[Support] Linuxserver.io - SWAG - Secure Web Application Gateway (Nginx/PHP/Certbot/Fail2ban)


Recommended Posts

Hey guys,

 

I've set this up, and I feel like I am really close to the finish line, but can't seem to get there. I've tried with sonarr, and when entering the adresse (/sonarr) I'm sent to a page that simply says "Sonarr Ver." I've also tried with plex, and can see that I'm being forwarded from /web to /web/index.html, but the page is blank.

 

Any ideas? This is the same using local IP and external domain adress. 

 

EDIT: Got Sonarr working by setting a url-base in general-settings. Now I guess I just have to google the rest of the services aswell :)

Edited by Fredrick
Link to comment
On 6/13/2017 at 11:07 PM, poldim said:

Still having trouble with this.

THESE are my current domain settings.  I've tried having both 'www' and '@' before .mydomain.com and still noting.

This is my default config:


server {
    listen 443 ssl;
    
    root /config/www/unifi;
    index index.html index.htm index.php;
    
    server_name unifi.*;
    
    ssl_certificate LOCATION_REDACTED;    
    ssl_certificate_key LOCATION_REDACTED;    
    ssl_dhparam LOCATION_REDACTED;    
    ssl_ciphers 'CIPHER_REDACTED';    
    ssl_prefer_server_ciphers on; 
    
    client_max_body_size 0;
    
    location = / {
        include /config/nginx/proxy.conf;
        proxy_pass https://192.168.2.100:8443/manage/account/login;
    }
}


EDIT:

So I added the CNAME records for www + unifi and sending them to @.  I then pulled up http://unifi.mydomain.com/ on my mac and get nothing.  I tried my phone on wifi and it timed out.  I tried my phone on 4G and am getting THIS:


Outdated Browser
You are using an outdated browser. Please upgrade your browser to improve your experience.

{{toast.message}}

Partial success as it's prompting to open the unifi app....now how do I get it to work?

 

 

Anyone have any recommendations on what I could look at to try to solve this?

Link to comment
 
 
Anyone have any recommendations on what I could look at to try to solve this?


I'm not sure what you're trying to accomplish, you have too many variables there that need to be validated, which makes troubleshooting very difficult.

Plus, the listed config above is only listening on port 443 with ssl, but you're trying to connect to http, which is port 80 with no ssl.

Why don't you start with the default config, see if you can access the welcome page so you can confirm the dns is correct? Then you can try the proxy.
Link to comment
17 hours ago, aptalca said:

 


I'm not sure what you're trying to accomplish, you have too many variables there that need to be validated, which makes troubleshooting very difficult.

Plus, the listed config above is only listening on port 443 with ssl, but you're trying to connect to http, which is port 80 with no ssl.

Why don't you start with the default config, see if you can access the welcome page so you can confirm the dns is correct? Then you can try the proxy.

 

 

 

I discovered that my problem was appending the URL with the final destination.  IE:

proxy_pass https://192.168.2.100:32400/web/index.html;

does not work, but removing  "/web/index.html" makes it happy:

proxy_pass https://192.168.2.100:8443;

 

 

I've now got access to both my unifi and plex interface on my phone while on 4G.  BUT, I'm still unable to connect while connected to the WIFI in the house.  

 

Are there some kind of additional settings in nginx to allow it to route the connection between VLANs?  My wifi is on a separate VLAN but I have no issues hitting the direct IP of the interfaces.  When trying to access the subdomain.domain.com I get the following error:  ERR_EMPTY_RESPONSE or ERR_CONNECTION_TIMED_OUT

 

Edited by poldim
Link to comment
11 minutes ago, poldim said:

 

 

I discovered that my problem was appending the URL with the final destination.  IE:


proxy_pass https://192.168.2.100:32400/web/index.html;

does not work, but removing  "/web/index.html" makes it happy:


proxy_pass https://192.168.2.100:8443;

 

 

I've now got access to both my unifi and plex interface on my phone while on 4G.  BUT, I'm still unable to connect while connected to the WIFI in the house.  

