kilobit

Members
  • Posts

    58
  • Joined

  • Last visited

Converted

  • Gender
    Undisclosed

Recent Profile Visitors

The recent visitors block is disabled and is not being shown to other users.

kilobit's Achievements

Rookie

Rookie (2/14)

9

Reputation

  1. Can we not just include the database inside the docker itself so end users and click and install? This is a crazy amount of editing and if their was an update I suspect everything to break and an endless amount of requests to fix it. It seems much easier to just have it already setup in the docker. (invidious)
  2. Well, I got it to work once; it booted to uefi bios and then the vm worked. I then needed to reboot my vm and it never came back up so using my phone I logged into the unraid machine and the vm would restart but nothing on the monitor anymore. Rebooted unraid and nothing. So If I passthrough like your saying to by assigning the immo graphics card/hdmi sound then unraid will not grab the card on boot. I assume you have your vm to auto boot? I will try this and report back.
  3. Thank you very much. I am using the edited rom file. Did you edit the vifo on the unraid bootup process or just change settings on the VM screen?
  4. I have the same setup as you with gtx970 on the 16x slot and I cannot get mine to work. It used to work but unraid updated and it stopped working. It has almost been a year and I would like to get this resolved. I also have an sas card in the bottom slot. Would you mind sharing your configuration or bios settings? I believe unraid is set to non uefi (legacy) mode if that matters.
  5. Wow I am really liking this docker man. Im getting much faster speed with cloudfare udp over tls on this. Thanks
  6. If your just doing a local install then map a different port on your docker container and accept the certificate error. I don't believe this will run unencrypted.
  7. Beware of putting anything important in the vault area. I had put some stuff in there a couple weeks ago and now when I try to download an attachment on the vault it says unknown error. I'll have to dig around in the logs to see what's going on I'll post back.
  8. Ok, here is everything you need to do to get this working. First edit bitwarden container then click on "advanced" Extra Parameters: -e LOG_FILE=/log/bitwarden.log -e LOG_LEVEL=warn -e EXTENDED_LOGGING=true Then add path: container path: /log host path: /mnt/user/syslog (unraid share you want bitwarden to log to) access mode: read/write #apply/done Next edit letsencrypt container then add path: container path: /log host path: /mnt/user/syslog (unraid share you want bitwarden to log to) access mode: read/write #apply/done Now edit ../appdata/letsencrypt/fail2ban/jail.local * at the BOTTOM of the file add: [bitwarden] enabled = true port = http,https filter = bitwarden action = iptables-allports[name=bitwarden] logpath = /log/bitwarden.log maxretry = 3 bantime = 14400 findtime = 14400 #save/close Then create and edit ../appdata/letsencrypt/fail2ban/filter.d/bitwarden.conf and add: [INCLUDES] before = common.conf [Definition] failregex = ^.*Username or password is incorrect\. Try again\. IP: <ADDR>\. Username:.*$ ignoreregex = #save and close #restart letsencrypt container ***Testing Use your phone or something outside your lan and once you fail 3 logins you will be banned. To show banned ips and unban enter the letsencrypt console from the docker window. Lists banned ips: iptables -n -L --line-numbers Unbans ip: fail2ban-client set bitwarden unbanip 107.224.235.134 exit -End
  9. Its not the money for me but the security. To be honest they maybe have an even better setup than we can offer but every day something is getting breached.
  10. I got fail2ban installed but my regex is terrible and the default one isnt working for some reason and its not seeing the log. I had to apt-get update and apt-get install fail2ban. Then I removed the jails in the default conf that was causing a problem. Followed this link https://github.com/dani-garcia/bitwarden_rs/wiki/Fail2Ban-Setup and I have ran out of time today.
  11. This docker is not secure as is for outside access. Digging around so far I found that logging was not enabled so I enabled it on the template under advanced, then extra parameters -e LOG_FILE=/data/bitwarden.log -e LOG_LEVEL=warn -e EXTENDED_LOGGING=true and now it logs into the /data/bitwarden.log file. Now I cant execute fail2ban so maybe its not installed either because its not where the link you send shows it to be. I am not that familiar with docker honestly so I wouldnt know where to begin with that. I love this app and thanks for getting it for us worst case scenario I can have it log to letsencrypt and configure a jail for it in there.
  12. This seems to be a full dns server, whereas pihole is just a dns forwarder if im correct. I am still testing this and I like that I can add dns entries. It seems faster than pihole as im boucing between both testing stuff. You can also use pihole for encrypted dns by using ONLY cloudfare servers on port 853. You might also need to block local request on the firewall for port 53 or you may have leaks.
  13. I noticed that this docker has a logfile called "faillog" but didnt find any fail2ban configs anywhere. Whats going to stop someone from bruteforcing the login? Also, where are the log files?
  14. **For anyone that has a problem installing this to remove the files*** I have these .SquidBait files scattered all over my array.. what a mess! find /mnt/user/* -name ".SquidBait*" -exec rm -fv {} \; Bam no more **Remove the -exec rm -fv {} \; part if you want to see their location to remove manually. ***Also, I just realized some are not hidden either so run that again using "Squidbait* without the dot "."
  15. There is no need if your doing your backups regularly. <borg backup>