Jump to content

[Support] IBRACORP - All images and files


Recommended Posts

Posted

Hello.

 

I have an issue with Cachet and Cachet url monitor in regards to metrics. 

I've created a metric that should display the latency of a website and the configuration of the monitor looks like this: 

 

  - name: test
    url: https://example.net
    method: GET
    timeout: 120 # seconds
    expectation:
      - type: HTTP_STATUS
        status_range: 200-205
        incident: MAJOR
      - type: LATENCY
        threshold: 1
        incident: PERFORMANCE
    allowed_fails: 0
    component_id: 16
    metric_id: 2
    action:
      - UPDATE_STATUS
      - CREATE_INCIDENT
      - PUSH_METRICS
    public_incidents: true
    latency_unit: ms
    frequency: 60

 

The metric is connected to the monitor and I can see the data is being pushed into it, however there's a weird behavior in the graph on the status page where if I set my timezone to my local time (Bucharest) or enable the automatic localization to the visitor's timezone, it seems that the data in the graph is being updated at a wrong hour (see screenshot1 which was made at ~16 o'clock).

As a workaround for the 12 hour graph I can switch to a different timezone so that the current data would show on the far right side of the graph but if I switch to the past hour, the graph will only show me the default latency value which is set to 1 currently.

 

Any idea of what is wrong/what am i doing wrong? Your help is greatly appreciated.

 

Please let me know if you need any further information from my side.

Thanks!

 

 

screenshot1.png

Posted (edited)

If you are like me annoyed by "Remember me" not working properly and don’t want to authenticate every day on every device,

just add a path mapping in redis container like this and it should be fixed

Container Path: /bitnami/

Host Path: /mnt/user/appdata/redis/bitnami

 

edit: this path mapping is for bitnami/redis only, other redis container could be different

Edited by KomaCL
  • Like 2
Posted (edited)
8 hours ago, KomaCL said:

If you are annoyed by "Remember me" not working properly like me and have to authenticate every day on every device,

just add a path mapping in redis container like this and it should be fixed

Container Path: /bitnami/

Host Path: /mnt/user/appdata/redis/bitnami

Awesome thanks for the suggestion!

Have updated our docs with this in the FAQ. Thank you.

Edited by Sycotix
  • 2 weeks later...
Posted (edited)

Ok - I have spent the latter part of 2 days trying to implement one single change that seems to make sense....

 

docker create network insertnamehere

then edit a docker to put on that network......

 

Sounds simple right?  nope....... for some reason I get "docker: Error response from daemon: network insertnamehere not found."

 

ummmm... ok.... maybe I missed something:

 

root@GSA:~# docker network create insertnamehere
a414f1fd4REDACTED415e8d330
root@GSA:~# docker network ls
NETWORK ID     NAME              DRIVER    SCOPE
ecREDACTED48   name1redacted     bridge    local
a4REDACTED54   insertnamehere    bridge    local
2eREDACTEDcb   br0               macvlan   local
04REDACTEDb0   bridge            bridge    local
ffREDACTEDa6   host              host      local
7eREDACTED08   none              null      local

 

Nope... doesn't seem like I did.... why wont it work?  Host access is disabled and preserve networks is no

Edited by fmp4m
Posted (edited)

@Sycotix Thanks for great video

Cloudflare CDN: How to Setup + Purchase Domain + NGINX Proxy Manager on Unraid (2021)

i buyed for first time domain but in goddady becose google not avalible in our country

maybe you can explain how to :

A record (mydomain.com) how to point it to dynamic ip adrress ? and unpark from goddady ? 

 

Fixed by clouflare Cname flattering

Edited by Masterwishx
  • 2 weeks later...
Posted (edited)

Cachet url monitor docker is using UCT rather than sticking to the systems (host) timezone so metric are out by X hours.

Anyone know a fix or can the docker be updated?

