Everything posted by casperse
-
[Support] Linuxserver.io - SWAG - Secure Web Application Gateway (Nginx/PHP/Certbot/Fail2ban)
Perfect that did it! - So NO need to change anything in the default conf for the: # main server block? I thought you said that was needed? Is there any security implications, I can see that any subdomain I can think of will now always point to domain_1 anything*.domain_1 anything*.domain_2 anything*.domain_3 all --> will point to the domain set for the "Heimdal subfolder sample" which was for domain_1 (Nextcloud) Normally I guess you would get a "This site canโt be reached" Or is this because each domain have a A record and a C name *.domain1-> A record? so Letsencrypt just forwards everything to the domain_1 I have been playing with this all day :-) hoping to remove my old Synology setup [UPDATE]: Nextcloud works but cant connect to the IOS app, switching Nextcloud to Domain_2 and using Domain_1 with Emby resolved that, Nextcloud wants the sample file for the Subdomain not the subfolder? Everything seem to work! But I am getting alot of Unraid log errors? I can see that the IP is from my Laptop that I used to test whit Apr 12 20:52:59 SERVER nginx: 2020/04/12 20:52:59 [error] 10389#10389: *34579 recv() failed (104: Connection reset by peer) while reading upstream, client: 192.168.0.34, server: , request: "GET //wsproxy/5700/ HTTP/1.1", upstream: "http://127.0.0.1:5700/", host: "192.168.0.6" Apr 12 20:53:01 SERVER nginx: 2020/04/12 20:53:01 [error] 10389#10389: *34593 recv() failed (104: Connection reset by peer) while reading upstream, client: 192.168.0.34, server: , request: "GET //wsproxy/5700/ HTTP/1.1", upstream: "http://127.0.0.1:5700/", host: "192.168.0.6" Apr 12 20:53:02 SERVER nginx: 2020/04/12 20:53:02 [error] 10389#10389: *34599 recv() failed (104: Connection reset by peer) while reading upstream, client: 192.168.0.34, server: , request: "GET //wsproxy/5700/ HTTP/1.1", upstream: "http://127.0.0.1:5700/", host: "192.168.0.6" Apr 12 20:53:03 SERVER nginx: 2020/04/12 20:53:03 [error] 10389#10389: *34604 recv() failed (104: Connection reset by peer) while reading upstream, client: 192.168.0.34, server: , request: "GET //wsproxy/5700/ HTTP/1.1", upstream: "http://127.0.0.1:5700/", host: "192.168.0.6" Apr 12 20:53:03 SERVER nginx: 2020/04/12 20:53:03 [error] 10389#10389: *34607 recv() failed (104: Connection reset by peer) while reading upstream, client: 192.168.0.34, server: , request: "GET //wsproxy/5700/ HTTP/1.1", upstream: "http://127.0.0.1:5700/", host: "192.168.0.6" Apr 12 20:53:03 SERVER nginx: 2020/04/12 20:53:03 [error] 10389#10389: *34612 recv() failed (104: Connection reset by peer) while reading upstream, client: 192.168.0.34, server: , request: "GET //wsproxy/5700/ HTTP/1.1", upstream: "http://127.0.0.1:5700/", host: "192.168.0.6" Apr 12 20:53:03 SERVER nginx: 2020/04/12 20:53:03 [error] 10389#10389: *34615 recv() failed (104: Connection reset by peer) while reading upstream, client: 192.168.0.34, server: , request: "GET //wsproxy/5700/ HTTP/1.1", upstream: "http://127.0.0.1:5700/", host: "192.168.0.6" Apr 12 20:53:04 SERVER nginx: 2020/04/12 20:53:04 [error] 10389#10389: *34618 recv() failed (104: Connection reset by peer) while reading upstre Apr 12 21:59:13 SERVER nginx: 2020/04/12 21:59:13 [error] 10389#10389: *56034 FastCGI sent in stderr: "Primary script unknown" while reading response header from upstream, client: 127.0.0.1, server: , request: "GET /admin/api.php?version HTTP/1.1", upstream: "fastcgi://unix:/var/run/php5-fpm.sock:", host: "127.0.0.1" Apr 12 21:59:13 SERVER nginx: 2020/04/12 21:59:13 [error] 10389#10389: *56036 FastCGI sent in stderr: "Primary script unknown" while reading response header from upstream, client: ::1, server: , request: "GET /admin/api.php?version HTTP/1.1", upstream: "fastcgi://unix:/var/run/php5-fpm.sock:", host: "localhost"
-
[Support] Linuxserver.io - SWAG - Secure Web Application Gateway (Nginx/PHP/Certbot/Fail2ban)
Ok I have almost read through the entire thread and on page 167 I found the missing parameter to insert the extra domain names! LOL I now have 3 domains added and getting certificates! Domain_1 --> Nextcloud (OK) Domain_2 --> Ombi (Not working) sub-domain.Domain_2 (OK) sub-domain.Domain_3 (OK) But I still can't get the two main domains to co-exist... I know it's how I add the two servers to the default conf? I have created the two main domain on the sample from Heimdahl.subfolder.conf.sample and created: "nextcloud.subfolder.conf" "ombi.subfolder.conf" I just need some help on how to define the servers in the appdata\letsencrypt\nginx\site-confs\defaults (conf) My addition in Yellow
-
[Support] Linuxserver.io - SWAG - Secure Web Application Gateway (Nginx/PHP/Certbot/Fail2ban)
So again copying the sample from Heimdahl.subfolder.conf.sample and creating the "nextcloud.subfolder.conf" Than adding the two servers to the appdata\letsencrypt\nginx\site-confs\defaults conf (Removing the two lines for the htpassword in the example below) # auth_basic "Restricted"; # auth_basic_user_file /config/nginx/.htpasswd; Then of course updating the nextcloud PHP configuration to the domain and not the sub.domian I have been reading your old posts today :-) Did I forget something? Would sub.domains still work? bitwarden.domain_2 Or would I need to define them as servers also? Update: Adding domain should be like this right? I thought I had made some A record wrong but if I just enter one domain it works, but if I add more domains I get this error: ERROR: Cert does not exist! Please see the validation error above. The issue may be due to incorrect dns or port forwarding settings. Please fix your settings and recreate the container On page 167 I found a note about creating this extra field for more domains? But it talks about subdomains? would I be able to do as shown below?
-
[Support] Linuxserver.io - SWAG - Secure Web Application Gateway (Nginx/PHP/Certbot/Fail2ban)
Dam it was right in front of me! missed it didn't have https ! (I did try swapping ports) I think I understand how it works now! So if I copy the Heimdahl template to use with nextcloud Then how to I set the right domain to point to each? Domain_1 --> Ombi (THIS WORKS NOW! :-) Domain_2 --> Nextcloud I can't see how Letsencrypt can tell which domain should point to each specific docker? Thanks again! this is awesome!
