Everything posted by Tuumke
-
[Support] jbreed - nessus
I also created a docker-compose file for use with Traefik (old traefik) for use on my VPS (not unraid system): note: i have environment variables set in /etc/environment for ${USERDIR}, ${DOMAINNAME} you might want to replace those nessus: image: jbreed/nessus container_name: nessus hostname: nessus restart: unless-stopped networks: - traefik_proxy volumes: - ${USERDIR}/docker/nessus:/config - "/etc/localtime:/etc/localtime:ro" - ${USERDIR}/docker/shared:/shared environment: PUID: ${PUID} PGID: ${PGID} TZ: ${TZ} labels: traefik.enable: "true" traefik.backend: nessus traefik.protocol: https traefik.port: 8834 traefik.frontend.rule: Host:nessus.${DOMAINNAME} traefik.frontend.headers.SSLHost: nessus.${DOMAINNAME} traefik.docker.network: traefik_proxy traefik.frontend.passHostHeader: "true" traefik.frontend.headers.SSLForceHost: "true" traefik.frontend.headers.SSLRedirect: "true" traefik.frontend.headers.browserXSSFilter: "true" traefik.frontend.headers.contentTypeNosniff: "true" traefik.frontend.headers.forceSTSHeader: "true" traefik.frontend.headers.STSSeconds: 315360000 traefik.frontend.headers.STSIncludeSubdomains: "true" traefik.frontend.headers.STSPreload: "true" traefik.frontend.headers.customResponseHeaders: X-Robots-Tag:noindex,nofollow,nosnippet,noarchive,notranslate,noimageindex traefik.frontend.headers.frameDeny: "true" traefik.frontend.headers.customFrameOptionsValue: 'allow-from https:${DOMAINNAME}' depends_on: - traefik
-
[Support] Linuxserver.io - Sonarr
Don't have DNS anymore. Updated my docker this morning. Not sure if its because of install docker pihole, or update of container Have tried several things like: - --dns=ipadressofpihole - add variable in template (Key3, DNS1, ipaddressofpihole) I can't use apt-get update, no DNS resolving Also nog ping or nslookup command available in the container itself...
-
[Support] Linuxserver.io - SWAG - Secure Web Application Gateway (Nginx/PHP/Certbot/Fail2ban)
This is just the Unifi controller right? I thought there was a standard config file for it in the letsencrypt docker from ls.io? I checked my docker, it has this file: user@TOWER:/mnt/user/dockers/letsencrypt/nginx/proxy-confs# cat unifi.subdomain.conf.sample # make sure that your dns has a cname set for unifi and that your unifi container is not using a base url server { listen 443 ssl; listen [::]:443 ssl; server_name unifi.*; include /config/nginx/ssl.conf; client_max_body_size 0; # enable for ldap auth, fill in ldap details in ldap.conf #include /config/nginx/ldap.conf; location / { # enable the next two lines for http auth #auth_basic "Restricted"; #auth_basic_user_file /config/nginx/.htpasswd; # enable the next two lines for ldap auth #auth_request /auth; #error_page 401 =200 /login; include /config/nginx/proxy.conf; resolver 127.0.0.11 valid=30s; set $upstream_unifi unifi; proxy_pass https://$upstream_unifi:8443; } location /wss { # enable the next two lines for http auth #auth_basic "Restricted"; #auth_basic_user_file /config/nginx/.htpasswd; # enable the next two lines for ldap auth #auth_request /auth; #error_page 401 =200 /login; include /config/nginx/proxy.conf; resolver 127.0.0.11 valid=30s; set $upstream_unifi unifi; proxy_pass https://$upstream_unifi:8443; proxy_buffering off; proxy_set_header Upgrade $http_upgrade; proxy_set_header Connection "Upgrade"; proxy_ssl_verify off; } }
-
[Support] jbreed - nessus
I also have configured letsencrypt reverse proxy for subdomain nessus.subdomain.conf Note1: include /config/nginx/auth.conf points towards my Organizr setup. You might not want to use this server { listen 443 ssl; listen [::]:443 ssl; server_name nessus.*; include /config/nginx/ssl.conf; client_max_body_size 0; include /config/nginx/auth-location.conf; location / { include /config/nginx/auth.conf; include /config/nginx/proxy.conf; resolver 127.0.0.11 valid=30s; set $upstream_nessus w.x.y.z; ## Change to IP of HOST proxy_pass https://$upstream_nessus:8834; } }
-
[Support] jbreed - nessus
I guess compiling plugins takes a long time?
-
[Support] jbreed - nessus
Looks cool. Will give this a go later on
-
[Support] Linuxserver.io - SWAG - Secure Web Application Gateway (Nginx/PHP/Certbot/Fail2ban)
See: Note: This reply is specific to nextcloud, but it concerns the entire LE docker container. So it's harmless.
-
[Support] Linuxserver.io - SWAG - Secure Web Application Gateway (Nginx/PHP/Certbot/Fail2ban)
I got it working now Will post my config later -edit- I got my subdomains working with OrganizrV2 auth
-
ProFTPD Plugin for unRAID v6.8.x
Am on 6.7.0. Didnt notice FTP wasnt working since i personally dont use it. Buddy of mine said that his Kodi wasnt working anymore. Had to install the beta and copy over my proftpd.conf modifications. Works fine now.
-
[Support] Linuxserver.io - SWAG - Secure Web Application Gateway (Nginx/PHP/Certbot/Fail2ban)
Arrghh.. im trying to get subdomain working for Sonarr but i have troubles with setting it upo with Organizr authentication. The authentication part works, but the UI wont load api/config/ui gives a 404, same with api/config/status Everything else loads just fine. server { listen 443 ssl; listen [::]:443 ssl; server_name sonarr.*; include /config/nginx/ssl.conf; client_max_body_size 0; location / { auth_request /auth-0; error_page 401 =200 https://organizr.domain.tld/; location ~ (/sonarr)?/api { auth_request off; include /config/nginx/proxy.conf; resolver 127.0.0.11 valid=30s; set $upstream_sonarr sonarr; proxy_pass http://$upstream_sonarr:8989/api; } include /config/nginx/proxy.conf; resolver 127.0.0.11 valid=30s; set $upstream_sonarr sonarr; proxy_pass http://$upstream_sonarr:8989; } location ~ ^/auth-(.*) { include /config/nginx/proxy.conf; resolver 127.0.0.11 valid=30s; set $upstream_organizrv2 organizrv2; proxy_pass http://$upstream_organizrv2/api/?v1/auth&group=$1; proxy_pass_request_body off; proxy_set_header Content-Length ""; } The login to the domain.tld login page of Organizrv2 works fine. Auth works fine but i just can't seem to load the: https://sonarr.domain.tld/api/config/ui https://sonarr.domain.tld/api/system/status Any ideas? Sonarr doesnt have a url base configured... -edit- With the default sonarr.subdomain.conf.sample without organizr auth, it works fine..
-
Unraid OS version 6.6.7 available
Just upgraded, no issues so far.
-
ProFTPD Plugin for unRAID v6.8.x
Never mind. I'm using FTP with TLS now, hope that's secure enough. Is it possible to have mod_shaper added to ProFTPd? http://www.castaglia.org/proftpd/modules/mod_shaper.html So we can limit bandwith per user? @SlrG ?
-
[Support] binhex - DelugeVPN
i have the same settings in web.conf =/
-
[Support] binhex - DelugeVPN
@jonathanm root@NAS:/mnt/user/dockers/letsencrypt/nginx# cat proxy.conf ## Version 2018/05/31 - Changelog: https://github.com/linuxserver/docker-letsencrypt/commits/master/root/defaults/proxy.conf client_max_body_size 10m; client_body_buffer_size 128k; #Timeout if the real server is dead proxy_next_upstream error timeout invalid_header http_500 http_502 http_503; # Advanced Proxy Config send_timeout 5m; proxy_read_timeout 240; proxy_send_timeout 240; proxy_connect_timeout 240; # Basic Proxy Config proxy_set_header Host $host:$server_port; proxy_set_header X-Real-IP $remote_addr; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; proxy_set_header X-Forwarded-Proto https; proxy_set_header X-Forwarded-Host $host; proxy_set_header X-Forwarded-Ssl on; proxy_redirect http:// $scheme://; proxy_http_version 1.1; proxy_set_header Connection ""; #proxy_cookie_path / "/; HTTPOnly; Secure"; # enable at your own risk, may break certain apps proxy_cache_bypass $cookie_session; proxy_no_cache $cookie_session; proxy_buffers 32 4k;
-
[Support] binhex - DelugeVPN
Hi, Any posts on reverse proxying with nginx and blank screens? Kinda hard to read through 138 pages =/ Been searching google and tried different types of settings, all resulting in a blank page but working title bar.. location /deluge { proxy_set_header X-Deluge-Base "/deluge/"; include /config/nginx/proxy.conf; set $upstream_deluge 192.168.3.61; proxy_pass http://$upstream_deluge:8112/; It doenst matter if i use proxy_set_header and not set base in web.conf. If i set base in web.conf i even cant access the normal ui without reverse proxy. That also gives me a blank page and working title.
-
find The current directory is included in the PATH environment variable
I'm trying to use find and run a execdir on .rar files for mass unpacking but i'm getting the error that . is in the $path. Should'nt that be removed? "find: The current directory is included in the PATH environment variable, which is insecure in combination with the -execdir action of find. Please remove the current directory from your $PATH (that is, remove "." or leading or trailing colons)" https://askubuntu.com/questions/621132/why-using-the-execdir-action-is-insecure-for-directory-which-is-in-the-path
-
ProFTPD Plugin for unRAID v6.8.x
Can anybody help me with setting up FTPS or SFTP with ProFTPd? I cant seem to find an easy working guide out there
-
[Support] Linuxserver.io - SWAG - Secure Web Application Gateway (Nginx/PHP/Certbot/Fail2ban)
Yes! Or change the organizr to /organizr? But then i need to see if i can somehow edit the base of organizr..
-
[Support] Linuxserver.io - SWAG - Secure Web Application Gateway (Nginx/PHP/Certbot/Fail2ban)
Having troubles with the LE container All i did was edit the site-config/default and uncomment the 80 to 443 redirect with nano. [cont-init.d] 50-config: exited 0. [cont-init.d] done. [services.d] starting services [services.d] done. nginx: [emerg] duplicate location "/" in /config/nginx/site-confs/default:28 Server ready nginx: [emerg] duplicate location "/" in /config/nginx/site-confs/default:28 nginx: [emerg] duplicate location "/" in /config/nginx/site-confs/default:28 nginx: [emerg] duplicate location "/" in /config/nginx/site-confs/default:28 nginx: [emerg] duplicate location "/" in /config/nginx/site-confs/default:28 nginx: [emerg] duplicate location "/" in /config/nginx/site-confs/default:28 -edit- Found the culprit. All the proxy-conf subfolder conf files have a /servicename and organizr just has the /