Smooth Beaver
-
Posts
54 -
Joined
-
Last visited
Content Type
Profiles
Forums
Downloads
Store
Gallery
Bug Reports
Documentation
Landing
Posts posted by Smooth Beaver
-
-
@Xaero Thank you!!!
-
Hi,
I currently only run Plex on my server, It is mapped to another server via SMB. How can I get the Plex container to wait to start until the SMB is mounted? I tried the wait option via advanced settings but it appears to control the wait period after that container has started. How do I put a wait period on the first and only container?
Thank you.
-
How do I get this intel_iommu=on iommu=pt to remain remain on boot? I run a headless unit and every reboot I have to drag the monitor out and boot with those options.
@Squid overwritting the bz files on the USB did not help for me. Only using those options on boot allow UnRaid to boot.
Is downgrading to 6.9 as simple as overwritting the bz files with the 6.9 versions?
-
Hello everyone,
I'm new to UnRaid and looking for a little help on getting Seafile running on it. the manual says to use docker compose and they provide a .yml file. The directories appear to be mainly used for Ubuntu or Cent. Can you look at this compose file and tell me what locations would be better or if the ones they provide are good to use? On container updates if I use the locations they provide would they be wiped out? What location would I need to place those files so they are not cleared on container update?
Thank You!!!
version: '2.0' services: db: image: mariadb:10.1 container_name: seafile-mysql environment: - MYSQL_ROOT_PASSWORD=db_dev # Requested, set the root's password of MySQL service. - MYSQL_LOG_CONSOLE=true volumes: - /opt/seafile-mysql/db:/var/lib/mysql # Requested, specifies the path to MySQL data persistent store. networks: - seafile-net memcached: image: memcached:1.5.6 container_name: seafile-memcached entrypoint: memcached -m 256 networks: - seafile-net seafile: image: seafileltd/seafile-mc:latest container_name: seafile ports: - "80:80" # - "443:443" # If https is enabled, cancel the comment. volumes: - /opt/seafile-data:/shared # Requested, specifies the path to Seafile data persistent store. environment: - DB_HOST=db - DB_ROOT_PASSWD=db_dev # Requested, the value shuold be root's password of MySQL service. - TIME_ZONE=Etc/UTC # Optional, default is UTC. Should be uncomment and set to your local time zone. - [email protected] # Specifies Seafile admin user, default is '[email protected]'. - SEAFILE_ADMIN_PASSWORD=asecret # Specifies Seafile admin password, default is 'asecret'. - SEAFILE_SERVER_LETSENCRYPT=false # Whether to use https or not. - SEAFILE_SERVER_HOSTNAME=docs.seafile.com # Specifies your host name if https is enabled. depends_on: - db - memcached networks: - seafile-net networks: seafile-net:
-
On 4/1/2020 at 5:32 AM, A75G said:
If someone have free time here you go https://github.com/A75G/test-templates
I didnt test them at all so i dont know if they work or not.
What i got from https://github.com/jitsi/docker-jitsi-meet/blob/master/docker-compose.yml
TL;DR
- Custom network so all services can communicate using a FQDN
- jicofo and jvb depends on prosody to run
- web is just frontend
- prosody XMPP server
- jicofo Focus component
- jvb Video bridge
@A75G How would I get this installed?
-
11 hours ago, blaine07 said:
My Nextcloud server has a update from 17.0.0 to 17.0.1. Tried to auto update inside Nextcloud and it failed to make a backup for some reason. At any rate, can anyone confirm update instructions linked in OP are still relevant and functional in 17 before I cause myself a mess lol? Don’t think anything would’ve changed as far as updating container but I’d rather ask and be safe over sorry...
Worked fine for me two days ago.
- 1
-
-
18 minutes ago, Seanraz said:
Re-did my container setup today, with letsencrypt configured finally. I can access my nextcloud via my ddns name, but once I'm on LAN, my phone cannot see the nextcloud server. Anyone run into this issue before, I have Hairpin NAT enabled on my edgerouter, followed Spaceinvaders video on setting both up.
Do you have a static host mapped? I tried that last night with my UniFi stack and yep that's a no go, I cannot access it internally, but you can access it externally, killed the static host map and voila works like it should except traffic is directed out to WAN then back in.... if you figure this out please pass the info down...
-
I guess Google as we haven't made one.
Forgot to say that you shouldn't update inside the container.
I tried combining/using some of the samples that you have already made but haven’t had much luck...not exactly my area of strength...