-
[Support] Linuxserver.io - SWAG - Secure Web Application Gateway (Nginx/PHP/Certbot/Fail2ban)
Yes its defined in the "ombi.subfolder.conf" and I left it as default, like in the Nextcloud conf. (subdomain) video setup to the default port 443: set $upstream_port 443; right? (I tried changing it to 3579 makes no difference) Just thought that I would need some configuration "link" between the two dockers and the 2 domains: domain_1 --> ombi IP:3579 (I am waiting with domain_2 until I have cracked the first main domain_2--> nextcloud IP: (PHP config.php) Getting the sub.domain working was so simple, would it be better and easier to setup a DNS verification instead using a wildcard SSL Certificate? The cert. is working for both main and sub domains so I guess it doesn't really matter Update: I also found this guide - https://blog.linuxserver.io/2019/04/25/letsencrypt-nginx-starter-guide/#usingheimdallasthehomepageatdomainroot And it's exactly like you told me, cant see any errors - but for some reason it doesn't work... must be missing something
-
[Support] Linuxserver.io - SWAG - Secure Web Application Gateway (Nginx/PHP/Certbot/Fail2ban)
I have been reading! And thanks to you and this very long thread I am almost there Exercise "Setup Ombi with main domain": 0) Confirm in the log that Letsencrypt gets certificates for everything 1) Change Docker to use custom Proxynet (Networktype) 2) Use template heimdall.subfolder.conf.sample and add your docker name (This case: ombi) rename it "ombi.subfolder.conf" \rootshare\appdata\letsencrypt\nginx\proxy-confs\ombi.subfolder.conf location / { # enable the next two lines for http auth #auth_basic "Restricted"; #auth_basic_user_file /config/nginx/.htpasswd; # enable the next two lines for ldap auth, also customize and enable ldap.conf in the default conf #auth_request /auth; #error_page 401 =200 /login; include /config/nginx/proxy.conf; resolver 127.0.0.11 valid=30s; set $upstream_app ombi; set $upstream_port 443; set $upstream_proto https; proxy_pass $upstream_proto://$upstream_app:$upstream_port; } 3) Comment out location / in: appdata\letsencrypt\nginx\site-confs\default # main server block server { listen 443 ssl http2 default_server; listen [::]:443 ssl http2 default_server; root /config/www; index index.html index.htm index.php; server_name _; <--- Add my domains here? # enable subfolder method reverse proxy confs include /config/nginx/proxy-confs/*.subfolder.conf; # all ssl related config moved to ssl.conf include /config/nginx/ssl.conf; # enable for ldap auth #include /config/nginx/ldap.conf; client_max_body_size 0; # location / { # try_files $uri $uri/ /index.html /index.php?$args =404; # } location ~ \.php$ { fastcgi_split_path_info ^(.+\.php)(/.+)$; fastcgi_pass 127.0.0.1:9000; fastcgi_index index.php; include /etc/nginx/fastcgi_params; } 4) Port setup on docker its the proxy that forwards the port 443 -> Dockers And it look like it gets the port from the docker itself "proxy_pass $upstream_proto://$upstream_app:$upstream_port;" So not sure if I need to specify the Ombi port:3579 somewhere But where do I specify which main domain"1" should be used for Ombi? This should be in the # main server block in the default file above right? server_name domain1; server_name domain2; 5) I also found this "Add your domain name to the trusted domains array?" (Don't know what that's about) I apologize for not figuring this out myself - I have spent a lot of time on trial & error Most on Google use linux and command lines not these very nice configuration files
-
[Support] Linuxserver.io - SWAG - Secure Web Application Gateway (Nginx/PHP/Certbot/Fail2ban)
Oh didnt see that thanks! Would I still be able to use subdomain for other Dockers? under this top-domain? The current version supports multiple domains like: domain1, domain2 Adding any subdomain to this in the configuration would then create cert. for these subdomain under both domains correct? Is it problematic to also change Nextcloud to its own domain instead of using a subdomain? (Have read many post in this thread about Nextcloud and that Subdomain is the way to get it working, not one about using a main domain) Again thanks for your help! much appreciated
-
[Support] Linuxserver.io - SWAG - Secure Web Application Gateway (Nginx/PHP/Certbot/Fail2ban)
Thanks! So this sample for subfolder would allow me to use the main domain? Just updating the app naming to another docker? I wanted to use the main domain on "Ombi" and I can see that there is a template for using it but again it's for a sub.domain (The docker is auth. by Plex service so I would not need the .htpasswd) # In order to use this location block you need to edit the default file one folder up and comment out the / location location / { # enable the next two lines for http auth #auth_basic "Restricted"; #auth_basic_user_file /config/nginx/.htpasswd; # enable the next two lines for ldap auth, also customize and enable ldap.conf in the default conf #auth_request /auth; #error_page 401 =200 /login; include /config/nginx/proxy.conf; resolver 127.0.0.11 valid=30s; set $upstream_app heimdall; <----- "Replace with alternative Docker name" set $upstream_port 443; set $upstream_proto https; proxy_pass $upstream_proto://$upstream_app:$upstream_port; } 1000 Thanks I have googled this for hours but didnt find anything......
