Yivey_unraid Posted April 11, 2020 Share Posted April 11, 2020 Hi! Thank you for an easy to set-up app. Works a treat to connect my iOS devices to the unraid server shares with apps like Files and VLC. I've encountered a problem though. When using a web browser on my iPhone and trying to open the unraid web UI with the ZeroTier ip adress I can't get past the login screen. It doesn't matter what user I try, It only comes back as invalid. Any idea what's causing this? It would be nice to remote access the server UI as well as just the shares. Quote Link to comment
strike Posted April 11, 2020 Share Posted April 11, 2020 8 hours ago, kim_sv said: It doesn't matter what user I try, It only comes back as invalid. There is only one user that will work and that is the root user/pw. Anything else will fail. Quote Link to comment
Yivey_unraid Posted April 11, 2020 Share Posted April 11, 2020 1 hour ago, strike said: There is only one user that will work and that is the root user/pw. Anything else will fail. OK, but root didn't work either?! Quote Link to comment
strike Posted April 11, 2020 Share Posted April 11, 2020 35 minutes ago, kim_sv said: OK, but root didn't work either?! Can you log into the webui from a web browser locally with root, or ssh into the server ok? If not, you should maybe google how to reset your root password. Can't remember the specifics right now. Quote Link to comment
Yivey_unraid Posted April 12, 2020 Share Posted April 12, 2020 18 hours ago, strike said: Can you log into the webui from a web browser locally with root, or ssh into the server ok? If not, you should maybe google how to reset your root password. Can't remember the specifics right now. Yes, no problem logging in as root to webUI. Just realized that its not possible to login to the webUI with other user than root. But still couldn't login to webUI using root in iOS safari over ZeroTier. Quote Link to comment
Yivey_unraid Posted April 12, 2020 Share Posted April 12, 2020 OK now I got it to work. When I disabled the SwiftKey keyboard on the iPhone and used the built in it worked. Weird! Quote Link to comment
strike Posted April 12, 2020 Share Posted April 12, 2020 Just now, kim_sv said: Weird! Indeed Quote Link to comment
Asmithcveg Posted April 27, 2020 Share Posted April 27, 2020 I am having issues with this container. Specifically, it refuses to start. I have gone through this support thread, but it doesn't look like anyone else is having this issue. According to the log, "FATAL: cannot start ZeroTier One in container: /dev/net/tun not present." is displayed whenever the Zerotier container is started. Quote Link to comment
Dmitry Spikhalskiy Posted April 27, 2020 Author Share Posted April 27, 2020 1 hour ago, Asmithcveg said: I am having issues with this container. Specifically, it refuses to start. I have gone through this support thread, but it doesn't look like anyone else is having this issue. According to the log, "FATAL: cannot start ZeroTier One in container: /dev/net/tun not present." is displayed whenever the Zerotier container is started. Did you install the container from CA? Do you run the container with "Privileged: ON"? Quote Link to comment
Asmithcveg Posted April 27, 2020 Share Posted April 27, 2020 (edited) 19 minutes ago, Dmitry Spikhalskiy said: Did you install the container from CA? Do you run the container with "Privileged: ON"? Yup! Installed it straight from community apps, and it is set to run with privileges. Edit: I should also point out that no files, data, etc. is present within the appdata folder for this container. Edited April 27, 2020 by Asmithcveg Quote Link to comment