 

Are there some kind of additional settings in nginx to allow it to route the connection between VLANs?  My wifi is on a separate VLAN but I have no issues hitting the direct IP of the interfaces.  When trying to access the subdomain.domain.com I get the following error:  ERR_EMPTY_RESPONSE or ERR_CONNECTION_TIMED_OUT

 

 

Sounds like a routing issue, look for NAT reflection in your router setup.  VLAN communication is nothing to do with nginx that's your network topology and routing rules.

Link to comment
On 6/19/2017 at 1:52 PM, CHBMB said:

 

Sounds like a routing issue, look for NAT reflection in your router setup.  VLAN communication is nothing to do with nginx that's your network topology and routing rules.

 

 

Any ideas on anything else to check?  I have no issues accessing the resources while on the LAN across subnets.  Makes me think it's some kind of nginx setting...

Link to comment
1 minute ago, poldim said:

 

 

Any ideas on anything else to check?  I have no issues accessing the resources while on the LAN across subnets.  Makes me think it's some kind of nginx setting...

Post your complete config file.  I'm confused.....  First it was plex and now unifi.  I need to be able to see the whole config file.

Link to comment

Hi,

 

I have a small request, is it possible to make the config file /etc/php7/php-fpm.d/www.conf available in the appdata folder in unraid? I prefer to use php-fpm.sock instead of a port. Each time I update the docker, I need to go in the docker command line to change it, it's quite annoying.

 

Regards, Mathieu

Link to comment
50 minutes ago, matthope said:

Hi,

 

I have a small request, is it possible to make the config file /etc/php7/php-fpm.d/www.conf available in the appdata folder in unraid? I prefer to use php-fpm.sock instead of a port. Each time I update the docker, I need to go in the docker command line to change it, it's quite annoying.

 

Regards, Mathieu

 

Php updates tend to mess that up (they change the structure of those conf files). That's why we decided to internalize them to maintain control over them and update when necessary.

 

I'm curious as the why you prefer sockets. In terms of performance, *theoretically* socket *may* provide better performance but according user testimonies, people don't notice a difference even on high traffic sites (> millions of hit per day). In any case it's just how nginx communicates with the php processor so it's all internal and there is no discernible effect for the end user or the admin. TCP port is the default in php so we went with that.

 

If you really want to use your custom php config, you can always map a custom conf file as a volume, but keep in mind that it will likely break when php is updated and we won't provide you with further support ;-) you're on your own

 

"-v /path/to/your/custom/www.conf:/etc/php7/php-fpm.d/www.conf" make sure you use the one in the container as the base

Edited by aptalca
Link to comment

This morning I entered the linuxserver/letsencrypt container user 

docker exec -it nginx /bin/bash

to reload the conf files.  When I called:

nginx -s reload

it could not find /run/nginx/nginx.pid.  When I looked into the run directory I saw nginx.pid but not the nginx directory.

Link to comment
This morning I entered the linuxserver/letsencrypt container user 
docker exec -it nginx /bin/bash

to reload the conf files.  When I called:

nginx -s reload

it could not find /run/nginx/nginx.pid.  When I looked into the run directory I saw nginx.pid but not the nginx directory.



Restart the container
Link to comment
39 minutes ago, aptalca said:

 


Restart the container

 

This was more of a bug report.  Restarting the container was not working for me initially because I had removed the default conf file to favor multiple smaller conf files with a dedicated purpose.  Every time I restarted the container the default conf would be recreated and break nginx.  I temporarily solved the problem by renaming the conf I did have back to "default".

Link to comment
1 hour ago, miftis said:

This was more of a bug report.  Restarting the container was not working for me initially because I had removed the default conf file to favor multiple smaller conf files with a dedicated purpose.  Every time I restarted the container the default conf would be recreated and break nginx.  I temporarily solved the problem by renaming the conf I did have back to "default".

 

"nginx -s reload" not working is not a bug. It's not supposed to work. That's not how nginx is launched in this image. Nginx is run and managed by the s6 supervisor.

 

The way this image is set up is that, if there is no default config in the config folder, it copies the default one from inside the image, just like when you first install it. Also when someone messes up their settings, they can remove the default config file and restart the container to go back to the original setup.

 

You're not supposed to remove the default config, but you can modify it to your heart's content. You can also add as many additional site configs as you like. Just don't delete the default one (you can leave it blank)

Link to comment
23 hours ago, CHBMB said:

OK, so what isn't working?

