blaine07
-
Posts
754 -
Joined
-
Last visited
Content Type
Profiles
Forums
Downloads
Store
Gallery
Bug Reports
Documentation
Landing
Posts posted by blaine07
-
-
Yes....
I resolved the certificate error by copying the certs from my nginx/letsencrypt docker to my zoneminder keys.... so now i get a umtrusted cert error instead of a root revocation error. This lets me get into zoneminder.
Now all I need is a properly configured subdomain reverse proxy configuration to have everything working correctly. Anyone have soem examples? ie: https://zoneminder.mydomain.com vs https://myserver.mydomain.com/zm ?
Inside Letsencrypt their should be a ZoneMinder. Subdomain.conf that should work without many changes? -
You are doing something wrong if the IP changed. Have you been using the internal docker network address? Don't use that. Use unraid IP:port (if you can specify port) or set your own IP, as I think you did. You have both on a custom bridge?
Might be your database got corrupted. Don't know without logs.
I don't know if you can specify the location for uploads. You have to consult the piwigo documentation to find that out.
Well since I had had Piwigo on my reverse proxy, on “proxynet” I thought MariaDB had to be on “proxynet” too? So, for clarification, if something is on a UnraidIP:port it can be accessed by “proxynet” OR my subnet Unraid Server is on, defined as “br0”? Proxynet is 172.18.0.0/16 and Unraid Server is on 192.168.1.0/24? I didn’t know if I’d had MariaDB configured as “Host” it could’ve been on both networks?
Is their a way to setup a route in my pfSense firewall so the proxynet 172 network can be accessed as a part of any of the rest of my network or is that just in general “bad practice” because in event someone “hacked” my reverse proxy they’d have a route into rest of network? [emoji848]
Yeah super late my time, and I’m sure I got IPs straightened out and it *was* working so tomorrow I’ll try to sift in logs. I know both MariaDB and Piwigo will fully start as far as watching the startup logs.
Saarg, thank you for your help, I do most certainly appreciate your help. Your always active and answering questions and such so folks like myself can learn, so thanks, thanks a ton! [emoji846] -
I'm going to answer that with a question and you will hopefully understand where to images are stored.
Where is you appdata folder located?
They’re stored in mnt/user/appdata/AppName
So yeah, I’d suppose pics are being stored in appdata. I look at Nextcloud for example and all its files are stored in mnt/user/Nextcloud. How would I change piwigo from storing images uploaded outside of appdata? If I recall Nextcloud has a extra parameter when it’s setup to define its uploads to be not stored in appdata folder. How would I change piwigo? Never the less restarted Unraid Server, because Unassigned Drive plugin update required restart, now piwigo just loads to a white screen lol. I did figure out the MariaDB IP got changed when server got restarted and tried to get it back on correct IP by stopping it, stopping container that had the IP needed, statically assigning MariaDB it’s initial IP back and restarting MariaDB on the correct IP and restarting piwigo but now it’s just flat borked so [emoji848][emoji2361] I guess lesson learned is assign static IP to MariaDB/MySQL databases? -
Excuse the newb here but...
Installed piwigo and got DB working and reverse proxy etc...
it appears it’s saving actual pics uploaded to appdata/piwigo/www/gallery/upload/2019/12/02
Is where this saving pics going to cause my docker.img to fill up? If it’s not saving pics in a good place now can I move just where it saves pics? Not sure if that directory is part of docked.img or not but I know I don’t want docker.img to fill up.
Any advice would be awesome?
Thanks!
-
Chrome is throwing NET::ERR_CERT_REVOKED error when trying to access the zoneminder url.
Using Letsencrypt to reverse proxy? -
Yup, if you put in your email when you last validated, look out for expiration email, then confirm the expiration date in the browser. If it's expiring in less than 30 days, look for the logs in the config folder to see why it failed.