-
[Support] Linuxserver.io - SWAG - Secure Web Application Gateway (Nginx/PHP/Certbot/Fail2ban)
Ok I got it all working with my own subdomain and a A record pointing to my new fixed IP :-) But, can I change the subdomain to the main domain? (I have enabled it in the docker to false, and I can see that it pulls the certificate) But all the conf.samples are for a subdomain where and how can I setup the main domain? Strange I can only find support for reverse proxy using subdomains? (But my old Synology could do both subdomains and main domain?)
-
Odd Ngnix error filling up my syslog
I have the same error in my Log file but I dont have any VM's with this -1 value?
-
[Support] Linuxserver.io - Plex Media Server
Hi All I started to have Plex docker just stopping? So I disabled auto update in the Unraid Plugin but I still get these "Shutdowns" I then got the logs right after a shutdown/stop of the Docker and I can see this: "Shutting down with signal 15 (Terminated)" This would normally mean that the system is shutting down, but Unraid and all my other Dockers run perfectly So how do I find out what is issuing this command to plex on Unraid? UPDATE: I have also excluded the backup of Appdata for /mnt/cache/appdata/plex/ so it shouldnt stop the Plex docker should it? Okay : I think it's the update vs the backup plugin that need more time difference in order not to conflict with each other... more date = more time
-
*VIDEO GUIDE* A comprehensive guide to pfSense both unRAID VM and physical
@SpaceInvaderOne I finally got everything working now but I would like to know if you have any special rules for the VM's on Unraid? My Unraid server IP is used and shared by the Docker and the same gateway (subnet) Unraid server IP: 192.168.0.6 like most people have... I have virtual machines VM's on the Unraid server with their own fixed IP like: 192.168.0.18 BUT If I route any traffic through the Pfsense for the server Unraid IP, dockers etc on the 192.168.0.6 it will overrule any traffic coming from my VM having IP: 192.168.0.18 and route everything over the rule set for the Unraid server IP 192.168.0.6 hosting the VM's !!! ๐ Do I need to passthrough NIC's to my VM's? in order to separate them from the Unraid server IP?
-
*VIDEO GUIDE* A comprehensive guide to pfSense both unRAID VM and physical
Does anyone know if there is a Video tutorial for OpenVPN and PIA in Pfsense? The introduction video talked about installing Openvpn on pfsense but I cant find the video? Thanks! ๐
-
Tips and Tweaks Plugin to possibly improve performance of Unraid and VMs
I just changed it to a value below 1mio and then it worked! :-)
-
Tips and Tweaks Plugin to possibly improve performance of Unraid and VMs
Hi Great plugin! I just tried to change the value: But when I look at the right side its not changed in the tweak plugin And running the command: cat /proc/sys/fs/inotify/max_user_watches Shows that its still set to: 524288?
-
[Support] Linuxserver.io - Embystat
Hi All I have installed it 3 times and it stoppes around 80% been running for two days now and it just crashed Emby Hangs here: "Calculating movie statistics" Is there any files or changes that I have to make? I saw some forum post about a fix, but I guess that would be in the docker by now right?
-
Unraid tweaks for Media server performance?