My setup:

  • 192.168.2.0/24 - VLAN 20 - HOMELAB

  • 192.168.3.0/24 - VLAN 30 - HOME AUTOMATION

  • 192.168.4.0/24 - VLAN 40 - WLAN

  • 192.168.5.0/24 - VLAN 50 - GUEST [Subnet routing only blocked for GUEST VLAN.]

What happens:

  • 4G connection from cell -> nginx reverse proxy = works
  • VM on HOMELAB VLAN -> nginx reverse proxy = works
  • VM on HOME AUTOMATION VLAN -> nginx reverse proxy = does not work
  • phone/laptop on WLAN VLAN -> nginx reverse proxy = does not work
  • phone/laptop on WLAN VLAN -> IP of service on HOMELAB VLAN = works

 

 

The unraid server has the letsencrypt / nginx docker. The server sits on 192.168.2.100 VLAN 20 but is bridged to 192.168.3.100 VLAN 30 and 192.168.4.100 VLAN 40.  I added the networking settings to the gdoc https://docs.google.com/document/d/1Cf8qLFcBVAen3yxqcOzA3kI_KbaRuS582b7yE7X7J1Q/edit?usp=sharing

 

What does not make sense to me:

  • I can access the UniFi UI on 192.168.2.100 from my macbook or phone which are 192.168.4.1xx
  • I can access my security cameras that are 192.168.3.xxx from the same macbook/phone and VM hosted on 192.168.2.xxx.

Doesn't this mean that subnet routing is, in fact, working correctly?

 

Is this correct while on WAN: unifi.mydomain.com

  • Phone > DNS lookup and send me to my router > router forwards 80 + 443 to 80 and 443 on my unraid server > letsencrypt is bound to those ports, receives the request, and forwards to the appropriate internal address based on config.

  • If I have hairpin NAT enabled, is the process the same? Does the lookup for unifi.mydomain.com not get routed by the router back to the unraid server?

Link to comment
23 hours ago, aptalca said:

 

Php updates tend to mess that up (they change the structure of those conf files). That's why we decided to internalize them to maintain control over them and update when necessary.

 

I'm curious as the why you prefer sockets. In terms of performance, *theoretically* socket *may* provide better performance but according user testimonies, people don't notice a difference even on high traffic sites (> millions of hit per day). In any case it's just how nginx communicates with the php processor so it's all internal and there is no discernible effect for the end user or the admin. TCP port is the default in php so we went with that.

 

If you really want to use your custom php config, you can always map a custom conf file as a volume, but keep in mind that it will likely break when php is updated and we won't provide you with further support ;-) you're on your own

 

"-v /path/to/your/custom/www.conf:/etc/php7/php-fpm.d/www.conf" make sure you use the one in the container as the base

 

Thanks for the help, I will update my site-confs settings instead of php settings next time. I always thought that socket where more efficient and reliable than TCP port but after a small research on google it seem like it doesnt really matters.

Link to comment
33 minutes ago, poldim said:

My setup:

  • 192.168.2.0/24 - VLAN 20 - HOMELAB

  • 192.168.3.0/24 - VLAN 30 - HOME AUTOMATION

  • 192.168.4.0/24 - VLAN 40 - WLAN

  • 192.168.5.0/24 - VLAN 50 - GUEST [Subnet routing only blocked for GUEST VLAN.]

What happens:

  • 4G connection from cell -> nginx reverse proxy = works
  • VM on HOMELAB VLAN -> nginx reverse proxy = works
  • VM on HOME AUTOMATION VLAN -> nginx reverse proxy = does not work
  • phone/laptop on WLAN VLAN -> nginx reverse proxy = does not work
  • phone/laptop on WLAN VLAN -> IP of service on HOMELAB VLAN = works

 

 

The unraid server has the letsencrypt / nginx docker. The server sits on 192.168.2.100 VLAN 20 but is bridged to 192.168.3.100 VLAN 30 and 192.168.4.100 VLAN 40.  I added the networking settings to the gdoc https://docs.google.com/document/d/1Cf8qLFcBVAen3yxqcOzA3kI_KbaRuS582b7yE7X7J1Q/edit?usp=sharing

 

What does not make sense to me:

  • I can access the UniFi UI on 192.168.2.100 from my macbook or phone which are 192.168.4.1xx
  • I can access my security cameras that are 192.168.3.xxx from the same macbook/phone and VM hosted on 192.168.2.xxx.