Have certs being generated successfully in Letsencrypt(when I delete a subdomain, start/stop LE and add subdomain back it fully completes and no errors in LE log) but browser says my SSL is Cloudflare and doesn’t expire for 313 days? Any disadvantage to using CFs SSL? I think under security in CF I can change something to not use their SSL? Have SSL set to “Full” in CF. The way I read it if I were to switch to “Flexible” it would use my own SSL for sever to Cloudflare connection. Any advantage either way? Sorry for all the questions; I most certainly appreciate your continued guidance. Just not sure if “all SSLs are created equally..” or [emoji848]
-
Cloudflare proxy has a bunch of different settings and depending on how they are set, it can break letsencrypt validation. If yours is working and it validated with the proxy on, then you're fine. But for most people it won't validate as cloudflare will highjack the connections from the letsencrypt server.
Exactly why I wanted your insight! If I have issues in future it may be related to proxy being on; just disable CF Proxy and try again? My certs haven’t expired since change so it’s very possible come time to re-new they won’t... Very valuable point! Thank you! [emoji3060] -
On 11/27/2019 at 11:37 AM, aptalca said:
Turn off cloudflare proxy (click on the orange cloud)
Random Q... could you be as kind to enlighten me when Cloudflare proxy should or shouldn’t be used? Made FULL jump to CF as we spoke about a few days ago(happy so far, too)... so far NextCloud, Guacamole, Emby, BitWarden and OnlyOffice are all working fine with the CF Proxy ON. Not having issues but for future reference does proxy being on just cause issues with some containers or? (Knock on wood, no issues here with it on yet). Any elaboration in case somehow I run into issues later would be awesome mate 😀
-
Yup
Yeah bought a domain to “test” with and was playing with forwarding and such(since server isn’t actually setup with test domain). I think it’s going to work nicely with server. I think this weekend going to pull plug and migrate main domain to over to Cloudflare. My main domain has 23 DNS records. When I start, but not change NS, all seems well. Any advice on that front as far as converting NS? Figured If I save a copy of what everything is now if I were to really Bork it I could just roll it back? Any other tips?
(Oh yeah, figured out how to get PFSense to update A records with CF, too, since dynamic IPs. Easy like you said!)
Thanks a ton for your advice@aptalca, I appreciate it [emoji2]
-
Pfsense has dynamic dns support and can update your A records (I'm using it). Your CNAMEs should be pointing to your main A record (alternatively you can have a wildcard CNAME, just a *, which points them all to the main A record)
So hypothetically if I were to switch to CloudFlare I could remove all the crap with DuckDNS in middle(because dynamic IP) and go straight to Unraid Reverse proxy from the domain name && all the controls and benefits of CF. At moment not sure I’ll ever use “domain.co”; am going to use “cloud.domain.co” and etc though. -
It really depends on how complicated your setup on HostGator is. I have a website on HostGator that I never switched over to anything because it was so entrenched in and was setup over a decade ago. Also because there were too many mailers set up and I didn't want to bother with hosting a mail server at home so I just left it there.
But if it's a relatively simple site, it shouldn't be a big deal.
For updating ip on cloudflare, you can use ddclient, or your router may even have that capability (many routers do).
Using PFsense. Would that update the Cnames IP even as dynamic changed? -
I don't quite follow the second paragraph there. What is your current setup? Just a website running on HostGator with the domain purchased from GoDaddy? And your contemplating switching that to self hosted at home via letsencrypt?
In that scenario cloudflare would only be used for dns, for which it does a great job.
Yeah, it’s been a LONG day. Sigh. Lol
Yes debating purchasing a new domain, from name cheap, and using Cloudflare for DNS to Letsencrypt on Unraid.
Is it a disaster to switch from current setup to Cloudflare with Letsencrypt? I don’t have a static IP at home so I’d still have to keep DuckDNS in the middle of Cloudflare and Letsencrypt on Unraid? -
Wow, some crazy stuff being asked lately.
I’m just wanting to reach out for some much more basic info LOL. I know their are some VERY knowledgeable folks subbed here so...