 

Edit: looks like tzdata isn't in this container, apk update, apk add tzdata, but the code is still adding the timestamp of UTC rather than using the current time (Log however is now logging in the correct time)

even with these changes still couldn't fix it, also tried adding /etc/localtime and timezone, none helped just changed my time to UTC in LOCALIZATION, only way to make the graphs looks right :( (time on the graph is still wrong)

Edited by alboon
Posted
On 8/10/2021 at 10:45 PM, KomaCL said:

If you are like me annoyed by "Remember me" not working properly and don’t want to authenticate every day on every device,

just add a path mapping in redis container like this and it should be fixed

Container Path: /bitnami/

Host Path: /mnt/user/appdata/redis/bitnami

 

edit: this path mapping is for bitnami/redis only, other redis container could be different

I noticed that I if I used the "redis" hostname in my Authelia config things break as well. I do wonder if it's just something with this docker. Thanks for the fix, I was starting to think I was going crazy.

Posted
On 9/17/2021 at 12:49 AM, MrxFantatsicx said:

Downloaded several times and deleted template used app cleaner but every time I redownload i can t open the config yml. Please help!

616039499_2021-09-16(3).thumb.png.16232a832da0086b551676703dfef840.png

 

Don't use notepad++ as sycotix did in his video guide, use the unraid webterminal, won't error out.

/mnt/cache/appdata/Authelia# nano configuration.yml 

  • 2 months later...
Posted

Hi there !

 

First I want to thank  @Sycotix for your great advanced-yet-simple tutorials ! I've been learning so much !

 

I am currently having trouble with the FreeIPA VM tutorial

 

Everything goes well until the IPA server configuration. I can't get my server to authenticate the certificate....

Here's what I get :

# [root@ipa ~]# ipa-server-install --mkhomedir
[...]
Configuring certificate server (pki-tomcatd). Estimated time: 3 minutes
  [1/29]: configuring certificate server instance
Failed to configure CA instance
See the installation logs and the following files/directories for more information:
  /var/log/pki/pki-tomcat
  [error] RuntimeError: CA configuration failed.
CA configuration failed.
The ipa-server-install command failed. See /var/log/ipaserver-install.log for more information

 

Attached is an extract of /var/log/ipaserver-install.log where I can read the following error :

Exception: PKI subsystem 'CA' for instance 'pki-tomcat' already exists!

 

It might come from previous attempts to install IPA server, but maybe that was the cause of the first failure too ?

I've tried to run "ipa-server-install --uninstall" serveral times and "pkidestroy -s CA -i pki-tomcat" but I still get the same error...

 

I thought it could be due to cloudflare argo tunnel.... but even if I switch to an A type DNS with my IP and DMZ to the freeIPA server on my router, it's still the same O_O

 

Btw, Fedora Cockpit works well through a subdomain and argotunnel + swag.

But it shows me 1 service cannot start : Machine Check Exception Logging Daemon. I doubt it is related but just in case, this is the error logs :

mcelog.service: Failed with result 'exit-code'	[systemd]
mcelog.service: Main process exited, code=exited, status=1/FAILURE	[systemd]
CPU is unsupported	[mcelog]
mcelog: ERROR: AMD Processor family 23: mcelog does not support this processor. Please use the edac_mce_amd module instead.	[mcelog]
Started Machine Check Exception Logging Daemon	[systemd]

 

 

Does anyone have an idea where the issue comes from / where should I dig in ? or what should I do ?

Thanks a lot for your advices/thoughts !

 

 

ipa-install.log

Posted

I've been following the videos to set up Nginx Proxy Manager and Authelia.  I can access Overseerr through my subdomain without Authelia.  I can access the Auth portal through my subdomain.  Once I set the config for the Authelia Portal and Overseer I can access the auth portal through the overseerr domain, but as soon as I log in it gets stuck in a loop returning the following error.

 

 

Scheme of target URL http://overseerr.MYDOMAIN.com/ must be secure since cookies are only transported over a secure connection for security reasons

 

I have checked the configs multiple times, and pulled fresh copies from both the Ibracorp site and Github but I continue to see the same error.  Any idea what could cause this, or where to look to begin debugging it?

Posted
8 hours ago, faulty_lamp said:
Scheme of target URL http://overseerr.MYDOMAIN.com/ must be secure since cookies are only transported over a secure connection for security reasons

 

 

I'haven't done it yet so I'm not sure of what I'm saying, but shoudn't it be https ?

 

The doc says (https://ibracorp.io/lets-install-authelia-in-depth-authorization-and-authentication-server/#nginxproxymanagernpm)

NB: For some reason in the current version of NPM as of writing this (v2.2.4) the SSL settings turn off after initial creation. Go back into the SSL
settings of 'auth.example.com' and turn them back on then save again.

 

Have you tried this ?

  • 3 weeks later...
Posted
On 12/8/2021 at 10:14 AM, Kam said:

Hi there !

 

First I want to thank  @Sycotix for your great advanced-yet-simple tutorials ! I've been learning so much !

 

I am currently having trouble with the FreeIPA VM tutorial

 

Everything goes well until the IPA server configuration. I can't get my server to authenticate the certificate....

Here's what I get :

# [root@ipa ~]# ipa-server-install --mkhomedir
[...]
Configuring certificate server (pki-tomcatd). Estimated time: 3 minutes
  [1/29]: configuring certificate server instance
Failed to configure CA instance
See the installation logs and the following files/directories for more information:
  /var/log/pki/pki-tomcat
  [error] RuntimeError: CA configuration failed.
CA configuration failed.
The ipa-server-install command failed. See /var/log/ipaserver-install.log for more information

 

Attached is an extract of /var/log/ipaserver-install.log where I can read the following error :

Exception: PKI subsystem 'CA' for instance 'pki-tomcat' already exists!

 

It might come from previous attempts to install IPA server, but maybe that was the cause of the first failure too ?

I've tried to run "ipa-server-install --uninstall" serveral times and "pkidestroy -s CA -i pki-tomcat" but I still get the same error...

 

I thought it could be due to cloudflare argo tunnel.... but even if I switch to an A type DNS with my IP and DMZ to the freeIPA server on my router, it's still the same O_O

 

Btw, Fedora Cockpit works well through a subdomain and argotunnel + swag.

But it shows me 1 service cannot start : Machine Check Exception Logging Daemon. I doubt it is related but just in case, this is the error logs :

mcelog.service: Failed with result 'exit-code'	[systemd]
mcelog.service: Main process exited, code=exited, status=1/FAILURE	[systemd]
CPU is unsupported	[mcelog]
mcelog: ERROR: AMD Processor family 23: mcelog does not support this processor. Please use the edac_mce_amd module instead.	[mcelog]
Started Machine Check Exception Logging Daemon	[systemd]

 

 

Does anyone have an idea where the issue comes from / where should I dig in ? or what should I do ?

Thanks a lot for your advices/thoughts !

 

 

ipa-install.log 2.27 kB · 0 downloads

Before running the install command, be sure to log into the program and update it.  I had over 200 updates on my new install.  After that, I ran the install with no problems.

Posted
20 hours ago, JoshuaAJones said:

Before running the install command, be sure to log into the program and update it.  I had over 200 updates on my new install.  After that, I ran the install with no problems.

Thanks for the answer.

I'm not at home right now so I'll try later and let you know how it worked.

 

Just to be sure, are you suggesting that I run a ipa-server-update command before I run the ipa-server-install one?

Posted
58 minutes ago, zerolim1t said:

Would you be able to setup a SWAG video and content. Would be great to set it up thank you

We already made the first one on SWAG if you haven't already checked it out. 

 

We'll be making more in future too 🙂

  • 4 weeks later...
Posted

Have been trying to get Authelia setup but encountered this in my logs when trying to start, went back through my config a few times over but cant seem to find where I went wrong, any thoughts?

