bcjenkins

Members
  • Content count

    20
  • Joined

  • Last visited

Community Reputation

2 Neutral

About bcjenkins

  • Rank
    Member
  1. cant change http port of unraid

    Did you try changing it in the web interface? It's in settings -> identification
  2. I am not sure if this has worked prior, but my javascript console is littered with I am accessing the server via IPv6 and using a custom SSL cert as described in There are no such errors in Firefox.
  3. Script to restart docker service

    /etc/rc.d/rc.docker ? usage /etc/rc.d/rc.docker start|stop|restart|status
  4. The following are ramblings of my journey to get a custom SSL cert for any number of hosts which I run in Docker containers or unRAID itself. This was done in unRAID 6.4 which is required due to features provided in unRAID. In my environment, I am leveraging IPv6 addresses for unRAID and Docker containers to provide a publicly routable address for all instances allowing for direct communication from clients without a need for proxying or NATing. To generate the SSL certs, I am using the acme.sh script which runs on unRAID without issue, and I am leveraging the LetsEncrypt DNS api to provide a cert so that communication with the server from LetsEncrypt is not needed. I created a share specifically for certs, and restricted it to local access only. In my use, I am hosting my DNS at Cloudflare and leveraging their API to create the necessary challenge records; all of which is built in to the acme.sh project. There are many DNS providers which are supported, and you can also use direct access as needed. So far, I have created a custom cert for unRAID and for Plex. The acme.sh script will create an individual cert directory for each cert. This allows you to restrict the container access to the cert which is applicable. I will be working on a script specific to LetsEncrypt and Cloudflare which will monitor IP address changes for hosts, and perform cert issuance and renewals. The following is the gist of what I used to get things running manually. It is performed from the cli of the unRAID server. You will need to replace ${variables} with the actual names or export them before running the command. # Show the IPv6 address of the unRAID server ifconfig # Show the IPv6 address of the Docker container docker inspect --format='{{range .NetworkSettings.Networks}}{{.GlobalIPv6Address}}{{end}}' ${dockaerContainerName} # Create the share in the unRAID panel # Create the directory structure for the acme.sh mkdir -p /mnt/user/${shareName}/acme/dnsapi # Obtain the acme.sh script and perform the install curl -s https://raw.githubusercontent.com/Neilpang/acme.sh/master/acme.sh > /mnt/user/${shareName}/acme.sh chmod +x /mnt/user/${shareName}/acme.sh /mnt/user/${shareName}/acme.sh --install --accountemail "${LetsEncryptEmail}" --home /mnt/user/${shareName}/acme # Download the Cloudflare DNS api script and make executable curl -s https://raw.githubusercontent.com/Neilpang/acme.sh/master/dnsapi/dns_cf.sh > /mnt/user/${shareName}/acme/dnsapi/dns_cf.sh chmod +x /mnt/user/${shareName}/acme/dnsapi/dns_cf.sh # Per usage instruction for Cloudflare api in the acme.sh: set the CF API key and email variables export CF_Key="${yourKey}" export CF_Email="${CloudflareEmail}" At this point you're ready to begin issuing certs. I'll provide an example for the unRAID server and Plex container. Prior to this, you will want to create AAAA records in the Cloudflare DNS panel. # Issue a cert for unRAID /mnt/user/${shareName}/acme/acme.sh --home /mnt/user/${shareName}/acme --issue --dns dns_cf --ecc -d ${yourFQDN} --keylength ec-256 # Backup existing cert mv /boot/config/ssl/certs/${certName}.pem /boot/config/ssl/certs/${certName}.bak # Create new cert using same name cat /mnt/user/${shareName}/acme/${yourFQDN}_ecc/fullchain.cer /mnt/user/${shareName}/acme/${yourFQDN}_ecc/${yourFQDN}.key > /boot/config/ssl/certs/${certName}.pem # Reload nginx /etc/rc.d/rc.nginx reload # Issue a cert for Plex - Plex didn't seem to support ecc certs in my testing. /mnt/user/${shareName}/acme/acme.sh --home /mnt/user/${shareName}/acme --issue --dns dns_cf -d ${yourFQDN} --keylength 2048 # Convert the cert to PKCS /mnt/user/${shareName}/acme/acme.sh --home /mnt/user/${shareName}/acme --toPkcs -d ${yourFQDN} --password ${certEncPass} # Configure your Docker container to add a path for the certs. # Configure the SSL cert settings in the Plex Netowrk Settings # Restart the container docker restart ${dockaerContainerName}
  5. Script to restart docker service

    It's pretty easy - docker restart ${dockerName}
  6. How to Enable IPv6 in Dockers [Solved]

    I am an idiot. Ping is not available in the container, and I didn't see the IPv6 in the /etc/hosts file. I could not ping the IPv6 from the unRAID, but just discovered I could from my Mac and can also hit the webpage for the container on my Mac using the IPv6 address. I don't know why the unRAID server can't communicate, but I don't care. I won't be interacting with this container from the server. Thanks for the replies. I should also add that the changes in Docker in 6.4.0-rc14 seemed to have resolved my lockups with containers and using br0. I haven't had a crash in over a week with them reenabled.
  7. How to Enable IPv6 in Dockers [Solved]

    I changed them in the post because they are publicly routable and I wished to obfuscate them. They are valid in the output.
  8. How to Enable IPv6 in Dockers [Solved]

    It does - IPv6 changed on purpose.
  9. Hi all, I am using 6.4.0-rc14. I am hoping someone can share how to enable IPv6 in a Docker using the br0 interface. I have a few dockers running and none of them seem to have IPv6 addresses or support DHCPv6. I wasn't able to find this information in my searches. Additional info - docker network inspect br0 shows an IPv6 address assigned to the container. If I exec into the Docker images, I do not see the IPv6 info in /etc/hosts.
  10. unRAID OS version 6.4.0-rc13 available

    I remade the drive in the utility and all is well.
  11. unRAID OS version 6.4.0-rc13 available

    Anyone else using EFI having an issue with this update? The flash drive went unrecognizable in the system. I can read it on my computer.
  12. unRAID OS version 6.4.0-rc11i available

    I am using the EFI boot and when applying this update the EFI files did not get updated ls -l /boot/EFI/boot total 656 -rwxrwxrwx 1 root root 199952 Oct 27 09:26 bootx64.efi* -rwxrwxrwx 1 root root 139968 Oct 27 09:26 ldlinux.e64* -rwxrwxrwx 1 root root 201680 Oct 27 09:26 libcom32.c32* -rwxrwxrwx 1 root root 24480 Oct 27 09:26 libutil.c32* -rwxrwxrwx 1 root root 12752 Oct 27 09:26 mboot.c32* -rwxrwxrwx 1 root root 31760 Oct 27 09:26 menu.c32* -rwxrwxrwx 1 root root 32 Oct 27 09:26 syslinux.cfg* The files from the update all have a Nov 14 date on them.
  13. You should log in and tail the syslog as per the instructions in the first post of this thread. In my case, I was locking up with bridge mode enabled for a docker. I have disabled it and haven't crashed since.
  14. I don’t use Ryzen. This is an Intel i7
  15. I went 30 days without a crash running on RC9, updated to 10, waited a few days and then turned on bridging for one of my dockers (plex) instead of host mode. It ran for about a day, then crashed shortly after applying an update to the docker this morning. Earlier in the beta I had been running bridge mode on all of Dockers and would crash constantly. I have disabled this mode again and will advise if another crash occurs. I hope this helps.

Copyright © 2005-2017 Lime Technology, Inc. unRAID® is a registered trademark of Lime Technology, Inc.