I currently and using Letsencrypt with DuckDNS through pfSense Appliance to Letsencrypt and to my containers. I am using GoDaddy as domain registrar, Hostgator for Hosting.
I am debating switching entire setup to Cloudflare, port 80/443 is NOT being blocked by ISP. What are advantages with Cloudflare or using it versus current setup? Is it a real pain to switch current entire setup to using Cloudflare over how it’s currently setup? Should I? Should I not switch? -
Have a random Q; don’t believe it to be specific to Unraid but maybe someone here has seen this
Uploaded a file to NC and it has the time all borked. File says “uploaded 2 hours ago” immediately upon upload, but then activity shows minutes ago. Is this a NC problem, or a problem with the Client NC(iOS)?
Any ideas folks? -
My two cents: cheep Protectli box doing standalone Pfsense is a win. These folks above are 100% on pfSense. It’s the way...only way.. to go. [emoji1305]
-
REALLY stupid question.
I set this up fine a few weeks ago and have totally forgotten the password so I wanted to just re-create the VM. Thing is I can't even delete the existing VM so I can re-run the app to create a new one. Appreciate any assistance.
Video in OP covered it last I knew [emoji848] -
That is the correct file. Nextcloud's /config directory is mapped to /appdata/nextcloud by default in the docker template. Make sure you get a backup, as I'm getting 504 errors after deleting it. I haven't been able to figure out what the problem is.
Yeah lol that’s not good. When you figure that out let me know, please. Article says to delete it and restart container. What happens if you stop container, delete, then start container? -
If anyone would be as kind...
Wanting to verify I delete correct site-confs file before restarting nextcloud. Attaching two pics; one of the fix, and one showing the file I think that gets deleted. Trying to verify this is the correct default conf before deleting it?
File for me is in User> appdata> nextcloud> nginx> site-confs? Seems a different directory as not finding a “config” folder anywhere with site-confs in it?
Right file? Wrong file?
-
If it’s all working fine and no potential of advantages; leave it well alone. Your headed down a dark road lol
-
My Nextcloud server has a update from 17.0.0 to 17.0.1. Tried to auto update inside Nextcloud and it failed to make a backup for some reason. At any rate, can anyone confirm update instructions linked in OP are still relevant and functional in 17 before I cause myself a mess lol? Don’t think anything would’ve changed as far as updating container but I’d rather ask and be safe over sorry...
-
You do not have to SSH into each device and set the inform host if everything is working properly. The override function is basically doing the same thing. If there is an inform host set on the device, it will override it with the Controller hostname/IP so, in essence it is setting the inform host.
When I set up my system initially, I did SSH in and set the inform host manually and I DID NOT have the override option selected. However, when I moved to this container, I found the override option selection to be a necessity as I was experiencing adoption loops YMMV.
Yeah maybe I haven’t ran into problems because controller and APs are in same subnet/VLAN. Ever since I’ve had it all setup I haven’t ever had to re-adopt. Will go ahead and set it sometime when I get sometime. Thanks a ton for the insight!
-
Well, you certainly don't want to override it with unifi.yourdomain.com [emoji4]
The Controller Hostname/IP should contain the IP address of your unRAID server if you are running the container in bridge mode on the host server (some find they need to run it in host networking mode initially to even do adoption). If you have the container assigned its own IP address on a VLAN or custom network, you should enter that IP address.
Mine is in bridge mode on the host unRAID server so I have the unRAID IP address as the Controller host.
I haven’t been having any issues but if this is “standard practice” should I go ahead and consider doing it for good measure?
