Everything posted by Riotz
-
[Support] Linuxserver.io - MariaDB
Hello, I woke up today to see all my websites were offline. Found out it was a database issue. The MariahDB docker image was orphaned. A quick google search said to reinstall the docker to fix the issue however when I did that it installed a fresh copy of the docker. Did I lose all my websites data? Can this be reversed or fixed? Thanks
-
[Support] Linuxserver.io - SWAG - Secure Web Application Gateway (Nginx/PHP/Certbot/Fail2ban)
It turns out the configuration on my UniFi controller needed to be reloaded. Traffic was not passing through port 443. Now I have a new problem with the container... Is there a way to fix this?
-
[Support] Linuxserver.io - SWAG - Secure Web Application Gateway (Nginx/PHP/Certbot/Fail2ban)
I did this and I can connect to it internally but not from any outside network. It was working perfectly while proxied (orange cloud) through cloudflare. I am not sure why it stopped working all of a sudden. I guess I will look elsewhere for an explanation. I just dont get why it broke all of a sudden.
-
[Support] Linuxserver.io - SWAG - Secure Web Application Gateway (Nginx/PHP/Certbot/Fail2ban)
Hello, my server rebooted recently, ungracefully due to a power outage, and now my domains are reporting that the server is down through CloudFlare. I have Cypto set to Full as Flexible does not work for me if that matters. I tracked the error down to mean that WordPress is blocking the IPs from CloudFlare so I tried to add the CloudFlare IPs into NGINX but I cant get it to work. Here is how I did that: Created the file cloudflare-allow.conf with the whitelisted CloudFlare IPs (contents below) and put it in the same location as ssl.conf and nginx.conf # https://www.cloudflare.com/ips # IPv4 allow 173.245.48.0/20; allow 103.21.244.0/22; allow 103.22.200.0/22; allow 103.31.4.0/22; allow 141.101.64.0/18; allow 108.162.192.0/18; allow 190.93.240.0/20; allow 188.114.96.0/20; allow 197.234.240.0/22; allow 198.41.128.0/17; allow 162.158.0.0/15; allow 104.16.0.0/12; allow 172.64.0.0/13; allow 131.0.72.0/22; # IPv6 allow 2400:cb00::/32; allow 2606:4700::/32; allow 2803:f800::/32; allow 2405:b500::/32; allow 2405:8100::/32; allow 2a06:98c0::/29; allow 2c0f:f248::/32; Edited the site-conf default file for my main site to add the lines: include /config/nginx/cloudflare-allow.conf; deny all; Restarted the LetsEncrypt container. This did not work so I am not sure I am doing this correctly. Can anyone lend a hand to advise the proper way to do this or if I am even barking up the right tree? Thanks,
-
[Support] Linuxserver.io - SWAG - Secure Web Application Gateway (Nginx/PHP/Certbot/Fail2ban)
Thanks!
-
[Support] Linuxserver.io - SWAG - Secure Web Application Gateway (Nginx/PHP/Certbot/Fail2ban)
Hello, there have been quite a few updates to the container since this post. Can you please tell me if this was enabled? If so how would one activate it. Also, is there somewhere that I can check for release notes on updated to the container?
-
[Support] Linuxserver.io - SWAG - Secure Web Application Gateway (Nginx/PHP/Certbot/Fail2ban)
Exactly. Also we’re asking for them to be included, not enabled. Having the option to use it or not is all we want.
-
[Support] Linuxserver.io - SWAG - Secure Web Application Gateway (Nginx/PHP/Certbot/Fail2ban)
Awesome! Thanks so much. Will make this Wordpress project seamless having that integrated. And, allow me to use that user credential database for other services.
-
[Support] Linuxserver.io - SWAG - Secure Web Application Gateway (Nginx/PHP/Certbot/Fail2ban)
Thanks so much. What about php7_ldap integration into the container? Would really love to use the PLEX for LDAP container with my Wordpress sites. Thanks again,
-
[Support] Linuxserver.io - SWAG - Secure Web Application Gateway (Nginx/PHP/Certbot/Fail2ban)
Can anyone please tell me why I am seeing these wget errors in my log? Also any change of getting php7_ladap added to the container? Thanks,
-
[support] pducharme's Dockers support thread
Looks like there are issues with the latest UniFi-Video updates from Ubiquity. This is what I am seeing for my alerts:
-
[Support] Linuxserver.io - SWAG - Secure Web Application Gateway (Nginx/PHP/Certbot/Fail2ban)
Hey guys, is there anyway we can get php7-ldap integration? Or if its already possible to be used can someone explain how to turn it on? Here is my usecase: I have a Wordpress site that I am trying to use LDAPforPlex (that was just added to CA) in order to allow my PLEX users to log in using the Plex accounts. Unfortunately the Wordpress plugin I am trying to use is telling me that the LDAP-extension is not loaded and that without it I would not be able to query a LDAP server. Any help is greatly appreciated as always.