Sent from my iPhone using Tapatalk -
4 minutes ago, saarg said:
r1053 is the latest proper release on github, so that is what our automated build server use.
r1070 isn't a proper release on github and therefor not picked up by our builder.
@saarg Thank you. Any knowledge on how I might get that reverse proxy working?
-
@CHBMB A new version of ProjectSend (r1070) was released in April, can we update inside the container or do we need to wait for you to update the docker container? How about a reverse proxy conf file anyone know where I can get my hands on one for ProjectSend?
-
On 3/30/2019 at 10:29 AM, Niklas said:
I looked for clamav in the container first.
The plugin needs clamscan
/usr/bin/clamscan
bash: /usr/bin/clamscan: No such file or directory
Edit:One solution:
Added this container: https://hub.docker.com/r/mkodockx/docker-clamav/
Configured the plugin in Nextcloud to connect to ClamAV-container using ip and port 3310.
@Niklas Could you offer any help on setting up that Clam AV docker? When I install it here is what I end up with:
-
8 minutes ago, H2O_King89 said:
Post your proxy config.
I don't use F2B in the container because phone app or sharing can't get around it so I use the one built into nextcloud but I had to add from there app store.
Sent from my Pixel 4 XL using Tapatalk
Here is my Nextcloud proxy config:
# make sure that your dns has a cname set for nextcloud # assuming this container is called "letsencrypt", edit your nextcloud container's config # located at /config/www/nextcloud/config/config.php and add the following lines before the ");": # 'trusted_proxies' => ['letsencrypt'], # 'overwrite.cli.url' => 'https://nextcloud.your-domain.com/', # 'overwritehost' => 'nextcloud.your-domain.com', # 'overwriteprotocol' => 'https', # # Also don't forget to add your domain name to the trusted domains array. It should look somewhat like this: # array ( # 0 => '192.168.0.1:444', # This line may look different on your setup, don't modify it. # 1 => 'nextcloud.your-domain.com', # ), server { listen 443 ssl; listen [::]:443 ssl; server_name cloud.*; include /config/nginx/ssl.conf; client_max_body_size 0; location / { include /config/nginx/proxy.conf; resolver 127.0.0.11 valid=30s; set $upstream_nextcloud nextcloud; proxy_max_temp_file_size 2048m; proxy_pass https://$upstream_nextcloud:443; } }
Here is my ONLYOFFICE Document Server Proxy conf:
server { listen 443 ssl; server_name oods.*; include /config/nginx/ssl.conf; client_max_body_size 0; location / { include /config/nginx/proxy.conf; resolver 127.0.0.11 valid=30s; set $upstream_oods OnlyOfficeDocumentServer; proxy_pass https://$upstream_oods:443; proxy_redirect off; proxy_set_header Host $host; proxy_set_header X-Real-IP $remote_addr; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; proxy_set_header X-Forwarded-Host $server_name; proxy_set_header X-Forwarded-Proto $scheme; } }
-
5 hours ago, saarg said:
Why not use fail2ban in the letsencrypt container? It's built in.
I am, but it doesn't appear to offer brute force protection, am I wrong on this? (I know Nextcloud offers it natively but I cannot set anything, a tried like 5 times to login with wrong information and never got blocked, I want it to like 3 attempts and blocked) I added the filter, and I was gonna add the jail but once I looked at the nextcloud logs all logins are coming from the same IP so it won't work....
-
I am trying to setup fail2ban with the nextcloud, letsencrypt and OnlyOffice Document Server dockers, (Nextcloud, letsencrypt & ONLYOFFICE currently work perfectly) When I look at Nextcloud's log file it shows all logins are coming from a single IP, probably because of the letsencrypt reverse proxy. So I found this page but it says I need a subscription to view it.
Can anyone help with allowing the reverse proxy to pass the client IP so I can configure fail2ban to work using this as a rough guide:
https://dennisnotes.com/note/20180831-nextcloud-docker-nginx-reverse-proxy/
Are these the lines that I need to add to the letsencrypt conf file for nextcloud that will do the client IP passthrough?
proxy_set_header X-Real-IP $remote_addr; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; proxy_set_header X-Forwarded-Proto $scheme;
Do I need to add all three or just one or etc? I am not exactly sure what they do which is why I don't want to add them....
-
I am trying to setup fail2ban with the nextcloud, letsencrypt and OnlyOffice Document Server dockers, (Nextcloud, letsencrypt & ONLYOFFICE currently work perfectly) When I look at Nextcloud's log file it shows all logins are coming from a single IP, probably because of the letsencrypt reverse proxy. So I found this page but it says I need a subscription to view it.
Can anyone help with allowing the reverse proxy to pass the client IP so I can configure fail2ban to work using this as a rough guide:
https://dennisnotes.com/note/20180831-nextcloud-docker-nginx-reverse-proxy/
Are these the lines that I need to add to the letsencrypt conf file for nextcloud that will do the client IP passthrough?
proxy_set_header X-Real-IP $remote_addr; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; proxy_set_header X-Forwarded-Proto $scheme;
Do I need to add all three or just one or etc? I am not exactly sure what they do which is why I don't want to add them....
-
Any steps on how to do it? Thanks.
Go up a few posts directions are given already. If you have an older version of the config file@bastl just posted directions on that as well.
Sent from my iPhone using Tapatalk -
Are we affected by this bug
Yes. Only new installations are patched. You must implement the patch manually.
Sent from my iPhone using Tapatalk -
1 minute ago, levster said:
This is not a new install and has been running well for over a year, perhaps longer. I mainly use it to sync various devices to a central server. However, when I do send a link to a friend, I've always encountered this issue. It's more of a nuisance than a true hindrance, but I was wondering how to completely fix it.
When you look at the letsencrypt log are there any errors? Can you post a screen shot of your letsencrypt docker config?
-
3 minutes ago, levster said:
Yes. still the same issue - This site is not secure, message.
What exactly did you change? Is this a new installed old install?
-
20 minutes ago, levster said:
When I try to open the url remotely, such as yourname.duckdns.org, I get the following:
I can click through it, but how do I correct it so that it doesn't show up?
Did you reboot letsencrypt docker container? it may need to re generate certs.
-
1 hour ago, CorneliousJD said:
My file is VASTLY different here than yours.
upstream php-handler { server 127.0.0.1:9000; # server unix:/var/run/php/php7.0-fpm.sock; } server { listen 80; server_name _; # enforce https return 301 https://$server_name$request_uri; } server { listen 443 ssl; server_name _; ssl_certificate /config/keys/cert.crt; ssl_certificate_key /config/keys/cert.key; # Add headers to serve security related headers add_header Strict-Transport-Security "max-age=15768000; includeSubDomains; preload;"; add_header X-Content-Type-Options nosniff; # add_header X-Frame-Options "SAMEORIGIN"; add_header X-XSS-Protection "1; mode=block"; add_header X-Robots-Tag none; add_header X-Download-Options noopen; add_header X-Permitted-Cross-Domain-Policies none; # Path to the root of your installation root /config/www/nextcloud/; # set max upload size client_max_body_size 10G; fastcgi_buffers 64 4K; # Disable gzip to avoid the removal of the ETag header gzip off; # Uncomment if your server is build with the ngx_pagespeed module # This module is currently not supported. #pagespeed off; index index.php; error_page 403 /core/templates/403.php; error_page 404 /core/templates/404.php; rewrite ^/.well-known/carddav /remote.php/dav/ permanent; rewrite ^/.well-known/caldav /remote.php/dav/ permanent; # The following 2 rules are only needed for the user_webfinger app. # Uncomment it if you're planning to use this app. #rewrite ^/.well-known/host-meta /public.php?service=host-meta last; #rewrite ^/.well-known/host-meta.json /public.php?service=host-meta-json last; location = /robots.txt { allow all; log_not_found off; access_log off; } location ~ ^/(build|tests|config|lib|3rdparty|templates|data)/ { deny all; } location ~ ^/(?:\.|autotest|occ|issue|indie|db_|console) { deny all; } location / { rewrite ^/remote/(.*) /remote.php last; rewrite ^(/core/doc/[^\/]+/)$ $1/index.html; try_files $uri $uri/ =404; } location ~ \.php(?:$|/) { fastcgi_split_path_info ^(.+\.php)(/.+)$; include /etc/nginx/fastcgi_params; fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; fastcgi_param PATH_INFO $fastcgi_path_info; fastcgi_param HTTPS on; fastcgi_param modHeadersAvailable true; #Avoid sending the security headers twice fastcgi_pass php-handler; fastcgi_intercept_errors on; } # Adding the cache control header for js and css files # Make sure it is BELOW the location ~ \.php(?:$|/) { block location ~* \.(?:css|js)$ { add_header Cache-Control "public, max-age=7200"; # Add headers to serve security related headers add_header Strict-Transport-Security "max-age=15768000; includeSubDomains; preload;"; add_header X-Content-Type-Options nosniff; add_header X-Frame-Options "SAMEORIGIN"; add_header X-XSS-Protection "1; mode=block"; add_header X-Robots-Tag none; add_header X-Download-Options noopen; add_header X-Permitted-Cross-Domain-Policies none; # Optional: Don't log access to assets access_log off; } # Optional: Don't log access to other assets location ~* \.(?:jpg|jpeg|gif|bmp|ico|png|swf)$ { access_log off; } }
You may want to look at Nextcloud's new format, your config.php is probably from and older version. My config for from the 17.0 version.