Dmitry Spikhalskiy Posted April 27, 2020 Author Share Posted April 27, 2020 (edited) 33 minutes ago, Asmithcveg said: Yup! Installed it straight from community apps, and it is set to run with privileges. Edit: I should also point out that no files, data, etc. is present within the appdata folder for this container. > Edit: I should also point out that no files, data, etc. is present within the appdata folder for this container. This is ok, Zerotier can't start to put anything there yet. > Yup! Installed it straight from community apps, and it is set to run with privileges. No idea in that case for now. https://zerotier.atlassian.net/wiki/spaces/SD/pages/7536656/Running+ZeroTier+in+a+Docker+Container Here is Zerotier explanation about /dev/net/tun and what should be done to have an access to it. I pass required parameters "--device=/dev/net/tun --cap-add=NET_ADMIN --cap-add=SYS_ADMIN" here in the configuration of the container published in CA: https://github.com/Spikhalskiy/docker-templates/blob/master/zerotier.xml#L40 And usage of these parameters is allowed by Privileged: ON. You will have to debug your own configuration I afraid, because the problem is probably local to your setup and probably your kernel configuration. What does ls -la /dev/net/tun say if you run it in the server terminal? Edited April 27, 2020 by Dmitry Spikhalskiy Quote Link to comment
Asmithcveg Posted April 27, 2020 Share Posted April 27, 2020 (edited) That's what I figured sadly. The terminal returns "ls: cannot access '/dev/net/tun': No such file or directory" Edit: I noticed I was still on version 6.8.2. I have now updated to 6.8.3 and the terminal command now returns "crw-rw-rw- 1 root root 10, 200 Apr 27 12:06 /dev/net/tun". I will see if the container works properly now. Edit 2: Everything is working fine now. Thanks for your prompt response to my inquiry! Edited April 27, 2020 by Asmithcveg Quote Link to comment
Dmitry Spikhalskiy Posted April 27, 2020 Author Share Posted April 27, 2020 (edited) 21 minutes ago, Asmithcveg said: That's what I figured sadly. The terminal returns "ls: cannot access '/dev/net/tun': No such file or directory" So, you probably want to switch the discussion into Unraid main support threads, because it's a problem with your Unraid linux kernel configuration most likely. Unraid should have this device mounted by default. Some reference that could help: https://unix.stackexchange.com/questions/501403/tun-module-loaded-but-openvpn-dev-net-tun-no-such-file-or-directory I would examine: grep CONFIG_DEVTMPFS /usr/src/<whatever you have here>/.config and ensure that it's CONFIG_DEVTMPFS=y CONFIG_DEVTMPFS_MOUNT=y (DEVTMPFS should auto-mount devices like /dev/net/tun) Also I would at least try to do rmmod tun modprobe tun to try to reload the module. I think that the output of these commands could be useful for the Unraid support thread anyway. Edited April 27, 2020 by Dmitry Spikhalskiy Quote Link to comment
Aussybob Posted May 24, 2020 Share Posted May 24, 2020 (edited) @Dmitry SpikhalskiyI just installed the app and entered the network ID but its not showing up on the zerotier network.. I have setup some PCs and they are working fine. Running in preveliged mode and tried both host and bridge network.. Any ideas? Edit. Nevermind got it working by creating a new network- wierd! Edited May 25, 2020 by Aussybob Quote Link to comment
tillkrueger Posted May 31, 2020 Share Posted May 31, 2020 (edited) Thanks for this fantastic Docker, Dmitry! I do have some questions, though. My unRAID server is hosted at a friend's web agency here in Berlin, and is behind their firewall, accessible only by means of a VPN account they set up for me. It all works well for managing the server via its webUI, but to fully integrate my server into my network to be able to copy files to and from it, it hasn't been ideal. When I first installed and configured your zerotier Docker a few years ago, everything worked like a charm, and my heart skipped a beat from happiness when I saw my unRAID server pop up in my Finder's Network on macOS. Then, one day, I couldn't see my unRAID in my network anymore and after spending a few days trying to check all of the parameters, without finding the culprit, I gave up and disabled the Docker. Now that I have to travel a lot again, I am trying to get back to that glorious point, and have managed to get all my relevant computers (my iMac5K, MBP-2018, and unRAID) recognized as ONLINE in my.zerotier.com, but I can *not* see unRAID in my Finder's Network. Shouldn't it be visible there if everything is configured correctly? Once I leave my home-studio and work elsewhere, should all the computers I have configured at my.zerotier.com still appear in my Finder's Network? In order to log into my unRAID's webUI, should I be able to do so via zerotier alone, or will the company VPN still be necessary to do so? I'd really like to get back to the point of seeing my unRAID server and the iMac at my studio in my Finder's Network, like they did for a short while back then. Wonder what happened, and how to fix it. Any thoughts/advice from you and/or the community would be greatly appreciated. Thanks again for all that you do! Edited May 31, 2020 by tillkrueger syntax corrections Quote Link to comment
