March 12, 20206 yr Hi I just want a nice dual authentication for the webui(something like aws has) as like a plugin or docker. I can't find anything from what I know(limited vocabulary on server management so might not know what to look for). If this isn't possible, is there a way to have like a vpn on a raspberry pi that has it so I just make a connected session then tunnel through the pi to the server resources? Main reason I am asking is I host minecraft servers from home, and want to be able to log into my unraid when I am away(not with ssh because command line sucks).
March 12, 20206 yr If you are after having an additional user on top of root to login to the webgui then it's not possible. There's only 1 user to login the GUI. If you are after ways to access your server remotely then VPN is the solution to go. There's Wireguard integrated in Unraid or you can install OpenVPN plugin. You should not expose your server directly to the Internet. Unraid is not hardened for that.
March 13, 20206 yr Author Yeah that is what I have been reading. Which luckily OpenVPN has google authentication built into it(which is what I use on aws). Though now I need to figure out how to have unraid be undiscoverable by other computers on the same network, as so a local pc has to use the vpn encase it gets hacked. Edit: Yeah looks like I will be going with a managed switch to make vlans, which UniFi Dream Machine seems to also have security built in so looking into that. Edited March 13, 20206 yr by Xan_Nava
March 24, 20206 yr Wireguard works well for me as well, just installed on my IOS/Android devices and access locally. However, I've also temporarily setup external access another way with dual authentication using the NGINX proxy manager docker.. Quite setup guide (and please tell me if I'm being stupid about security) Just to expose unRAID - Port fordwarded Ext 80 -> Server IP - Port 180 on the router - Same for Ext 443 -> Server IP - Port 1443 - NGinx proxy manager docker set with ports 180/1443 for HTTP/HTTPS - I am using a subdomain (1and1 will register a cheap domain and give you 1 free wildcard SSL! which si perfect) - I've installed the 1and1 cert in NGinx Proxy Manager - Setup a user list in the proxy manager - Set a proxy host in the Proxy Manager with the subdomain.mydomain.com pointing to serverIP:443 and selected the user list for authentication, and SSL Cert. - Configured unRAID for SSL and put my domain wildcard cert in the Flash:\\config\SSL folder as instructed When I then try the subdomain.domain.com address externally I am greeted with a basic authentication dialog from NGINX, once past that, I'm at the unRAID UI via SSL and have to login to that.. I find this more convenient in work where I don't want to install a VPN Client just to check my server for 30 seconds.. I originally did this for Krusader as that was http only, so this way it's SSL with basic authentication provided by NGINX..
Archived
This topic is now archived and is closed to further replies.