-
[Support] Linuxserver.io - SWAG - Secure Web Application Gateway (Nginx/PHP/Certbot/Fail2ban)
Thanks I got it working
-
[Support] Linuxserver.io - SWAG - Secure Web Application Gateway (Nginx/PHP/Certbot/Fail2ban)
Good to know! But I thought LetsEncrypt kept the certs updated automagically.
-
[Support] Linuxserver.io - SWAG - Secure Web Application Gateway (Nginx/PHP/Certbot/Fail2ban)
Is there a way to configure the conf files to forward http requests to https requests. So when I go to http://subdomain.domain.com I want it to auto forward to https://subdomain.domain.com Thanks,
-
[support] pducharme's Dockers support thread
-
[Support] Linuxserver.io - Radarr
So I have been reading through to find a solution to my problem with Radarr with Ombi integration and came upon this post. Not sure if this is still relevant so I asking for some assistance. Here is my situation: I have a Plex server that has multiple libraries broken up like this: 4K Movies HD Movies Kids Movies SD Movies Marvel Movies Marvel Animated DC Movies DC Animated What I would like is when someone goes to Ombi to request movies and it gets to Radarr that it will download and move them to the appropriate library. Is this even possible? Thanks
-
[Support] Linuxserver.io - SWAG - Secure Web Application Gateway (Nginx/PHP/Certbot/Fail2ban)
Thank you! This worked Perfectly! Now I just need to figure out how to make Proxy-Confs for the apps that dont have templates. Gonna try to figure this out today.
-
[Support] Linuxserver.io - SWAG - Secure Web Application Gateway (Nginx/PHP/Certbot/Fail2ban)
I FINALLY FIGURED IT OUT!!! It was my UniFi USG that was the problem. It needed to be rebooted to pass the ports properly. Once it rebooted I was able to access Sonar immediately using my subdomain. The only problem I have now which is a cosmetic one but it's going to irritate my OCD is it only works if the Docker container name is lowercase sonar. I like to have my dockers properly labeled so I would like it to be Sonar. I went into the Proxy-Conf folder and changed the set $upstream_sonarr sonarr; to set $upstream_sonarr Sonarr; in both locations then restarted LetsEncrypt after changing the container name back to Sonarr but I get a 502 Bad Gateway when I do. Is there something I can do to fix this naming dilemma. Also, does anyone have a proxy-conf file for NowShowingv2 Thanks,
-
[Support] Linuxserver.io - SWAG - Secure Web Application Gateway (Nginx/PHP/Certbot/Fail2ban)
Weird, I wrote a reply but it didn't get posted. Here I go again then. So I am adding my docker log here for reference. I am able to see Server Ready each time the docker is started. ------------------------------------- _ () | | ___ _ __ | | / __| | | / \ | | \__ \ | | | () | |_| |___/ |_| \__/ Brought to you by linuxserver.io We gratefully accept donations at: https://www.linuxserver.io/donate/ ------------------------------------- GID/UID ------------------------------------- User uid: 99 User gid: 100 ------------------------------------- [cont-init.d] 10-adduser: exited 0. [cont-init.d] 20-config: executing... [cont-init.d] 20-config: exited 0. [cont-init.d] 30-keygen: executing... using keys found in /config/keys [cont-init.d] 30-keygen: exited 0. [cont-init.d] 50-config: executing... Variables set: PUID=99 PGID=100 TZ=America/New_York URL=mydomain.com SUBDOMAINS=tautulli,sonarr,nowshowing EXTRA_DOMAINS= ONLY_SUBDOMAINS=true DHLEVEL=2048 VALIDATION=http DNSPLUGIN= [email protected] STAGING= 2048 bit DH parameters present SUBDOMAINS entered, processing SUBDOMAINS entered, processing Only subdomains, no URL in cert Sub-domains processed are: -d tautulli.mydomain.com -d sonarr.mydomain.com -d nowshowing.mydomain.com E-mail address entered: [email protected] http validation is selected Different validation parameters entered than what was used before. Revoking and deleting existing certificate, and an updated one will be created Saving debug log to /var/log/letsencrypt/letsencrypt.log No match found for cert-path /config/etc/letsencrypt/live/tautulli.mydomain.com/fullchain.pem! Generating new certificate Saving debug log to /var/log/letsencrypt/letsencrypt.log Plugins selected: Authenticator standalone, Installer None Obtaining a new certificate Performing the following challenges: http-01 challenge for nowshowing.mydomain.com http-01 challenge for sonarr.mydomain.com http-01 challenge for tautulli.mydomain.com Waiting for verification... Waiting for verification... Cleaning up challenges IMPORTANT NOTES: - Congratulations! Your certificate and chain have been saved at: /etc/letsencrypt/live/tautulli.mydomain.com/fullchain.pem Your key file has been saved at: /etc/letsencrypt/live/tautulli.mydomain.com/privkey.pem Your cert will expire on 2019-09-17. To obtain a new or tweaked version of this certificate in the future, simply run certbot again. To non-interactively renew *all* of your certificates, run "certbot renew" - Your account credentials have been saved in your Certbot configuration directory at /etc/letsencrypt. You should make a secure backup of this folder now. This configuration directory will also contain certificates and private keys obtained by Certbot so making regular backups of this folder is ideal. - If you like Certbot, please consider supporting our work by: Donating to ISRG / Let's Encrypt: https://letsencrypt.org/donate Donating to EFF: https://eff.org/donate-le New certificate generated; starting nginx [cont-init.d] 50-config: exited 0. [cont-init.d] 99-custom-files: executing... [custom-init] no custom files found exiting... [cont-init.d] 99-custom-files: exited 0. [cont-init.d] done. [services.d] starting services [services.d] done. nginx: [alert] detected a LuaJIT version which is not OpenResty's; many optimizations will be disabled and performance will be compromised (see https://github.com/openresty/luajit2 for OpenResty's LuaJIT or, even better, consider using the OpenResty releases from https://openresty.org/en/download.html) nginx: [error] lua_load_resty_core failed to load the resty.core module from https://github.com/openresty/lua-resty-core; ensure you are using an OpenResty release from https://openresty.org/en/download.html (rc: 2, reason: module 'resty.core' not found: no field package.preload['resty.core'] no file './resty/core.lua' no file '/usr/share/luajit-2.1.0-beta3/resty/core.lua' no file '/usr/local/share/lua/5.1/resty/core.lua' no file '/usr/local/share/lua/5.1/resty/core/init.lua' no file '/usr/share/lua/5.1/resty/core.lua' no file '/usr/share/lua/5.1/resty/core/init.lua' no file '/usr/share/lua/common/resty/core.lua' no file '/usr/share/lua/common/resty/core/init.lua' no file './resty/core.so' no file '/usr/local/lib/lua/5.1/resty/core.so' no file '/usr/lib/lua/5.1/resty/core.so' no file '/usr/local/lib/lua/5.1/loadall.so' no file './resty.so' no file '/usr/local/lib/lua/5.1/resty.so' no file '/usr/lib/lua/5.1/resty.so' no file '/usr/local/lib/lua/5.1/loadall.so') Server ready Hopefully, this helps to expose what I am doing incorrectly. I am going through the guide in the link posted above to see if I can glean anything that could help fix this.
-
[Support] Linuxserver.io - SWAG - Secure Web Application Gateway (Nginx/PHP/Certbot/Fail2ban)
I am having a similar issue. I don't know where my disconnect is but I think it's with the ports not passing to the docker. So I also follow SpaceInvaders tutorial. I have a domain hosted with GoDaddy and I have setup CNAMES for Sonarr, & Tautulli to test with. They are configured as subdomains that point to my duckdns.org address. I have the DuckDNS docker installed on my unRAID server and it is properly updating the IP. When I pass my subdomains through https://www.whatsmydns.net/ I can see that the subdomain URLs are correctly pointing to my duckdns.org address. I have configured my UniFi USG to pass the port 80 to 180 and 443 to 1443 to the IP of the unRAID server. When I check ports 80 and 443 at https://www.yougetsignal.com/tools/open-ports/ I see port 80 open but 443 is not. Not sure why... I've edited the .conf files to reflect the names of the docker containers. At this point, I am just confused as to why this is not working. Here are some screenshots of my configurations: # make sure that your dns has a cname set for sonarr and that your sonarr container is not using a base url server { listen 443 ssl; listen [::]:443 ssl; server_name sonarr.*; include /config/nginx/ssl.conf; client_max_body_size 0; # enable for ldap auth, fill in ldap details in ldap.conf #include /config/nginx/ldap.conf; location / { # enable the next two lines for http auth #auth_basic "Restricted"; #auth_basic_user_file /config/nginx/.htpasswd; # enable the next two lines for ldap auth #auth_request /auth; #error_page 401 =200 /login; include /config/nginx/proxy.conf; resolver 127.0.0.11 valid=30s; set $upstream_sonarr sonarr; proxy_pass http://$upstream_sonarr:8989; } location ~ (/sonarr)?/api { include /config/nginx/proxy.conf; resolver 127.0.0.11 valid=30s; set $upstream_sonarr Sonarr; proxy_pass http://$upstream_sonarr:8989; } } # make sure that your dns has a cname set for tautulli and that your tautulli container is not using a base url server { listen 443 ssl; listen [::]:443 ssl; server_name Tautulli.*; include /config/nginx/ssl.conf; client_max_body_size 0; # enable for ldap auth, fill in ldap details in ldap.conf #include /config/nginx/ldap.conf; location / { # enable the next two lines for http auth #auth_basic "Restricted"; #auth_basic_user_file /config/nginx/.htpasswd; # enable the next two lines for ldap auth #auth_request /auth; #error_page 401 =200 /login; include /config/nginx/proxy.conf; resolver 127.0.0.11 valid=30s; set $upstream_tautulli Tautulli; proxy_pass http://$upstream_tautulli:8181; } location ~ (/mnt/disks/PlexMediaServer/tautulli)?/api { include /config/nginx/proxy.conf; resolver 127.0.0.11 valid=30s; set $upstream_tautulli Tautulli; proxy_pass http://$upstream_tautulli:8181; } } Any assistance or guidance would be greatly appreciated!
