Helmonder

So its a better option then truenas/proxmos and therefor paying is even more acceptable, completely agree !

Cool ! I have the whole thing running now and it seems to do what it needs to ! One question though, is there any way I can "see" that the vpn is working ? Some kind of logging of sessions somewhere ? For all sense and purposes it is but it would be nice to see it..

Yep, its visible in the docker log you can view from the unraid page...

Think it works... I have to try and get Medusa to download something now 🙂 In the meantime the docker (openvpn-client) shootsan enormous amount of errors in the log: 2024-03-26 19:18:30 AEAD Decrypt error: bad packet ID (may be a replay): [ #5769721 ] -- see the man page entry for --no-replay and --replay-window for more info or silence this warning with --mute-replay-warnings I do not fully understand the man pages... Should I hide the warnings or is there something I should do about them ?

Found it... trying it at the moment...

Sorry but where do I place these settings ? In an environment variable in the docker config of the openvpn-client ?

Docker RUN for the openvpn-client: docker run -d --name='OpenVPN-Client' --net='bridge' -e TZ="Europe/Berlin" -e HOST_OS="Unraid" -e HOST_HOSTNAME="Tower" -e HOST_CONTAINERNAME="OpenVPN-Client" -e 'FIREWALL'='' -l net.unraid.docker.managed=dockerman -l net.unraid.docker.icon='https://raw.githubusercontent.com/ich777/docker-templates/master/ich777/images/openvpn-client.png' -p '8080:8080/tcp' -p '8090:8090/tcp' -p '8118:8118/tcp' -v '/mnt/user/appdata/openvpn-client':'/vpn':'rw' --device='/dev/net/tun' --cap-add=NET_ADMIN --dns=8.8.8.8 --sysctl net.ipv6.conf.all.disable_ipv6=0 'ich777/openvpn-client' 7ee25b13de0ef562e64a0a3517c20cf7c44b53b6b6937b346ced81aa2b418d17 Docker RUN for SabNzbd: docker run -d --name='binhex-sabnzbdvpn' --privileged=true -e TZ="Europe/Berlin" -e HOST_OS="Unraid" -e HOST_HOSTNAME="Tower" -e HOST_CONTAINERNAME="binhex-sabnzbdvpn" -e 'VPN_ENABLED'='no' -e 'VPN_USER'='GVs/hawh1kzKuDhrCLwURo7BYYHUtrone24q/fIUcRs=' -e 'VPN_PASS'='vpn password' -e 'VPN_PROV'='custom' -e 'VPN_OPTIONS'='' -e 'STRICT_PORT_FORWARD'='no' -e 'ENABLE_PRIVOXY'='no' -e 'LAN_NETWORK'='192.168.2.0/24' -e 'NAME_SERVERS'='8.8.8.8' -e 'ADDITIONAL_PORTS'='8081' -e 'DEBUG'='false' -e 'UMASK'='000' -e 'PUID'='99' -e 'PGID'='100' -e 'VPN_CLIENT'='wireguard' -l net.unraid.docker.managed=dockerman -l net.unraid.docker.webui='http://192.168.2.5:8080]/' -l net.unraid.docker.icon='https://raw.githubusercontent.com/binhex/docker-templates/master/binhex/images/sabnzbd-icon.png' -v '/mnt/user/Download/Blackhole/Sabnzbd/':'/blackhole':'rw' -v '/mnt/user/Download/':'/downloads':'rw' -v '/mnt/user/Download/Incomplete/Sabnzbd/':'/incomplete-downloads':'rw' -v '/mnt/user/Music/':'/music':'rw' -v '/mnt/user/appdata/binhex-sabnzbdvpn':'/config':'rw' --net=container:OpenVPN-Client 'binhex/arch-sabnzbdvpn' 7ce1d902be36eb8aa9f2085a1c71318f8a00b45ae8520030952c982504bdd714 LAN is 192.168.2.* Server is 192.168.2.5 ifconfig for sabnzbd docker: sh-5.2# ifconfig eth0: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500 inet 172.17.0.2 netmask 255.255.0.0 broadcast 172.17.255.255 inet6 fe80::42:acff:fe11:2 prefixlen 64 scopeid 0x20<link> ether 02:42:ac:11:00:02 txqueuelen 0 (Ethernet) RX packets 84 bytes 20004 (19.5 KiB) RX errors 0 dropped 0 overruns 0 frame 0 TX packets 84 bytes 8803 (8.5 KiB) TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0 lo: flags=73<UP,LOOPBACK,RUNNING> mtu 65536 inet 127.0.0.1 netmask 255.0.0.0 inet6 ::1 prefixlen 128 scopeid 0x10<host> loop txqueuelen 1000 (Local Loopback) RX packets 28 bytes 1531 (1.4 KiB) RX errors 0 dropped 0 overruns 0 frame 0 TX packets 28 bytes 1531 (1.4 KiB) TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0 tun0: flags=4305<UP,POINTOPOINT,RUNNING,NOARP,MULTICAST> mtu 1500 inet 10.8.0.30 netmask 255.255.0.0 destination 10.8.0.30 inet6 fe80::81e0:21fa:7be7:6344 prefixlen 64 scopeid 0x20<link> inet6 fdda:d0d0:cafe:1194::101c prefixlen 64 scopeid 0x0<global> unspec 00-00-00-00-00-00-00-00-00-00-00-00-00-00-00-00 txqueuelen 500 (UNSPEC) RX packets 0 bytes 0 (0.0 B) RX errors 0 dropped 0 overruns 0 frame 0 TX packets 4 bytes 475 (475.0 B) TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0

Question on openvpn-client .. I am using it to route sabnzbd traffic thru a wireguard vpn. works fine. However that same sabnzbd system also needs to reach my local spotweb indexer... That it does not do... it fails to get the nzb file.. I figure that it tries to reach it over the vpn which ofcourse does not work.. Any idea?

That is a true word…. However unraid has not been “free” for some time. Alternatives like truenasnor proxmox are there and are free. So there is absolutely a place for users who want a free option. Unraid already is not that place. Verzonden vanaf mijn iPhone met Tapatalk

It could… I agree.. But I will defend unraid till the end of times… it has solved so many of my issues ans gave me so much fun stuff to nerd out on… So yeah…. Kind of a fanboy.. Verzonden vanaf mijn iPhone met Tapatalk

I get that and I am also not a fan of subscriptions... However... I have been using unraid for years and years and years... And you cannot expect Limetech to just keep supporting for free and only make money by adding users constantly...

Where do you find that XML ?

Question: I am succesfully using binhex-Sabnzbdvpn. SAB works fine. I use wireguard for VPN. There is however one issue. I am using MEDUSA to search for shows, and host my own SPOTWEB server locally to index newsservers. MEDUSA tells spotweb to search and when something is found then shoots a link to sabnzbd with the nzb. Sabnzbd then needs to download this from my local spotweb server... This fails because sabnzbd is ofcourse using the tunnel and from the internet my local spotweb server is not reachable... Is there a way to have a specific ip address bypass the tunnel and keep that traffic local ? There is the LAN_NETWORK setting.. I could imagine addresses in that space bypassing the VPN ? If I look on console with in the docker I see there are two network interfaces: wg0 is the wireguard interface eth0 is the regular docker interface What would need to be done is some kind of routing rule that makes that the address space as configured in the LAN_NETWORK setting is routed thru eth0 and the rest thru wg0. I tried something dirty and changed the AllowedIP's directive in the wireguard config to only show the newssergers I target, but that does not seem to work (also: they change often so that is a bad route).. I need an exclusion instead of an inclusion..

Everything is mounted under /mnt …. Verzonden vanaf mijn iPhone met Tapatalk

Did you guys try "windowsindocker" ? amazing ! and actually very handy if you need a quick testing station..

I set up a blooth proxy with an esp32... Cost me ten euro and it works immediately.. I also put another one at the other end of the house, now bluetooth range is also great..

I am running Home Assistant in a VM. Works great but for one issue. My bluetooth dongle is not recognised by Home Assistant, it seems to be recognised yet does not work. There is scattered info in the forum on this issue or with other usb sticks but I have not been able to find a real solution. I am using this USB stick, which is recognised by Home Assistant: https://www.amazon.nl/dp/B0BXF13GB7 I installed Bluez (which I guess is not needed since I am using a VM), and I am passing thru the usb stick via the standard option in the VM's settings.. Is there any chance I can get this working or do I need to work around it ? On the Home Assistant VM I get the following error message: "Intel version event size mismatch" ADDED: Seems like this is more of a Home Assistant bug... I will pursue a different route..

Seems to work ! 12/30/2023, 11:33:11 AM: ➡️ Signing in to http://192.168.2.251/admin... 12/30/2023, 11:33:11 AM: ✔️ Successfully signed in to http://192.168.2.251/admin! 12/30/2023, 11:33:11 AM: ➡️ Downloading backup from http://192.168.2.251/admin... 12/30/2023, 11:33:11 AM: ✔️ Backup from http://192.168.2.251/admin completed! 12/30/2023, 11:33:11 AM: ➡️ Signing in to http://192.168.2.253/admin... 12/30/2023, 11:33:11 AM: ✔️ Successfully signed in to http://192.168.2.253/admin! 12/30/2023, 11:33:11 AM: ➡️ Uploading backup to http://192.168.2.253/admin... 12/30/2023, 11:33:12 AM: ✔️ Backup uploaded to http://192.168.2.253/admin! 12/30/2023, 11:33:12 AM: ➡️ Updating gravity on http://192.168.2.253/admin... 12/30/2023, 11:33:15 AM: ✔️ Gravity updated on http://192.168.2.253/admin! 12/30/2023, 11:33:15 AM: ✔️ Success: 1/1 hosts synced.

Looks like exactly what I need... My piholes do not have passwords for the admin interface though... the setup will not allow me to not fill in a password. ?

Hi, I have been playing around with ChatGTP lately and "we" have created something that -might- be usefull for others. I am using PiHole as both my DNS server as well as my DHCP server. Since that functionality is kind of crucial I am running two PiHole dockers, unfortunately it is a bad idea (and not really possible unless you become very strict in your networking) to have two different DHCP servers on your network. So only one of the two PiHole servers has DHCP switched on. Now my problem was that I wanted to know whenever DHCP would not work so at least I could manually switch, and preferably before my whole family falls on top of me because "the internet is not working". So I needed some kind of monitoring that could really check if the DHCP was working on the primary server. The API for PiHole is kind of a mess so that was not a good route, I succeeded though and now have the following monitoring page updated every three minutes: The basis of this thing is that I have two different PiHoles running (one in an unraid VM, one on a Pi), I have exposed both of their folders containing logfiles so I can mount them on the system that creates the HTML. On all servers install the NFS networking package: sudo apt-get update sudo apt-get install nfs-kernel-server Then, on every server that has a folder you want to share, create a file /etc/exports with the following content: /var/log/pihole 192.168.2.34(ro,sync) After that export those folders with the following command on each server: sudo exportfs -a Then make sure that that networking package starts with every reboot: sudo systemctl start nfs-kernel-server sudo systemctl enable nfs-kernel-server Then, on the server that needs to create the HTML file do: sudo mount -t nfs yourservername:/var/log/pihole /some/local/directory That mounts the folders of the servers as readable folders on the server that needs to create the html. Make sure that "/some/local/directory" exists (you can just create some random folder somewhere and use that, nice to do it in /mnt as good linux people do. Although this will make it work the mounts will be gone after a reboot, to make them persistent you need to add them to fstab: sudo nano /etc/fstab And add the following lines into the file that now opens (IP is the IP of the server that has the logfiles). Ofcourse you need to do that twice, once for every server with lofiles: 192.168.2.253:/var/log/pihole /mnt/pihole1 nfs defaults 0 0 Now the monitoring server has everything it needs to create the html file. Now create a bash script on the monitoring server: sudo nano pihole_monitor.sh And copy the following code in: #!/bin/bash echo Starting the Pi-Hole High Availability script # Configuration variables echo Declaring variables .. pihole1_ip="192.168.2.253" pihole2_ip="192.168.2.252" pihole1_log="/mnt/pihole1/pihole.log" pihole2_log="/mnt/pihole2/pihole.log" test_interval_seconds=60 test_fail_threshold=3 pihole1_available="yes" pihole2_available="yes" pihole1_unavailability_log="/mnt/download/logs/pihole1_unavailability.log" pihole2_unavailability_log="/mnt/download/logs/pihole2_unavailability.log" check_time="" max_age_minutes=60 # Adjust this to the desired value pushover_user_key="YOUR PUSHOVER USERKEY" pushover_token="YOUR PUSHOVER TOKEN" echo "Pi-Hole 1 IP: $pihole1_ip" echo "Pi-Hole 1 API: $pihole1_api_key" echo echo "Pi-Hole 2 IP: $pihole2_ip" echo "Pi-Hole 2 API: $pihole2_api_key" echo echo echo "We will test every $test_interval_seconds and fail a server when this has failed $test_fail_treshold times within the executing of this script" echo # Function to check the availability of a Pi-hole server check_pihole_availability() { echo Checking availability ... local pihole_ip=$1 local failed_attempts=0 for i in $(seq 1 $test_fail_threshold); do ping -c 1 -W 1 "$pihole_ip" > /dev/null 2>&1 if [ $? -eq 0 ]; then check_time=$(date '+%Y-%m-%d %H:%M:%S') return 0 fi failed_attempts=$((failed_attempts + 1)) if [ $failed_attempts -lt $test_fail_threshold ]; then sleep $test_interval_seconds fi done check_time=$(date '+%Y-%m-%d %H:%M:%S') return 1 } # Check the availability of both Pi-hole servers and update the variables check_pihole_availability "$pihole1_ip" if [ $? -eq 0 ]; then pihole1_available="yes" else pihole1_available="no" fi check_pihole_availability "$pihole2_ip" if [ $? -eq 0 ]; then pihole2_available="yes" else pihole2_available="no" fi echo Availability check finished... echo echo "Pi-Hole1: $pihole1_available" echo "Pi-Hole2: $pihole2_available" echo get_dhcpack_logs() { local pihole_log=$1 local log_lines=$(grep "DHCPACK" "$pihole_log" | tail -n 5) echo "<pre>$log_lines</pre>" } get_unavailability_times() { local unavailability_log=$1 if [ ! -f "$unavailability_log" ]; then echo "No unavailability times yet" > "$unavailability_log" fi local log_lines=$(tail -n 5 "$unavailability_log") echo "<pre>$log_lines</pre>" } check_last_dhcpack() { local pihole_log=$1 local max_age_minutes=$2 local max_age_seconds=$((max_age_minutes * 60)) local last_dhcpack_line=$(grep "DHCPACK" "$pihole_log" | tail -n 1) local last_dhcpack_time=$(echo $last_dhcpack_line | cut -d' ' -f1,2,3) local last_dhcpack_seconds=$(date --date="$last_dhcpack_time" +%s) local current_seconds=$(date +%s) local age_seconds=$((current_seconds - last_dhcpack_seconds)) local age_minutes=$((age_seconds / 60)) local age_hours=$((age_minutes / 60)) local age_days=$((age_hours / 24)) if (( age_seconds > max_age_seconds )); then echo "<span style='color:red;'>Server has not served a DHCP request since $age_days day(s), $age_hours hour(s), $age_minutes minute(s). Check the server please.