Doesn't this mean that subnet routing is, in fact, working correctly?

 

Is this correct while on WAN: unifi.mydomain.com

  • Phone > DNS lookup and send me to my router > router forwards 80 + 443 to 80 and 443 on my unraid server > letsencrypt is bound to those ports, receives the request, and forwards to the appropriate internal address based on config.

  • If I have hairpin NAT enabled, is the process the same? Does the lookup for unifi.mydomain.com not get routed by the router back to the unraid server?

 

Your network is super complicated. The fact that reverse proxy works from wan/4g but has issues from inside, suggests dns/firewall issues on the router. It may be nat loopback issues (many routers by default block connections that go out to the wan and come right back in to the router). You may also have issues with your firewall settings for connections between vlans. All those issues are really beyond the scope of our support for this image.

Link to comment

Good morning!  So I've finally gotten around to setting up ddclient to use my dynamic IP with my already registered Google Domain, per the advice of this thread earlier.  Letsencrypt is now throwing the following error message:

IMPORTANT NOTES:
- The following errors were reported by the server:

Domain: chaoconnor.com
Type: unknownHost
Detail: No valid IP addresses found for chaoconnor.com

To fix these errors, please make sure that your domain name was
entered correctly and the DNS A record(s) for that domain
contain(s) the right IP address.

My setup is as follows:

Letsencrypt (see picture)

Google DNS (see picture)

DDclient:

#
##
## Google Domains (www.google.com/domains)
##
protocol=googledomains,
login=<removed>,
password=<removed>
www.chaoconnor.com

 

If I type in www.chaoconnor.com it brings me to my router homepage, so doesn't that mean DDclient is working?  Note the Google DNS is updated with my IP.  If I go to chaoconnor.com (without the www), it doesn't work.  

 

I also tried using the @ identifier in Google DNS instead of www, and the error for Letsencrypt is:

IMPORTANT NOTES:
- The following errors were reported by the server:

Domain: www.chaoconnor.com
Type: connection
Detail: DNS problem: NXDOMAIN looking up A for www.chaoconnor.com

To fix these errors, please make sure that your domain name was
entered correctly and the DNS A record(s) for that domain
contain(s) the right IP address.


I appreciate any help/guidance you can provide, thanks!

LetsEncrypt.jpg

GoogleDNS.png

Edited by ChaOConnor
Link to comment

Hello im stuck with the certificate itself

i made a subdomain at duckdns.org "ben-home.duckdns.org" wich is showing the right ip adress.

 

 

i made a portforwading in the fritzbox 80->81 and 443 to 443 (fritzbox)

fritzbox.thumb.PNG.b69377d5312a6377fe32674f4b2ab924.PNG

 

then i added the stuff to the letsencrypt docker:

 

docker1.thumb.PNG.6ed4d28ee89acd402e186edcad503bd6.PNGdocker2.thumb.PNG.fb0ae93326862406728b64b5d7f6123b.PNG

 

Now the magically moment:

 

[s6-init] making user provided files available at /var/run/s6/etc...exited 0.
[s6-init] ensuring user provided files have correct perms...exited 0.
[fix-attrs.d] applying ownership & permissions fixes...
[fix-attrs.d] done.
[cont-init.d] executing container initialization scripts...
[cont-init.d] 10-adduser: executing...

-------------------------------------
_ _ _
| |___| (_) ___
| / __| | |/ _ \
| \__ \ | | (_) |
|_|___/ |_|\___/
|_|

Brought to you by linuxserver.io
We gratefully accept donations at:
https://www.linuxserver.io/donations/
-------------------------------------
GID/UID
-------------------------------------
User uid: 99
User gid: 100
-------------------------------------

[cont-init.d] 10-adduser: exited 0.
[cont-init.d] 20-config: executing...
[cont-init.d] 20-config: exited 0.
[cont-init.d] 30-keygen: executing...
using keys found in /config/keys
[cont-init.d] 30-keygen: exited 0.
[cont-init.d] 50-config: executing...
DH parameters bit setting changed. Deleting old dhparams file.
Creating DH parameters for additional security. This may take a very long time. There will be another message once this process is completed
Generating DH parameters, 4096 bit long safe prime, generator 2
This is going to take a long time
........................................................................................................................................................................................+........................................................................................................................+........................................................................................................+..............................+.............................................................................................................+.................................+.............................+.......................................................................................................................................................................................................................................+...................................................................................................................................................................................................+.................................................................................................................................................................................+..........................................................................................................................................................................................................+.+..................................................................................................................+..................................................................................................................................................................+............................................................................................................................................................................................................+...................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................+......................................................................................................................................................................................................+.............................................................................................................+.............................................................+..................................................................................................................................+......................+.............................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................+..+.............................................................................................................................................................................................................................................................................................................................+...................................................................................................+................+..............................................................................................................................................................................................+...........................................................................................+...........................................................................................................................................................................................................................................+........................................................................................................................................................+........................................................................................+.........+.......................................................................................................................................................................................................................................................................................................................+.....................+...+.......................................................................................................................................+.......................................................................................................................................................................................+.......................................................................................................................................................................................................................................................................................................................+....................................................................................................................+.................................................................................................................+.................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................+...................................................................+...................................................................................................................................................................................................................................................................................................................................................................................................................................................................+.......................................................................................................................................................................................................................................................................................................................................................................+...............................................................................+..................................................................................................................................................................................+.....................................................................................................................................+........................................................................................................................................................................................................................................................................................................+.+.......................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................+.......................................................................................................................................................................................+....................+..................................................................................................+.................................................................................................................................................................................................................................................................................................................................................................................+.............................................................................................................................................+......................................................................................................................................................................................................................................................+........................................................................................................................................................................................................................................................................................................+....................................................................................................................................................................................................+........................................+.........................................................+.......................................+....................................................................................................................................+....................................+...................................................................................................................+.................................................................................................................+....................................................................................................................+................+.................................................................................................................................................................................................................................................................................................................................................................................................+...........................................................................................................................+.......................................................................................................................................................................................................................................................................................................................................................+.................................................................................................................................................................................................................................................................................................................................................................................................................................................................................++*++*
DH parameters successfully created - 4096 bits
SUBDOMAINS entered, processing
Only subdomains, no URL in cert
Sub-domains processed are: -d www.ben-home.duckdns.org -d ftp.ben-home.duckdns.org -d cloud.ben-home.duckdns.org
E-mail address entered: [email protected]
Different sub/domains entered than what was used before. Revoking and deleting existing certificate, and an updated one will be created
usage:
certbot [SUBCOMMAND] [options] [-d DOMAIN] [-d DOMAIN] ...

Certbot can obtain and install HTTPS/TLS/SSL certificates. By default,
it will attempt to use a webserver both for obtaining and installing the
cert.
certbot: error: argument --cert-path: No such file or directory
Generating new certificate
Saving debug log to /var/log/letsencrypt/letsencrypt.log
Obtaining a new certificate
Performing the following challenges:
tls-sni-01 challenge for www.ben-home.duckdns.org
tls-sni-01 challenge for ftp.ben-home.duckdns.org
tls-sni-01 challenge for cloud.ben-home.duckdns.org
Waiting for verification...
Performing the following challenges:
tls-sni-01 challenge for www.ben-home.duckdns.org
tls-sni-01 challenge for ftp.ben-home.duckdns.org
tls-sni-01 challenge for cloud.ben-home.duckdns.org
Waiting for verification...
Cleaning up challenges
Failed authorization procedure. www.ben-home.duckdns.org (tls-sni-01): urn:acme:error:connection :: The server could not connect to the client to verify the domain :: Error getting validation data, cloud.ben-home.duckdns.org (tls-sni-01): urn:acme:error:connection :: The server could not connect to the client to verify the domain :: Error getting validation data, ftp.ben-home.duckdns.org (tls-sni-01): urn:acme:error:connection :: The server could not connect to the client to verify the domain :: Error getting validation data
IMPORTANT NOTES:
- The following errors were reported by the server:

Domain: www.ben-home.duckdns.org
Type: connection
Detail: Error getting validation data

Domain: cloud.ben-home.duckdns.org
Type: connection
Detail: Error getting validation data