I googled the set inform hosts just looking into what it done... as mentioned a few posts above mentioned SSH into each AP. Is setting the inform host via SSH on each AP the same as setting the inform host in the actually controller settings [emoji848] -
The macinabox template uses custom ovmf files. If you changearch='x86_64' machine='pc-q35-3.1'>hvm readonly='yes' type='pflash'>/usr/share/qemu/ovmf-x64/OVMF_CODE-pure-efi.fd /etc/libvirt/qemu/nvram/e930dfa3-ce5f-4a14-a642-d140ed8035bd_VARS-pure-efi.fd
to be as below you will be back without the screen corruption.
arch='x86_64' machine='pc-q35-3.1'>hvm readonly='yes' type='pflash'>/mnt/user/domains/MacinaboxCatalina/ovmf/OVMF_CODE.fd /mnt/user/domains/MacinaboxCatalina/ovmf/OVMF_VARS.fd
hope that helps [emoji3]
Thanks for the help! I am new to OSX VMs, clover, etc. so some of what you suggested may have gone over my head (my apologies).
What I did -
I mashed escape upon booting the VM to get to the VM BIOS. Then I poked around looking for resolution settings and found this screen:
It seems the "preferred resolution at next boot" is 1080p and I seemingly can't change that option in the bios, but the "change preferred resolution for next boot" is set to the correct 1440p resolution. Is this right?
Next I booted the VM and installed Clover Configurator (which I found via googling). Then I mounted the EFI partition and opened up the config.plist file (is that right?) on there within clover configurator. Then I changed the screen resolution setting to 2560x1440, like so:
After making these changes, I attempted to pass through the GPU but I got the same graphical error I described earlier. I can technically use the mouse and keyboard etc, but it's impossible to see what I'm doing, and the image is repeated 3x:
Any other thoughts?
Try the bit I’ve quoted you above in about the OS part of XML -
Just curios without doing a manual update/upgrade how many of the users have been prompted to NextCloud 17, i just go an update but it went from 16.05 to 16.06
I’ve had 17 for a month now maybe. It prompted one day. I’m on “stable”. It’s been alright; nothing worth writing home about that I’ve noticed.
Split DNS/PFSense
in General Support
Posted
I posted this on Reddit, too, but forgive me for reaching out here too.
Good Evening,
Hoping someone can get me pointed in the best direction possible. Going to try to outline my setup best as possible but it’s possible I’ll leave something out.
-PFSense- 192.168.1.1(DNS Resolver ON/ DNS Forwarder OFF)(DHCP DNS being handed out is Pi-Hole address below)
-Unraid Server- 192.168.1.5
-Pi-Hole- 192.168.1.55
-Letsencrypt- On Unraid Network Proxynet 172.18.0.0/16
-Proxied Services- all on “Proxynet” defined above.
-Proxied services all going through Cloudflare CDN then to my WAN IP via way of A Record.
Apps in question: Bitwarden, Nextcloud/Collbora, Guacamole and Emby.
I have my reverse proxy all set up, seemingly fine. Can browse to nextcloud.domain.net and get to NC etc.
So what I need help with... I can’t for life of me figure out how to SplitDNS with my setup configured like this. I’ve tried setting up NAT a kazillion ways pointing the above, nextcloud.domain.net etc, to 192.168.1.5 and no dice. With NAT it doesn’t let me predetermine port numbers? I’ve tried messing with port forwards from and to different interfaces as well and just can’t figure it out . The port numbers coming into Letsencrypt are are 180/1443. I have also been setting up a Host Override in DNS Resolver in PFSense to no avail, as well. All my DNS hit Pi-Hole and it has conditional forwarding to forward local domain stuff back to PFSense to be resolved but obviously my FQDN of reverse proxied stuff it doesn’t catch. In PFSense>System>Advanced>Firewall & NAT I currently have Nat Reflection mode to “Pure NAT”, but I’ve also tried NAT + Proxy as well, too, without success. I’ve also wondered if I have issues here because I have my Proxied Apps hitting Cloudflare CDN and from Cloudflare being A Recorded to my PfSense instance. So perhaps Cloudflare being involved is why PFSense NAT can’t pick up on the fact these services at my domain are local?
So, what do I need? Any and ALL advice if anyone has a similar setup or has gone through figuring this out? Pointers? Tips? When messing with NAT myself which exact IP and PORT should I be pointing to for services, despite actual services being on different ports on Unraid?
Please. Help. Before. I. Go. Crazy. Lol
Thanks!