-
[Support] Linuxserver.io - OpenVPN AS
Yup that did it! Thank you so much! Hope this helps someone else as well!
-
[Support] Linuxserver.io - OpenVPN AS
I thought I had the answer with this as well but this is not working for me. I have my Dynamic DNS hostname in place which I use for other services so I know it's resolving properly. However, when I try to connect from my phone I see it trying to connect to the Docker Containers IP address which is 172.12.0.5. I should mention that the Open Port Checker at https://www.yougetsignal.com/tools/open-ports/ shows that 9443 is open. So I know it's got to be an issue with the app config. Here are a few screen grabs of my network config for OpenVPN-AS. I temporarily masked my Dynamic DNS address for the grab. Here is the log file from the OpenVPN client app on my iPhone where I have the Dynamic DNS address set as the hostname and port 9443 as the port: 2019-07-09 07:07:47 ----- OpenVPN Start ----- OpenVPN core 3.2 ios arm64 64-bit PT_PROXY built on Oct 3 2018 06:35:04 2019-07-09 07:07:47 Frame=512/2048/512 mssfix-ctrl=1250 2019-07-09 07:07:47 UNUSED OPTIONS 11 [sndbuf] [0] 12 [rcvbuf] [0] 15 [verb] [3] 24 [CLI_PREF_ALLOW_WEB_IMPORT] [True] 25 [CLI_PREF_BASIC_CLIENT] [False] 26 [CLI_PREF_ENABLE_CONNECT] [True] 27 [CLI_PREF_ENABLE_XD_PROXY] [True] 28 [WSHOST] [172.17.0.5:9443] 29 [WEB_CA_BUNDLE] [-----BEGIN CERTIFICATE----- [Certificate Masked]...] 30 [IS_OPENVPN_WEB_CA] [1] 31 [ORGANIZATION] [OpenVPN Inc] 2019-07-09 07:07:47 EVENT: RESOLVE 2019-07-09 07:07:47 Contacting [172.17.0.5]:9443/TCP via TCP 2019-07-09 07:07:47 EVENT: WAIT 2019-07-09 07:07:58 Server poll timeout, trying next remote entry... 2019-07-09 07:07:58 EVENT: RECONNECTING 2019-07-09 07:07:58 EVENT: RESOLVE 2019-07-09 07:07:58 Contacting [172.17.0.5]:9443/TCP via TCP 2019-07-09 07:07:58 EVENT: WAIT 2019-08-09 07:08:09 Server poll timeout, trying next remote entry... 2019-08-09 07:08:09 EVENT: RECONNECTING 2019-08-09 07:08:09 EVENT: RESOLVE 2019-08-09 07:08:09 Contacting [172.17.0.5]:9443/TCP via TCP 2019-08-09 07:08:09 EVENT: WAIT 2019-08-09 07:08:19 EVENT: CONNECTION_TIMEOUT [ERR] 2019-08-09 07:08:19 Raw stats on disconnect: CONNECTION_TIMEOUT : 1 N_RECONNECT : 2 2019-08-09 07:08:19 Performance stats on disconnect: CPU usage (microseconds): 49938 Network bytes per CPU second: 0 Tunnel bytes per CPU second: 0 2019-08-09 07:08:19 EVENT: DISCONNECTED 2019-08-09 07:08:19 Raw stats on disconnect: CONNECTION_TIMEOUT : 1 N_RECONNECT : 2 2019-08-09 07:08:19 Performance stats on disconnect: CPU usage (microseconds): 51440 Network bytes per CPU second: 0 Tunnel bytes per CPU second: 0 Any assistance is greatly appreciated.
-
[support] pducharme's Dockers support thread
Just wanted to say thanks for pushing the update ... Thanks!
-
[support] pducharme's Dockers support thread
I had the same issue. Set your host path to whatever you want but in the UniFi Video system config use the container path as: /var/lib/unifi-video/videos This is how I have mine configured: