kilobit

https://lder.dev/posts/ntfy-Notifications-With-unRAID/

What a bad joke this is. Lesson #1 Never update your software on April 1st

To get the Node running in docker select "Add Container" and these are the settings that I used: I dont know how to get these talking or anything about the program honestly. This is a "botchy" install -sorry

Ok, I got webODM installed and here is what I did. 1) make sure you have the docker compose plugin installed 2) Click "add new stack" and give it a name 3) Scroll down to it and click the cog wheel (settings) and select "Compose File" 4) REMOVE any text thats pre-populated and paste the unedited docker-compose.yml (file is on github) and click "SAVE" 5) Same as step 3 but select "ENV FILE" 6) REMOVE anything in box and this is the contents of the one I used: (I only edited WO_PORT and WO_MEDIA_DIR I dont have time to test back on any results yet and This might be all wrong but its working so far. Here is the Docker Compose file: # This configuration does not include a processing node # Which makes for faster setup times version: '2.1' volumes: dbdata: appmedia: services: db: image: opendronemap/webodm_db container_name: db ports: - "5432" volumes: - dbdata:/var/lib/postgresql/data:Z restart: unless-stopped oom_score_adj: -100 webapp: image: opendronemap/webodm_webapp container_name: webapp entrypoint: /bin/bash -c "chmod +x /webodm/*.sh && /bin/bash -c \"/webodm/wait-for-postgres.sh db /webodm/wait-for-it.sh -t 0 broker:6379 -- /webodm/start.sh\"" volumes: - ${WO_MEDIA_DIR}:/webodm/app/media:z ports: - "${WO_PORT}:8000" depends_on: - db - broker - worker environment: - WO_PORT - WO_HOST - WO_DEBUG - WO_BROKER - WO_DEV - WO_DEV_WATCH_PLUGINS restart: unless-stopped oom_score_adj: 0 broker: image: redis container_name: broker restart: unless-stopped oom_score_adj: -500 worker: image: opendronemap/webodm_webapp container_name: worker entrypoint: /bin/bash -c "/webodm/wait-for-postgres.sh db /webodm/wait-for-it.sh -t 0 broker:6379 -- /webodm/wait-for-it.sh -t 0 webapp:8000 -- /webodm/worker.sh start" volumes: - ${WO_MEDIA_DIR}:/webodm/app/media:z depends_on: - db - broker environment: - WO_BROKER - WO_DEBUG restart: unless-stopped oom_score_adj: 250

me three 😁 i would love to get this going on my unraid rig...

Would be nice to get this resolved...Please In the meantime I am using a turnkey linux iso of mayan and it works great but using extra resources in a VM.

reinstalled and thought it might be a permissions issue with those 2 downloaded files being root:root. Logged into the console and checked access and it is visable so looked into the internal logs and see this: 19-Oct-2022 00:33:04.024 SEVERE [main] org.apache.tomcat.util.digester.Digester.fatalError Parse Fatal Error at line 4 column 6: The processing instruction target matching "[xX][mM][lL]" is not allowed. org.xml.sax.SAXParseException; systemId: file:/opt/tomcat/conf/server.xml; lineNumber: 4; columnNumber: 6; The processing instruction target matching "[xX][mM][lL]" is not allowed. Not seeing anything strange about the server.xml file so not sure whats up with this.

Thanks for your fast reply. First I created the directory and used curl to get both files into the newly created directory (copy and pasted your commands into my appdatafolder) File Mappings: /opt/tomcat/conf/server.xml --> /mnt/user/appdata/openkm-ce/server.xml /opt/tomcat/repository --> /mnt/user/appdata/openkm-ce/repository /HOST_SWAP --> /mnt/user/appdata/openkm-ce/swap/ /opt/tomcat/OpenKM.cfg --> /mnt/user/appdata/openkm-ce/OpenKM.cfg Then installed the docker on unraid and tried to go into webui.. but nothing is there and I posted the logs. I havent used any custom commands or anything and I have verified both files were downloaded... Im going to botch this install and try again, I will post back. **No I didnt execute anything inside the docker console.

