration itself, or you can have everything go to a reverse proxy and have the proxy point to a different IP address. 3) I'm also not exactly sure what you mean here but if you are talking about running the CF tunnels connection through a proxy it should be possible but it would likely increase the latency a fair bit.
  8. My understanding based on the TOS is that there is no XXGB traffic limit listed, and that as long as you comply with the restrictions around what traffic you serve you are good to go. In reality, you can likely get away with some amount of video streaming and traffic isn't closely monitored. However if you run a video streaming service on your free tier of tunnels you will likely hit some sort of internal limit (50+ GB per month) and get your account terminated, or moved to higher tier plan with a cost per gb. You may be conflicting smart route traffic and regular tunnel traffic? For the smart routing, there is a free tier limit and you will get charged for additional traffic. However this is something you have to enable manually. Feel free to correct me if I am wrong but this is my understanding.
  9. Nice, I'm glad you were able to get it working!
  10. You will need to register for an account and add a credit card to sign up for the free tier (I'm not 100% sure on this but this is what I had to do.) but there is no cost for bandwidth cost. The terms of service only allow for regular website traffic (not video streaming like plex), so you aren't supposed to use a lot of bandwidth. If you do, it will likely trigger something in their system and you make get taken off the free plan.
  11. You likely have your UUID for the tunnel slightly miswritten or misconfigured, maybe a leading or trailing space.
  12. Are you actually having any issues, or are you just seeing those errors appear in the logs? If the issue is that your cloudflared container is stopping, you will want to add "--restart unless-stopped" to your extra parameters in the advanced view. Additionally you might want to try an older version of cloudflared like 2021.8.2 or a newer one like 2022.3.1, although the container way update itself anyway.
  13. @Profezor can you provide any more info on what proxy manager you are passing the cloudflare traffic to and how its configured? That is likely the source of the issue, the error message indicates that cloudflared doesn't like the certificate your proxy manager is providing. Can you also post a redacted version of your cloudflared config?
  14. @LeoRX I'm glad I was able to help out with the instructions. There is something very elegant about the tunnel setup so I was happy to be able to get the information out to more people. Traefik felt the exact same way to me. Ibracorps video does a great job to break it down and see how to use it. Its a little bit of a jump from SWAG and NPM but sometimes better tools have a bigger learning curve.
  15. @portonalga Hmm that is strange, I would expect that certificate to work. Other options include trying to use a cloudflare certificate rather than letsencrypt but that takes a fair bit of manual work. Also, its possible to locate the logs of where the actual 502 error is coming from. In NPM you should be able to find a folder for each service where the logs are kept, and any 502 errors should show there. That might help to tell you where the actual error is generating from and why. As much fun as it is to get everything working the right way, I wouldn't get to hung up on it. Sometimes in the end its better to have it working, although doing things like this are a big part of the learning process. I would recommend IBRACORPs video on SWAG if you plan on using it. However if you are dead set on doing it the right way Traefik (Ibracorp also has a great video) is much more of a purpose built tool for this. SWAG and NPM are very much applications built around other applications to create a manageable reverse proxy setup. It also makes debugging much more manageable as it actually shows you the traffic path, where errors are happening, etc. Debugging with NPM is almost impossible, SWAG is somewhat manageable but not ideal.