Domain: ftp.ben-home.duckdns.org
Type: connection
Detail: Error getting validation data

To fix these errors, please make sure that your domain name was
entered correctly and the DNS A record(s) for that domain
contain(s) the right IP address. Additionally, please check that
your computer has a publicly routable IP address and that no
firewalls are preventing the server from communicating with the
client. If you're using the webroot plugin, you should also verify
that you are serving files from the webroot path you provided.
- Your account credentials have been saved in your Certbot
configuration directory at /etc/letsencrypt. You should make a
secure backup of this folder now. This configuration directory will
also contain certificates and private keys obtained by Certbot so
making regular backups of this folder is ideal.
/var/run/s6/etc/cont-init.d/50-config: line 117: cd: /config/keys/letsencrypt: No such file or directory
[cont-init.d] 50-config: exited 1.
[cont-finish.d] executing container finish scripts...
[cont-finish.d] done.
[s6-finish] syncing disks.
[s6-finish] sending all processes the TERM signal.
Failed authorization procedure. www.ben-home.duckdns.org (tls-sni-01): urn:acme:error:connection :: The server could not connect to the client to verify the domain :: Error getting validation data, cloud.ben-home.duckdns.org (tls-sni-01): urn:acme:error:connection :: The server could not connect to the client to verify the domain :: Error getting validation data, ftp.ben-home.duckdns.org (tls-sni-01): urn:acme:error:connection :: The server could not connect to the client to verify the domain :: Error getting validation data
IMPORTANT NOTES:
- The following errors were reported by the server:

Domain: www.ben-home.duckdns.org
Type: connection
Detail: Error getting validation data

Domain: cloud.ben-home.duckdns.org
Type: connection
Detail: Error getting validation data

Domain: ftp.ben-home.duckdns.org
Type: connection
Detail: Error getting validation data

To fix these errors, please make sure that your domain name was
entered correctly and the DNS A record(s) for that domain
contain(s) the right IP address. Additionally, please check that
your computer has a publicly routable IP address and that no
firewalls are preventing the server from communicating with the
client. If you're using the webroot plugin, you should also verify
that you are serving files from the webroot path you provided.
- Your account credentials have been saved in your Certbot
configuration directory at /etc/letsencrypt. You should make a
secure backup of this folder now. This configuration directory will
also contain certificates and private keys obtained by Certbot so
making regular backups of this folder is ideal.
/var/run/s6/etc/cont-init.d/50-config: line 117: cd: /config/keys/letsencrypt: No such file or directory
[cont-init.d] 50-config: exited 1.
[cont-finish.d] executing container finish scripts...
[cont-finish.d] done.
[s6-finish] syncing disks.
[s6-finish] sending all processes the TERM signal.
[s6-finish] sending all processes the KILL signal and exiting.

 

Troubleshooting so far:

i switched in fritzbox from port 81 to 80 and checked if i can reach my unraid webside per www.ben-home.duckdns.org and it worked.

i redownloaded this docker again and again but im stuck.

 

 

Have you ideas? i realy realy realy would appreciate your help

 

Regards

Bengele

Edited by bengele
Link to comment

Is it possible to have some pages served unsecured with this server?  I tried adding some locations to the listen 80 server, but I don't know if I truly understand how to set it up.  no matter what I try, browsing to the matched uri still redirects to the secure server.
 

server {
	listen 80;
	server_name _;
	
	root /config/publicwww;
	index index.html index.htm index.php;

	location ^~ /public {
		try_files $uri =404;
	}
	
	location / {
		return 301 https://$host$request_uri;
	}
}

Any suggestions on how to tackle this?

Link to comment
51 minutes ago, PaDadof2 said:

I used cyanlabs tutorial to get nginix, duckdns etc to work, but now that I have changed my router to an Ubiquity EdgeRouter X, I am getting my routers homepage instead of Ombi, or Headphones, or any other container.  Any suggestions on what I can do?  I didn't change my routers ip address, I forwarded ports 80/81 and 443.

 

Thanks in advance for any assistance!

 

I don't have experience with ubiquity, but your  setup should not have change because of a router switch, I say you need to investigate the router.

Edited by ijuarez
engrish
Link to comment

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.

Guest
Reply to this topic...

×   Pasted as rich text.   Restore formatting

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.