Found a new useful powerful setting if you have a very large Plex/Media Library.... Install the Tweaks plugin and increase the: fs.inotify.max_user_watches You can read more about the problem here: LINK BTW: I would really like to hear from more power users about their tweaks and settings, please share if you have some tweaks or performance improvements
-
[Support] Linuxserver.io - Plex Media Server
I think I found the solution but have no Idea on how to implement it in a docker/Unraid? https://forums.plex.tv/t/increase-the-number-of-directories-linux-can-monitor-notify/209156 Hmm increasing this in the Tweaks plugin? would that help Plex?
-
[Support] Linuxserver.io - Plex Media Server
Hi All I have a solid system for a very long time but after encoding to RAM I am getting some problems once in a while some TV shows doesn't play and then later they play fine? Error log: [Transcoder] [eac3_eae @ 0x15422c0] EAE timeout! EAE not running, or wrong folder? Could not read '/tmp/pms-018fb146-d1c7-4f41-84cb-cae419d0ca06/EasyAudioEncoder/Convert to WAV (to 8ch or less)/e12d43b76d37f1d2-com-plexapp-android_7893-0-0.wav' I found this post? Anyone have a solution to this? (Just upgraded to 64GB RAM to use RAM for encoding) And only for TV never movies? so the tmp folder si working....
-
[Support] Linuxserver.io - Tautulli
Hi All, I had this working before but not on Unraid :-) Could someone tell me how to read the log files from Plex in Tatulli? I have set the path like this: Path: /mnt/user/appdata/plex/Library/Application Support/Plex Media Server/Logs/ And in Tautulli So any input to what's missing is much welcome
-
Unraid tweaks for Media server performance?
Hi Everyone Unraid is great and I am like many others using my Unraid server for Plex (And of course other things) So I would really like to collect all the tweaks and "Hack" done by others to increase performance of large Media servers doing transcoding First just to get the "normal" recommendation listed: Appdata on cache drive (Fast as possible - SSD/M2) HW encoding using Unraid Nvidia plugin + GPU Structure of media in each folder/optimize files for transcoding? Specific Unraid tweaks: Moving transcoding to RAM (Update better guide for doing this) DB optimize over time (Mostly Plex not Emby) - people with large collection run this even if the DB is not corrupt? And afterwards should load much faster? https://support.plex.tv/articles/201100678-repair-a-corrupt-database/ https://hub.docker.com/r/nouchka/sqlite3/dockerfile/ Move the sqlite3 db file into a ramdisk? Link from Reddit - I guess it would just be a matter of copying to /temp? (If you already have your Appdata on M.2 then might not be big difference) Use direct /cache/ path: Big thanks to @mgutt for sharing this! (If you have space then adding Appdata/Docker.img really makes a difference!) What other things or tips do you have to speed things up? Speed up the UI? have anyone tried to move the DB to RAM? and did it help? Looking forward to getting some input from the power users! ๐ and updating this post with new things! Thanks for a really great forum with so many help-full people (I placed this post here because it should not be about the dockers but things around it and Unraid, please move it if you find a better place for it!)
-
[Support] hotio - All images released by hotio
So it seem to be working now! ๐ One questions... The unpackerr creates a new folder side by side with the existing folder like this: Directory A Directory A_unpackerred/Directory A/file A Is this how it should be? After Radarr/Sonarr/Lidarr moves the file will it then be deleted? (If the file is something they accept! not iso etc.) Again thanks for creating this! - Really love to disable the other built in-unpackers
-
[Support] hotio - All images released by hotio
-
[Support] hotio - All images released by hotio
Yes I actually did - have spend allot of my time to get this to work.... and currently could mean that at some point it will be used so doesn't hurt to fill it in right!
-
[Support] hotio - All images released by hotio
Sorry I just need to know if the mappings in the docker is going to be subst for the "mount" like: /downloads/tv/ --> ( /downloads/ = /mnt/user/downloads/) --> /downloads/tv Or should they be "spelled out in full path" in the docker UI so they have the full path: /mnt/user/downloads/tv? These 3 fields: Sorry for the many question if you have an example on how you have configured it then please share :-)