durdenesque Posted June 20, 2020 Share Posted June 20, 2020 On 8/10/2018 at 3:02 PM, Dmitry Spikhalskiy said: Hmmm. //tower works in your local network not because of a central DNS server. https://www.systutorials.com/docs/linux/man/8-avahi-daemon/ The same avahi-daemon should announce your unRaid name in Zerotier network too. At least, I can access unRaid in Zerotier network using the same name I use in my local network. Maybe try to add ".local" to your domain name. I use "<servername>.local" for both local and Zerotier network as a domain. This docker is great! I’m able to access my Unraid box at <servername>.local when I’m at home but not when on a different network. Is there some setting I need to adjust in the Docker to make this work through ZT? Quote Link to comment
technorati Posted July 31, 2020 Share Posted July 31, 2020 This used to be working for me, but recently stopped. I now see it stuck forever in REQUESTING_CONFIGURATION. Obviously something has changed, but I cannot for the life of me determine WHAT, and I don't know where to go next to debug. / # zerotier-cli info 200 info ca96d2e10c 1.4.6 OFFLINE / # zerotier-cli listnetworks 200 listnetworks <nwid> <name> <mac> <status> <type> <dev> <ZT assigned ips> 200 listnetworks 8056c2e21c000001 02:ca:96:ce:03:ce REQUESTING_CONFIGURATION PRIVATE ztmjfmfyq5 - / # zerotier-cli listpeers 200 listpeers <ztaddr> <path> <latency> <version> <role> 200 listpeers 34e0a5e174 - -1 - PLANET 200 listpeers 3a46f1bf30 - -1 - PLANET 200 listpeers 992fcf1db7 - -1 - PLANET 200 listpeers de8950a8b2 - -1 - PLANET Quote Link to comment
nuwa Posted September 5, 2020 Share Posted September 5, 2020 Hello! Just a noob 2 cents here. after many hours spent trying to config openvpn and vpn from my netgear I can easily say this is the most user friendly solution. thanks a lot for your work, I'll happily donate to your project. thanks a lot, you made my life easy, keep up the excellent work Quote Link to comment
cherrybullet Posted September 12, 2020 Share Posted September 12, 2020 Has anyone had issues with using this with time machine on a mac? Time Machine is able to see the smb drive, and I'm able to select it to use it, but it's not able to sync. Well... after several retries and days, it was able to write 26 MB to it, out of 200 GB. I was able to sync to Time Machine before without using zerotier if I was on the same network as unraid. I also connected an external hard drive to my computer and it Time Machine was able to use and fully backup within a few hours. Any ideas? Quote Link to comment
rmp5s Posted September 12, 2020 Share Posted September 12, 2020 I have 2 unRAID servers and I installed ZeroTier Dockers on both of them. One of them, I can reach via LAN IP and ZT IP, one of them, I can only reach via ZT IP. I'm kinda confused...lol Anyone else have any experience with ZT? I checked the networks settings and it all looks the same between the two. Not sure what's going on... Quote Link to comment
rmp5s Posted September 12, 2020 Share Posted September 12, 2020 (edited) Couldn't get into my one server so I shut down its ZT Docker. Boom, can get back in via LAN IP. No problem. But I noticed that, once I did that, the one that I COULD get into via both only let me in through the ZT IP. Had to kill the ZT docker on that one, too. I think this is a ZT config issue...and I think I know what it is. I had the managed routes setup as "LAN.IP/24 via ZT.IP" for all my ZT hosts. I was thinking that I'd have to go in and do "LAN.IP via ZT.IP" but it won't let me do that. So now I'm kinda back to square one... Edited September 12, 2020 by rmp5s Quote Link to comment