I dont get it... its not working on my end. Base install, I have created a database and ran the commands in your instructions. upon start I get this error and no webpage. I am assuming I can enter the database info via the web gui? am I doing something wrong?? [1;33m# This file was edited by SmartPhoneLover, for the OpenKM-CE docker template for unRAID.[0m [1;33m# The original 'OpenKM.cfg' file is available on 'https://docs.openkm.com/kcenter/view/okm-6.3-com/using-docker.html'.[0m [1;33m[0m [1;33m# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -[0m [1;33m# OpenKM Hibernate configuration values[0m [1;33m# It acts as a 'bridge' between the Java JDBC types and SQL types.[0m [1;33m# Uncomment the corresponding line.[0m [1;33mhibernate.dialect=org.hibernate.dialect.H2Dialect[0m [1;33m#hibernate.dialect=org.hibernate.dialect.HSQLDialect[0m [1;33m#hibernate.dialect=org.hibernate.dialect.Oracle10gDialect[0m [1;33m#hibernate.dialect=org.hibernate.dialect.SQLServerDialect[0m [1;33m#hibernate.dialect=org.hibernate.dialect.PostgreSQLDialect[0m [1;33m#hibernate.dialect=org.hibernate.dialect.MySQL5Dialect[0m [1;33m#hibernate.dialect=org.hibernate.dialect.MySQL5InnoDBDialect[0m [1;33m[0m [1;33m# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -[0m [1;33m# Configuration property used on Hibernate database schema generation process.[0m [1;33m# Posible values: create (new instance), update (upgrade instance), none (no changes done).[0m [1;33mhibernate.hbm2ddl=create[0m [1;33m[0m [1;33m# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -[0m [1;33m# Other OpenKM settings.[0m [1;33m# Logback configuration file[0m [1;33mlogback.config=logback.xml[0m [1;33m[0m [1;33m# Visit 'https://www.openkm.com/wiki/index.php/Application_configuration' to know more property settings you can use to fully customize OpenKM. Some of these options can also be configured within OpenKM too (Administrator account).[0m 2022-10-18 16:57:03,666 CRIT Supervisor is running as root. Privileges were not dropped because no user is specified in the config file. If you intend to run as root, you can set user=root in the config file to avoid this message. 2022-10-18 16:57:03,666 INFO Included extra file "/etc/supervisor/conf.d/custom.conf" during parsing 2022-10-18 16:57:03,671 INFO RPC interface 'supervisor' initialized 2022-10-18 16:57:03,671 CRIT Server 'inet_http_server' running without any HTTP authentication checking 2022-10-18 16:57:03,671 INFO RPC interface 'supervisor' initialized 2022-10-18 16:57:03,671 CRIT Server 'unix_http_server' running without any HTTP authentication checking 2022-10-18 16:57:03,671 INFO supervisord started with pid 1 2022-10-18 16:57:04,673 INFO spawned: 'xvfb' with pid 10 2022-10-18 16:57:04,674 INFO spawned: 'tomcat' with pid 11 2022-10-18 16:57:05,545 INFO exited: tomcat (exit status 1; not expected) 2022-10-18 16:57:06,546 INFO success: xvfb entered RUNNING state, process has stayed up for > than 1 seconds (startsecs) 2022-10-18 16:57:06,547 INFO spawned: 'tomcat' with pid 61 2022-10-18 16:57:06,712 INFO exited: tomcat (exit status 1; not expected) 2022-10-18 16:57:08,715 INFO spawned: 'tomcat' with pid 109 2022-10-18 16:57:08,880 INFO exited: tomcat (exit status 1; not expected) 2022-10-18 16:57:11,884 INFO spawned: 'tomcat' with pid 157 2022-10-18 16:57:12,043 INFO exited: tomcat (exit status 1; not expected) 2022-10-18 16:57:13,044 INFO gave up: tomcat entered FATAL state, too many start retries too quickly

Did you figure out how to accomplish this?

I had this problem and noticed of the 3 drive mappings I sent all of them to my ssd drive (not cache). I deleted and reinstalled but this time set the first 2 mappings to appdata and the blockchain to my ssd. Not sure if that was the problem but on second install it worked. **Also I accidentally didnt have my ssd mounted the first time which probably was the problem.