</span>" else echo "<span style='color:green;'>Server seems to be healthy and responding to DHCP Requests</span>" fi } get_last_log_timestamp() { local pihole_log=$1 local last_log_timestamp=$(grep "DHCPACK" "$pihole_log" | tail -n 1 | cut -d' ' -f1,2,3) echo "$last_log_timestamp" } get_dhcpack_logs_time() { local pihole_log=$1 local last_log_time=$(grep "DHCPACK" "$pihole_log" | tail -n 5 | cut -d' ' -f1,2,3) echo "$last_log_time" } # Function to send a Pushover notification send_pushover_notification() { local message=$1 curl -s \ --form-string "token=$pushover_token" \ --form-string "user=$pushover_user_key" \ --form-string "message=$message" \ https://api.pushover.net/1/messages.json } # Function to check if pihole1 is available and send a notification if it is check_and_notify_pihole1() { if [ "$pihole1_available" = "no" ]; then send_pushover_notification "Pi-hole 1 is unavailable." fi } check_and_notify_pihole1 # Function to generate the HTML page echo Starting generating HTML... generate_html() { local output_file="/var/www/html/pihole_status.html" local current_time=$(date '+%Y-%m-%d %H:%M:%S') cat > "$output_file" << EOF <!DOCTYPE html> <html> <head> <title>Pi-hole High Availability Status</title> <style> table { width: 100%; border-collapse: collapse; } th, td { padding: 8px; text-align: left; border-bottom: 1px solid #ddd; } .dark-red { color: darkred; font-size: 1em; } .dark-blue { color:darkblue; font-size: 1em; } .header-title { font-size: 2em; /* Adjust this value to change the font size of the header */ } </style> </head> <body> <h1 class="header-title dark-red">Pi-hole High Availability Status</h1> <p class="dark-blue">Primary (Unraid): $(check_last_dhcpack "$pihole1_log" "$max_age_minutes")</p> <p class="dark-blue">Secondary (Raspberry): $(check_last_dhcpack "$pihole2_log" "$max_age_minutes")</p> <br/> <br/> <table> <tr class="dark-red"> <th>Server</th> <th>Availability</th> <th>Last Checked</th> </tr> <tr class="dark-red"> <td><a href="http://$pihole1_ip/admin" class="dark-red">Primary (Unraid)</a></td> <td>$pihole1_available</td> <td>$check_time</td> </tr> <tr> <td colspan="3" class="dark-blue">Last 5 DHCPACK log lines: $(get_dhcpack_logs_time "$pihole1_log")</td> </tr> <tr> <td colspan="3" class="dark-blue">$(get_dhcpack_logs "$pihole1_log")</td> </tr> <tr> <td colspan="3" class="dark-blue">Last 5 Unavailability Times for Primary (Unraid):</td> </tr> <tr> <td colspan="3" class="dark-blue">$(get_unavailability_times "$pihole1_unavailability_log")</td> </tr> <tr class="dark-red"> <td><a href="http://$pihole2_ip/admin" class="dark-red">Secondary (Raspberry)</a></td> <td>$pihole2_available</td> <td>$check_time</td> </tr> <tr> <td colspan="3" class="dark-blue">Last 5 DHCPACK log lines: $(get_dhcpack_logs_time "$pihole2_log")</td> </tr> <tr> <td colspan="3" class="dark-blue">$(get_dhcpack_logs "$pihole2_log")</td> </tr> <tr> <td colspan="3" class="dark-blue">Last 5 Unavailability Times for Secondary (Raspberry):</td> </tr> <tr> <td colspan="3" class="dark-blue">$(get_unavailability_times "$pihole2_unavailability_log")</td> </tr> </table> </body> </html> EOF } generate_html echo HTML created.. echo echo Script finished. Make sure to change the variables in the beginning to fit your environment. Create a (free) pushover account and you will receive push notifications if the primary server goes offline. The way the system checks if a DHCP server is functioning is looking at the logfiles, and looking at the latest line that shows a DHCP package has been delivered, this should be no longer then 60 minutes ago and you need to allign that with your number of devices and your DHCP lease time. Those are all variables. To give as much troubleshooting info as possible the script also does a ping test to see if the server is reachable at all. The primary and secundary headers in the html are clickable and bring you to the specific PiHole server. You need to schedule the script in CRON (or with userscripts plugin) to make it run as often as you want, I am running it every three minutes. Its probably a quite specific usecase but also a nice example on how to collaborate with ChatGTP. The things makes errors that you need have it correct and this still took some hours in total but I would not have been able to do it without ChatGTP and I learned some stuff in the process. Extra tip: If you are running pihole in a docker then you would need to share the specific "appdata" folder to the monitoring server, -OR- you do it a bit differently and create another script that copies over the logfile out of the docker to a central location every few minutes, that is actually how I first built the script before I realised that just having the script look at the mounted logfiles uses less resources and gives more up-to-date data.

