jaylo123

Members
  • Posts

    85
  • Joined

Posts posted by jaylo123

  1. 11 hours ago, Jorgen said:


    Just out of curiosity, what do you think it should use instead of iptables? They seem well suited to the task at hand of stopping any data leaking outside the VPN tunnel?


    Sent from my iPhone using Tapatalk

    Fair question - firewalld is my response.  But I come from EL7/EL8 land, and firewalld replaced iptables there.

  2. On 2/25/2021 at 9:44 PM, gordonempire said:

    To roll back, I changed the repository from:

    binhex/arch-delugevpn

    To:

    binhex/arch-delugevpn:2.0.4.dev38_g23a48dd01-3-01

    Thank you.  I tried 'localhost' - no dice.  I tried adding my container ports to the ADDITIONAL_PORTS section and restarted all containers.  No dice.

    This was my only solution.  I just spent 30 hours over 2 days on a work-related issue and I just don't have any time to really fight this right now.

     

    My Unraid server sits behind an edge firewall switch and a secondary firewall.  Also - why is this container still using iptables?

  3. On 7/8/2020 at 1:03 PM, primeval_god said:

    My opinion is that unRAID in its current form is not suitable for business use. First and foremost from a security standpoint unRAID is not hardened enough for standards of most (and ideally all) businesses. Additionally support for unRAID primarily happens through the community forums. Official support and documentation is not robust enough for a business. And for your use case specifically, unRAID's VM management interface lacks a number of the features present in more mainstream Virtualization interfaces (even if the features are technically available through the command line). Everything i have seen suggests that Limetech is targeting home media users. It is a great OS for what it was designed for, a home media NAS.

    I agree with this.  Look at something like oVirt (or pay for VMWare if your company has the cash).  Or if this is just a single server, install CentOS 8.1 and KVM and set up the disks in a RAID-5 with proper backups.  UnRAID is great for us hobbyists but I wouldn't put it into a production environment for business data.

  4. I used to run FreeNAS with MediaTomb for my media server, but the support community was horrible.  Everything came down to "Learn this stuff yourself" or "You need ZFS and ECC otherwise you're a dumb***".  UnRAID's community has been the complete reverse of that.

     

    Sure, technically FreeNAS is the better solution, in "theory", but the community is just horrible.

     

    That said, there are use cases for one (or both) solutions, just depends on what you want to do.  For me, I like UnRAID because it makes management of my server seamless and easy.  I don't have to constantly tinker with things, and I can go months without having to even touch the server.  FreeNAS required much more attention, which is probably fine for some folks that like to tinker.  /shrug

    • Like 3
  5. 6 hours ago, hernandito said:

    Hi Binhex,

     

    What is your media box? I have two older Intel NUCs and they can’t handle 265...

     

    thanks,

     

    h.

    I can tell you that my old Ivy Bridge 3770k can run at least 3-4 h.265 streams just fine before hitting around 90%.  A NUC probably can't cope w/ that though, or probably any ARM processor.

  6. If that meets your needs, yep.  Not that I want to steal away a license from UnRAID lol.  You could just run Plex on a bare-metal Windows 10 system and use Docker to do what you want.  You'll want to look up 'Storage Spaces' on Windows 10 so you can set up a RAID-5 array (software RAID), or use the Intel RAID controller if you have one for a pseudo-hardware RAID array.  

     

    Then you could just run games from the server, while it serves media to everything else in the background.  There will be some overhead for CPU cycles while you're using it for gaming, but it shouldn't impact Plex or Emby or anything.

    • Like 1
  7. 22 minutes ago, Stonelesscutter said:

    I'm intrigued by this but am not sure what you mean exactly. The idea was to just have a gaming system in the living room. If I'm interpreting what you said correctly, using Unraid, my stepdaughter could for example play a game in her room on her laptop, which is actually running on the system in the living room?

    Correct, if using Steam.  You install the Steam client on the VM and pass through the GPU to the VM.  Then, on the 'client' (laptop, whatever), you launch Steam and use the in-home streaming feature.  You can stream the game, and the VM does all of the work, while the client just displays what the VM is presenting.

     

    Not sure if Epic or GOG or other launchers support this.

     

    Edit:  And that's not just on UnRAID, that's on any solution you choose to go with if UnRAID doesn't work for you.

  8. Yea, I think you're better suited for running two systems - one for UnRAID and a 2nd system for gaming.

     

    You can run Windows 10 in a VM in UnRAID and pass through the GPU, but now you have a new challenge of how to properly stream the game from the VM to another computer. 

     

    Advantage there is that you can play any game you want from any computer you want.  I do this. 

     

    Disadvantage is that you now have an extra layer of complexity that can fail, and if it fails you'll probably spend more time trying to fix it than you'd like.  And trust me, as a father and husband, an angry wife and kids is no way to spend a weekend :)

     

    Edit:  Another disadvantage is that video streaming will be horrible.  Watching an h.264 or h.265 video using a remote desktop viewing program, no matter the tech, is very problematic and introduces a lot of jitter.

    • Like 1
  9. Yea, keep the VPN on UnRAID IMO.  I personally use this and it works just fine.  I just point my containers to this container for VPN access and it works fine.

