Xan_Nava Posted March 12, 2020 Share Posted March 12, 2020 Hi I just want a nice dual authentication for the webui(something like aws has) as like a plugin or docker. I can't find anything from what I know(limited vocabulary on server management so might not know what to look for). If this isn't possible, is there a way to have like a vpn on a raspberry pi that has it so I just make a connected session then tunnel through the pi to the server resources? Main reason I am asking is I host minecraft servers from home, and want to be able to log into my unraid when I am away(not with ssh because command line sucks). Quote Link to comment
testdasi Posted March 12, 2020 Share Posted March 12, 2020 If you are after having an additional user on top of root to login to the webgui then it's not possible. There's only 1 user to login the GUI. If you are after ways to access your server remotely then VPN is the solution to go. There's Wireguard integrated in Unraid or you can install OpenVPN plugin. You should not expose your server directly to the Internet. Unraid is not hardened for that. Quote Link to comment
Xan_Nava Posted March 13, 2020 Author Share Posted March 13, 2020 (edited) Yeah that is what I have been reading. Which luckily OpenVPN has google authentication built into it(which is what I use on aws). Though now I need to figure out how to have unraid be undiscoverable by other computers on the same network, as so a local pc has to use the vpn encase it gets hacked. Edit: Yeah looks like I will be going with a managed switch to make vlans, which UniFi Dream Machine seems to also have security built in so looking into that. Edited March 13, 2020 by Xan_Nava Quote Link to comment
Snubbers Posted March 24, 2020 Share Posted March 24, 2020 Wireguard works well for me as well, just installed on my IOS/Android devices and access locally. However, I've also temporarily setup external access another way with dual authentication using the NGINX proxy manager docker.. Quite setup guide (and please tell me if I'm being stupid about security) Just to expose unRAID - Port fordwarded Ext 80 -> Server IP - Port 180 on the router - Same for Ext 443 -> Server IP - Port 1443 - NGinx proxy manager docker set with ports 180/1443 for HTTP/HTTPS - I am using a subdomain (1and1 will register a cheap domain and give you 1 free wildcard SSL! which si perfect) - I've installed the 1and1 cert in NGinx Proxy Manager - Setup a user list in the proxy manager - Set a proxy host in the Proxy Manager with the subdomain.mydomain.com pointing to serverIP:443 and selected the user list for authentication, and SSL Cert. - Configured unRAID for SSL and put my domain wildcard cert in the Flash:\\config\SSL folder as instructed When I then try the subdomain.domain.com address externally I am greeted with a basic authentication dialog from NGINX, once past that, I'm at the unRAID UI via SSL and have to login to that.. I find this more convenient in work where I don't want to install a VPN Client just to check my server for 30 seconds.. I originally did this for Krusader as that was http only, so this way it's SSL with basic authentication provided by NGINX.. 1 Quote Link to comment
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.