I "solved" my issue by removing the docker and installing pihole in an ubuntu vm with that same ip address.. that worked, so I am happy 🙂

I use my pihole server that runs in a docker as dhcp server works fine ! I use the built in vpn server of unraid to connect to unraid and all other ther devices in my network, this also works fine. I can connect to the unraid server, to other devices in my network, to dockers and to vm’s on unraid. All works fine ! With -one- exception ! The pihole is a docker with its own ip, this is the only thinh in my house that i cannot reach over the vpn. A vm on unraid is reachable, dockers using the server ip are also reachable. The pihole is the only docker with other IP that I am using. Ofcourse the pihole is perfectly reachable when on my local network. Anyone have an idea why this is and how I could solve it ? Verzonden vanaf mijn iPhone met Tapatalk

Hi, I created a new unraid server a couple of months ago (actually a mini server running at 10watts an hour with still 2TB of storage, amazing..). I reused the usb drive from my old second server, as said: working fine. I now noticed however that the network interfaces the server sees are still the old ones... and if I want to use "custom" for a docker interface I can only pick the old-server (and not correct for current config) network interfaces. How can I reset this ? restarts do not solve it.. Something I need to delete out of a CFG file somewhere ? root@Mini:/boot/config# cat network.cfg # Generated settings: IFNAME[0]="br0" BONDNAME[0]="bond0" BONDING_MIIMON[0]="100" BRNAME[0]="br0" BRSTP[0]="no" BRFD[0]="0" DESCRIPTION[0]="1 GB Uplink" BONDING_MODE[0]="1" BONDNICS[0]="eth0" BRNICS[0]="bond0" PROTOCOL[0]="ipv4" USE_DHCP[0]="no" IPADDR[0]="192.168.2.29" NETMASK[0]="255.255.255.0" GATEWAY[0]="192.168.2.254" DNS_SERVER1="8.8.8.8" DNS_SERVER2="8.8.4.4" USE_DHCP6[0]="yes" DHCP6_KEEPRESOLV="no" IFNAME[1]="br4" BRNAME[1]="br4" BRNICS[1]="eth4" BRSTP[1]="no" BRFD[1]="0" DESCRIPTION[1]="10G link" PROTOCOL[1]="ipv4" USE_DHCP[1]="no" IPADDR[1]="10.10.10.6" NETMASK[1]="255.255.255.0" SYSNICS="2" The system in reality only has eth0 and there are no bonds...

I am running pihole as a dhcp server in my network, working fine ! I am a bit of a pureist, therefor it bugs me that pihole has a generated dns name... I can change it, but this reverts when the docker restarts.. Anyone any idea ? Also: anyone any idea how to set the password to "no password" ? When I delete it in the docker config it reverts back to "admin"

ICh habe das ganze installiert, mit das downgraden scheint es auch zu functionieren, sieht aber so aus als ob pialert total nicht scanned... Er sieht nur sichselbst.. Vergess ich da irgendwas ?