cherrybullet Posted October 9, 2020 Share Posted October 9, 2020 how could I install this on the host server? as in not in a docker container, but on the machine running unraid? if I have to turn off docker, or take the array offline, this zerotier docker will be turned off and I won't be able to access the server remotely. Quote Link to comment
mgutt Posted October 9, 2020 Share Posted October 9, 2020 @Dmitry Spikhalskiy Do you know why /mnt/user/appdata/zerotier/zerotier-one/networks.d/*.conf is updated every minute? This totally hinders disk spindown / sleep states. I compared the recent file version with one that is 3 minutes old and the content is different. But what is so important that it needs to be updated every minute? Or this is an issue which I should post at ZeroTier's GitHub Page? Quote Link to comment
tapodufeu Posted November 15, 2020 Share Posted November 15, 2020 I am trying to setup a lan to lan access. But it constantly fails and I am running out of solution. I have 2 unraid servers with docker zerotier installed. Zerotier is working correctly. All peers can connect to other peers. In this network, I have 3 peers, 2 servers and my laptop with zerotier installed. Then I have dozen of computers, routers, NAS and printers on each LAN. Each server is in a private LAN. 10.10.20.x and 10.10.10.x 10.10.20.10 is the server running docker in the LAN 10.10.20.x 10.10.10.10 is the server running docker in the LAN 10.10.10.x My laptop is also in 10.10.10.x (the weekend) or 10.10.20.x (during the week). And sometimes during the week connected on external network (cell phone or private wifi). My problem is that I can only connect to servers, and not to peers in LAN. On both servers I have enable ip forwarding and update iptables as following: PHY_IFACE=eth0; ZT_IFACE=ztmjfbsomh iptables -t nat -A POSTROUTING -o $PHY_IFACE -j MASQUERADE iptables -A FORWARD -i $PHY_IFACE -o $ZT_IFACE -j ACCEPT iptables -A FORWARD -i $ZT_IFACE -o $PHY_IFACE -j ACCEPT the ZT_IFACE is the name of my net adaptator. and it is the same name on the 2 servers. for example, when I try to ping my WAN router of the LAN 10.10.20.1 : failed from 10.10.10.10 failed from 10.10.10.160 works from 10.10.20.10 (of course, in the same LAN, no zerotier) when I ping the zeroteir server of the LAN 10.10.20.1: works from 10.10.10.10 works from 10.10.10.160 so both servers are inter connected succesfully on zerotier network. And from my laptop I can access succesfully unraid http interfaces. only LAN access is not working. ZeroTier works well to interconnect peers having zeortier running on. What do I miss ? Zerotier dockers are running on host network. please help. Quote Link to comment
Ford Prefect Posted November 15, 2020 Share Posted November 15, 2020 Not sure why you enabled NAT on eth0 of your server, when there is already an WAN Gateway (that should do that). ...for site-2-site routing, you need to add corresponding routes to either side, not just enabling/unblocking the firewall between interface. For all LAN-clients to do use this, this setup configuration should be done on the main gateway of each LAN, aka the WAN router. Each client will use their default gateway to address traffic outside their own network, which is the WAN router (or whatever is configured via DHCP anyway). So, like you did in zerotier-central configuration, add a corresponding route on each side. You'll need two routes. enable the route to your network in zerotier central (192.168.191.0/24 with gw 10.10.10.10 (and 10.10.20.10 on the other LAN) enable the route from 10.10.20.0/24 to 10.10.10.0/24: add route to 10.10.10.0/24 with gw 192.168.192.x where x is the IP of your zt interface on 10.10.20.10)...do likewise on the other side/server. ...and allowing to pass traffic for "inside-LANs" though the WAN-routers Firewall (no nat), like you did on the unraid servers (there, you do not need/want this ). But since you enabled NAT on eth0 of your servers, maybe they are the WAN interfaces in your network? Quote Link to comment
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.