Are there and future plans to include tor/torsocks into this docker? Thanks

Can we not just include the database inside the docker itself so end users and click and install? This is a crazy amount of editing and if their was an update I suspect everything to break and an endless amount of requests to fix it. It seems much easier to just have it already setup in the docker. (invidious)

Well, I got it to work once; it booted to uefi bios and then the vm worked. I then needed to reboot my vm and it never came back up so using my phone I logged into the unraid machine and the vm would restart but nothing on the monitor anymore. Rebooted unraid and nothing. So If I passthrough like your saying to by assigning the immo graphics card/hdmi sound then unraid will not grab the card on boot. I assume you have your vm to auto boot? I will try this and report back.

Thank you very much. I am using the edited rom file. Did you edit the vifo on the unraid bootup process or just change settings on the VM screen?

I have the same setup as you with gtx970 on the 16x slot and I cannot get mine to work. It used to work but unraid updated and it stopped working. It has almost been a year and I would like to get this resolved. I also have an sas card in the bottom slot. Would you mind sharing your configuration or bios settings? I believe unraid is set to non uefi (legacy) mode if that matters.

Wow I am really liking this docker man. Im getting much faster speed with cloudfare udp over tls on this. Thanks

If your just doing a local install then map a different port on your docker container and accept the certificate error. I don't believe this will run unencrypted.

Beware of putting anything important in the vault area. I had put some stuff in there a couple weeks ago and now when I try to download an attachment on the vault it says unknown error. I'll have to dig around in the logs to see what's going on I'll post back.

Ok, here is everything you need to do to get this working. First edit bitwarden container then click on "advanced" Extra Parameters: -e LOG_FILE=/log/bitwarden.log -e LOG_LEVEL=warn -e EXTENDED_LOGGING=true Then add path: container path: /log host path: /mnt/user/syslog (unraid share you want bitwarden to log to) access mode: read/write #apply/done Next edit letsencrypt container then add path: container path: /log host path: /mnt/user/syslog (unraid share you want bitwarden to log to) access mode: read/write #apply/done Now edit ../appdata/letsencrypt/fail2ban/jail.local * at the BOTTOM of the file add: [bitwarden] enabled = true port = http,https filter = bitwarden action = iptables-allports[name=bitwarden] logpath = /log/bitwarden.log maxretry = 3 bantime = 14400 findtime = 14400 #save/close Then create and edit ../appdata/letsencrypt/fail2ban/filter.d/bitwarden.conf and add: [INCLUDES] before = common.conf [Definition] failregex = ^.*Username or password is incorrect\. Try again\. IP: <ADDR>\. Username:.*$ ignoreregex = #save and close #restart letsencrypt container ***Testing Use your phone or something outside your lan and once you fail 3 logins you will be banned. To show banned ips and unban enter the letsencrypt console from the docker window. Lists banned ips: iptables -n -L --line-numbers Unbans ip: fail2ban-client set bitwarden unbanip 107.224.235.134 exit -End

Its not the money for me but the security. To be honest they maybe have an even better setup than we can offer but every day something is getting breached.

I got fail2ban installed but my regex is terrible and the default one isnt working for some reason and its not seeing the log. I had to apt-get update and apt-get install fail2ban. Then I removed the jails in the default conf that was causing a problem. Followed this link https://github.com/dani-garcia/bitwarden_rs/wiki/Fail2Ban-Setup and I have ran out of time today.

This docker is not secure as is for outside access. Digging around so far I found that logging was not enabled so I enabled it on the template under advanced, then extra parameters -e LOG_FILE=/data/bitwarden.log -e LOG_LEVEL=warn -e EXTENDED_LOGGING=true and now it logs into the /data/bitwarden.log file. Now I cant execute fail2ban so maybe its not installed either because its not where the link you send shows it to be. I am not that familiar with docker honestly so I wouldnt know where to begin with that. I love this app and thanks for getting it for us worst case scenario I can have it log to letsencrypt and configure a jail for it in there.

This seems to be a full dns server, whereas pihole is just a dns forwarder if im correct. I am still testing this and I like that I can add dns entries. It seems faster than pihole as im boucing between both testing stuff. You can also use pihole for encrypted dns by using ONLY cloudfare servers on port 853. You might also need to block local request on the firewall for port 53 or you may have leaks.

I noticed that this docker has a logfile called "faillog" but didnt find any fail2ban configs anywhere. Whats going to stop someone from bruteforcing the login? Also, where are the log files?