 

 

Quote

time="2022-01-24T02:19:40-06:00" level=info msg="Authelia v4.33.2 is starting"
time="2022-01-24T02:19:40-06:00" level=info msg="Log severity set to debug"
time="2022-01-24T02:19:40-06:00" level=info msg="Storage schema is being checked for updates"
time="2022-01-24T02:19:40-06:00" level=info msg="Storage schema is already up to date"
time="2022-01-24T02:19:40-06:00" level=debug msg="Notifier SMTP client attempting connection to smtp.gmail.com:587"
time="2022-01-24T02:19:41-06:00" level=debug msg="Notifier SMTP client connected successfully"
time="2022-01-24T02:19:41-06:00" level=debug msg="Notifier SMTP server supports STARTTLS (disableVerifyCert: false, ServerName: smtp.gmail.com), attempting"
time="2022-01-24T02:19:41-06:00" level=debug msg="Notifier SMTP STARTTLS completed without error"
time="2022-01-24T02:19:41-06:00" level=debug msg="Notifier SMTP server supports authentication with the following mechanisms: LOGIN PLAIN XOAUTH2 PLAIN-CLIENTTOKEN OAUTHBEARER XOAUTH"
time="2022-01-24T02:19:41-06:00" level=debug msg="Notifier SMTP client attempting AUTH PLAIN with server"
time="2022-01-24T02:19:41-06:00" level=debug msg="Notifier SMTP client authenticated successfully with the server"
time="2022-01-24T02:19:41-06:00" level=fatal msg="Error initializing listener: listen tcp 192.168.1.12:9091: bind: cannot assign requested address" stack="github.com/authelia/authelia/v4/internal/server/server.go:183 Start\ngithub.com/authelia/authelia/v4/internal/commands/root.go:79 cmdRootRun\ngithub.com/spf13/[email protected]/command.go:860 (*Command).execute\ngithub.com/spf13/[email protected]/command.go:974 (*Command).ExecuteC\ngithub.com/spf13/[email protected]/command.go:902 (*Command).Execute\ngithub.com/authelia/authelia/v4/cmd/authelia/main.go:10 main\nruntime/proc.go:255 main\nruntime/asm_amd64.s:1581 goexit"

 

  • 2 weeks later...
Posted
12 hours ago, Bruceflix said:

Mine works.  Using qbitorrent 4.4.0.  After I log in through authelia i get an unauthorized error but on refresh it goes to qbitorrent login.

I also get "Unauthorized" but refreshing doesn't help. Accessing qbittorrent through the Unraid webui (i.e. through 192.168.x.x) works.

Posted (edited)

Hey, I've got Autheia up and running with a bit of swearing over the config file, but I got there in the end.

I have an access control list set up so internal network connections do not need to authenticate, and external do, it all works beautifully!

Until I try to switch from one_factor to two _factor

When I log in and authenticate I am presented with the the one time password splash screen and am invited to register my first device, but I can't do so as when I click on the link I get a 

Quote

there was a problem initiating the registration process

 

Checking the logs its trying to connect to 

 

/api/secondfactor/totp/identity/start

 

Is there something I have forgotten to install?

Edited by Camnomis
Posted

Secondly

 

What would I do for these entries in the Endpoint Config for a service I am using which is not containerised?

 

set $upstream_CONTAINERNAME $forward_scheme://$server:$port;
proxy_pass $upstream_CONTAINERNAME;

 

Posted
15 minutes ago, Camnomis said:

Secondly

 

What would I do for these entries in the Endpoint Config for a service I am using which is not containerised?

 

set $upstream_CONTAINERNAME $forward_scheme://$server:$port;
proxy_pass $upstream_CONTAINERNAME;

 

$upstream_CONTAINERNAME is just an arbitrary name here: you could call it $upstream_whatever. It's just set to the IP and port from the NPM config you filled in for this proxy host.

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.

Guest
Reply to this topic...

×   Pasted as rich text.   Restore formatting

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
×
  • Create New...