https://docs.nextcloud.com/server/17/admin_manual/installation/nginx.html
- 1
-
Ok so iI have been trying to apply the fix for the Urgent Security issue.
I got this added and able to load the docker.location / { rewrite ^ /index.php; }
But if I add this (The docker will no longer load, Had to comment it out to get it to load again)location ~ ^\/(?:index|remote|public|cron|core\/ajax\/update|status|ocs\/v[12]|updater\/.+|ocs-provider\/.+|ocm-provider\/.+)\.php(?|\/) { fastcgi_split_path_info ^(.+?\.php)(\/.*|)$; #$try_files $fastcgi_script_name =404; include /etc/nginx/fastcgi_params; fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; fastcgi_param PATH_INFO $fastcgi_path_info; fastcgi_param HTTPS on; fastcgi_param modHeadersAvailable true; fastcgi_param front_controller_active true; fastcgi_pass php-handler; fastcgi_intercept_errors on; fastcgi_request_buffering off; }
Anyone else have this issue?
You are adding a “$” before the try.. remove that.
Sent from my iPhone using Tapatalk -
Yep, it was one of my proxy confs files. This one was specifically for the onlyofficedocumentserver container.
This is for a subdomain correct?
Also my certs are for cloud.domain.com is that the cert that I need to copy over?
Sent from my iPhone using Tapatalk
Log Getting Full With High CPU Usage
in General Support
Posted
Can anyone tell me what causes this? My log is filling up and the CPU usage becomes high once the servers been on for about a day.
Jul 30 04:40:02 Atlantis kernel: CIFS: __readahead_batch() returned 13/16 Jul 30 04:40:02 Atlantis kernel: CIFS: __readahead_batch() returned 4/16 Jul 30 04:40:02 Atlantis kernel: CIFS: __readahead_batch() returned 2/16 Jul 30 04:40:02 Atlantis kernel: CIFS: __readahead_batch() returned 3/16 Jul 30 04:40:02 Atlantis kernel: CIFS: __readahead_batch() returned 12/16 Jul 30 04:40:02 Atlantis kernel: CIFS: __readahead_batch() returned 3/16 Jul 30 04:40:02 Atlantis kernel: CIFS: __readahead_batch() returned 5/16 Jul 30 04:40:02 Atlantis kernel: CIFS: __readahead_batch() returned 7/16 Jul 30 04:40:02 Atlantis kernel: CIFS: __readahead_batch() returned 1/16 Jul 30 04:40:02 Atlantis kernel: CIFS: __readahead_batch() returned 12/16 Jul 30 04:40:02 Atlantis kernel: CIFS: __readahead_batch() returned 1/16 Jul 30 04:40:02 Atlantis kernel: CIFS: __readahead_batch() returned 10/16 Jul 30 04:40:02 Atlantis kernel: CIFS: __readahead_batch() returned 3/16 Jul 30 04:40:02 Atlantis kernel: CIFS: __readahead_batch() returned 4/16 Jul 30 04:40:02 Atlantis kernel: CIFS: __readahead_batch() returned 14/16 Jul 30 04:40:02 Atlantis kernel: CIFS: __readahead_batch() returned 5/16 Jul 30 04:40:02 Atlantis kernel: CIFS: __readahead_batch() returned 2/16 Jul 30 04:40:02 Atlantis kernel: CIFS: __readahead_batch() returned 4/16 Jul 30 04:40:02 Atlantis kernel: CIFS: __readahead_batch() returned 15/16 Jul 30 04:40:02 Atlantis kernel: CIFS: __readahead_batch() returned 1/16 Jul 30 04:40:02 Atlantis kernel: CIFS: __readahead_batch() returned 1/16 Jul 30 04:40:02 Atlantis kernel: CIFS: __readahead_batch() returned 10/16 Jul 30 04:40:02 Atlantis kernel: CIFS: __readahead_batch() returned 10/16 Jul 30 04:40:02 Atlantis kernel: CIFS: __readahead_batch() returned 9/16 Jul 30 04:40:02 Atlantis kernel: CIFS: __readahead_batch() returned 3/16 Jul 30 04:40:02 Atlantis kernel: CIFS: __readahead_batch() returned 14/16 Jul 30 04:40:02 Atlantis kernel: CIFS: __readahead_batch() returned 1/16 Jul 30 04:40:02 Atlantis kernel: CIFS: __readahead_batch() returned 7/16 Jul 30 04:40:02 Atlantis kernel: CIFS: __readahead_batch() returned 1/16 Jul 30 04:40:02 Atlantis kernel: CIFS: __readahead_batch() returned 5/16 Jul 30 04:40:02 Atlantis kernel: CIFS: __readahead_batch() returned 8/16 Jul 30 04:40:02 Atlantis kernel: CIFS: __readahead_batch() returned 8/16 Jul 30 04:40:02 Atlantis kernel: CIFS: __readahead_batch() returned 1/16 Jul 30 04:40:02 Atlantis kernel: CIFS: __readahead_batch() returned 7/16 Jul 30 04:40:02 Atlantis kernel: CIFS: __readahead_batch() returned 2/16 Jul 30 04:40:02 Atlantis kernel: CIFS: __readahead_batch() returned 8/16 Jul 30 04:40:02 Atlantis kernel: CIFS: __readahead_batch() returned 1/16 Jul 30 04:40:02 Atlantis kernel: CIFS: __readahead_batch() returned 4/16 Jul 30 04:40:02 Atlantis kernel: CIFS: __readahead_batch() returned 2/16 Jul 30 04:40:02 Atlantis kernel: CIFS: __readahead_batch() returned 1/16 Jul 30 04:40:02 Atlantis kernel: CIFS: __readahead_batch() returned 8/16 Jul 30 04:40:02 Atlantis kernel: CIFS: __readahead_batch() returned 6/16 Jul 30 04:40:02 Atlantis kernel: CIFS: __readahead_batch() returned 1/16 Jul 30 04:40:02 Atlantis kernel: CIFS: __readahead_batch() returned 4/16 Jul 30 04:40:02 Atlantis kernel: CIFS: __readahead_batch() returned 9/16 Jul 30 04:40:02 Atlantis kernel: CIFS: __readahead_batch() returned 5/16 Jul 30 04:40:02 Atlantis kernel: CIFS: __readahead_batch() returned 6/16 Jul 30 04:40:02 Atlantis kernel: CIFS: __readahead_batch() returned 12/16 Jul 30 04:40:02 Atlantis kernel: CIFS: __readahead_batch() returned 8/16 Jul 30 04:40:02 Atlantis kernel: CIFS: __readahead_batch() returned 4/16 Jul 30 04:40:02 Atlantis kernel: CIFS: __readahead_batch() returned 1/16 Jul 30 04:40:02 Atlantis kernel: CIFS: __readahead_batch() returned 6/16 Jul 30 04:40:02 Atlantis kernel: CIFS: __readahead_batch() returned 15/16 Jul 30 04:40:02 Atlantis kernel: CIFS: __readahead_batch() returned 10/16 Jul 30 04:40:02 Atlantis kernel: CIFS: __readahead_batch() returned 7/16 Jul 30 04:40:02 Atlantis kernel: CIFS: __readahead_batch() returned 7/16 Jul 30 04:40:02 Atlantis kernel: CIFS: __readahead_batch() returned 4/16 Jul 30 04:40:02 Atlantis kernel: CIFS: __readahead_batch() returned 7/16 Jul 30 04:40:02 Atlantis kernel: CIFS: __readahead_batch() returned 2/16 Jul 30 04:40:02 Atlantis kernel: CIFS: __readahead_batch() returned 1/16 Jul 30 04:40:02 Atlantis kernel: CIFS: __readahead_batch() returned 7/16 Jul 30 04:40:02 Atlantis kernel: CIFS: __readahead_batch() returned 9/16 Jul 30 04:40:02 Atlantis kernel: CIFS: __readahead_batch() returned 9/16 Jul 30 04:40:02 Atlantis kernel: CIFS: __readahead_batch() returned 8/16 Jul 30 04:40:02 Atlantis kernel: CIFS: __readahead_batch() returned 14/16