     

    https://hub.docker.com/r/binhex/arch-delugevpn/ 

     

    Video if you're uncomfortable or unfamiliar with the UnRAID GUI or infrastructure:

     

    https://www.youtube.com/watch?v=5AEzm5y2EvM

     

    For remote VPN connectivity if you're not at home, use the ASUS router with the MerlinRT firmware.

     

    https://www.asuswrt-merlin.net/

     

    I use it and it is a lifesaver, and works just fine with Windows' default VPN client (if you use Windows).  Or your OpenVPN client of choice.  Hopefully Wireguard support is added soon, to either Merlin or Asus' builds.

  10. I use https://www.privateinternetaccess.com/ and they work fine.  They also forward, but only from some sites.  They have docs on how to guide you.  Works great for me.

     

    Edit:  https://www.privateinternetaccess.com/helpdesk/kb/articles/how-do-i-enable-port-forwarding-on-my-vpn

     

    That will tell you which sites to use for whatever VPN solution you have in your setup.  You will need to follow the setup guide for whatever container you're using to configure the VPN client on your end.  This usually means hacking it on the command line, or configuring the setup file beforehand using Notepad or something on Windows and then overwriting the file of the same name on your container's VPN setup and restarting the container so it loads the new configuration.  Check the support threads for your VPN container of choice on further instructions.

  11. Mostly for Plex streaming, and I have an Nvidia GRID M60 to install so I can also use VMs for some remote Steam gaming, but I'm happy with it!  Sorry, didn't know where else to post this, and seems no one else really seems to understand what this means so wanted to share here :)

     

    image.thumb.png.4ddf1201d65d8ca7a7fd5c083c6cd1aa.png

     

    image.thumb.png.d392de5dfd9589df75d458325eea962f.png

     

    Definitely overkill, but I wanted to plan ahead and have this last for at least 7+ years.  I'm toying with adding another 16TB Seagate Exos drive, but for now it will hold up.  Currently doing an rsync from my main system before I transfer the license, which is why the HD temps are a bit higher than normal usage.  Will take a few days as my 'old' server (but still current server) is running off of a mix of USB2/3 drives and internal storage.  The USB drives used to be my backup targets, but I was running out of space 2 years ago.  I know, horrible, horrible setup, but hey, had to do what I had to do!

     

    I plan on installing the Nvidia-friendly UnRAID build after I transfer the license so I can utilize one of the GRID GPUs for Plex encoding, and plan on passing the 2nd GPU on the GRID card to a VM for gaming.

     

    Anyway, no real point to this post, just wanted to share.

     

    The only thing I would suggest to the dev team is to dynamically generate root's SSH keys on a 'firstboot' based on /dev/random or time epoch or something that is unique to each key generation.  I was honestly quite surprised that I could passwordlessly SSH between boxes as root without any security checks, and it's not like those private keys are exactly a secret under /root/.ssh.  Maybe that's by design.

  12. On 4/13/2020 at 5:26 AM, uaeproz said:

    Can you tell me where to stop:

     

    cd /usr/lib/plexmediaserver

     

    mv "Plex Transcoder" "Plex Transcoder2"

     

    apt-get update

     

    apt-get install nano

     

    nano Plex Transcoder

     

    #!/bin/sh

    /usr/lib/plexmediaserver/Plex\ Transcoder2 -hwaccel nvdec "$@"

     

    Add Transcoder after Plex

     

    chmod +x "Plex Transcoder"

     

    I didn't do any of that.  Works fine for me.  Like I say, the video is accurate - just stop when you have to open a terminal to the container.  I actually followed your post and the video to get it working for me (Nvidia GRID M60 GPU), but stopped when it told me to crack open a terminal window.

     

    If you have to open a terminal window to the container, then that's when you would feed the issue upstream to this thread so the container managers can see if it's something they want to support and/or manage.

     

    The reason you don't want to muck with it is when an updated version of the container is released, it will likely blow out any customizations or modifications you've made to the container.  And that's by design.

  13. Hi all -

    I am looking to build a new UnRAID Plex server soon.  The purpose of it is to host a Plex media server.  Easy enough.

     

    The storage disks will be 5400 RPM.

     

    I am wondering if I should spring for my parity drives to be a bit faster in the event of a parity rebuild.  Would it help with the speed of the rebuild effort, or does it just not matter?

  14. On 4/25/2020 at 10:51 AM, colinmcmanus said:

    I would like the hardware to support ECC memory for the NAS functionality.

    Is there any reason to this?  These are just media files, not an always-persistent, mission-critical financial database.  You are doing mostly reads and minimal writes.  Your protection is wrapped around the parity drive and any backups you are doing external to the server.  ECC provides none of that value.

     

    The only group that I really know of that really touts this as something that should be required are the FreeNAS people, and it just isn't necessary for home consumer use, and will save you a lot of money.

     

    Edit: Unless you're hosting the storage on a filesystem like ZFS that would benefit from ECC.  But stock XFS or even EXT4 are just fine for your use case.  No need to overengineer it (and TRUST me, I have a habit of doing that myself).

  15. On 4/8/2020 at 10:34 PM, uaeproz said:

    I nuked the docker.img

     

    This video was posted on youtube 7 months ago. Since when GPU NVDEC was enabled, it must be very recent?

    That video is accurate up until it tells you to go into a terminal and start mucking around on the command line.  NVDEC must also be enabled in Plex itself.  Good luck!