Beiträge von luxflow

1. should enable both docker and docker-test repo

2. do not change docker base currently
there is bug (omv3 only)

Zitat von ryecoaaron

Why not put it in the zfs testing repo?

unfortunately small patch is needed for omv core to work properly zfs plugin
I made PR for omv core but I'm not sure it will be accepted

I ported omv-zfs to OMV 3.0.26
it is tough than I think

it is not released in omv-extras, it is in beta stage
I need your help for testing

https://github.com/OpenMediaVa…leases/tag/PRERELEASE-RC2

Special Thanks
@nicjo814 helped testing and developing !

I found what's wrong
just
apt-get install omvextras-common

Zitat von razorslinky

omv ~ # dpkg -l | grep omvextrasii openmediavault-omvextrasorg 3.3.8 all OMV-Extras.org Package Repositories for OpenMediaVault

I also upgraded from 3.0.13 to 3.0.26 so I'm not sure if something got messed up during the upgrade.

If I uninstall the Docker plugin I can login just fine.

can you post what plugins you uses using `dpkg -l | grep openm` so I can reproduce issue ?

I Ported Docker GUI to OMV 3.0.26 (I'm not original author of plugin)
I tested but didn't test very much
So there is chance bugs exists

install openmediavault-docker-gui(3.1.0) in docker-testing repo (enable docker repo also)

Special Thanks
@subzero79 help testing and fixing some bugs (version info, folder browser)

Zitat von tinh_x7

I'm trying to renew my cert a little earlier before the expiration date, but I encountered the "The Configuration object is in use."
Is there a work around for this?

it seems it is desired behavior rather than bug
to renew domain, add additional subdomain,
just press `run` `omv-letsencrypt` in Schedule jobs tab

30 days before expire I think

it is obvious bug
will be fixed when I have free time or other dev

====
it is not bug
see below

Zitat von Bambuleee

I want to use the cert for web ui and emby.
OMV webui is working fine, but how can I use it fpr the emby webui?
Can I choose the same cert-file like omv is using? (because of the renewal, I want to use the same one)
If I can do it this way, where is it located in the filesystem?

you can't automatically because omv-emby doesn't support it (I'm not sure omv-emby plugins will support it)
but you can manually apply ssl

you have two options for emby (other plugins is also simmilar)

1. use app specific ssl option
emby/manage server/advanced/custom cerficates path
in case emby, emby uses pfx format, but letsencrypt provide pem
you need to convert it from pem to pfx and change permission so user emby can read

your cert is located in /etc/letsencrypt/live which is renewed automatically

(maybe using cron?)

2. setup reverse proxy for emby (recommend)
put it /etc/nginx/sites-enabled/emby
change text inside `<>` accoring to your environment

add this line to /etc/default/openmediavault
OMV_NGINX_SITE_WEBGUI_SERVERNAME="<your domain for omv webui like webui.example.org>"

server {
        server_name <domain.example.org>;
        listen 80;


        rewrite ^ https://<domain.example.org>$request_uri? permanent;
}


server {
        server_name <domain.example.org>;
        listen 443 ssl spdy;


        ssl_certificate                 /etc/letsencrypt/live/<your domain>/fullchain.pem;
        ssl_certificate_key             /etc/letsencrypt/live/<your domain>/privkey.pem;
        ssl_prefer_server_ciphers       On;
        ssl_protocols                   TLSv1 TLSv1.1 TLSv1.2;
        ssl_ciphers                     'AES256+EECDH:AES256+EDH:!aNULL';
        resolver                        8.8.8.8 8.8.4.4 valid=300s;
        resolver_timeout                5s;
        keepalive_timeout               180;


        # This is for strict transport security HSTS
        # add_header                    Strict-Transport-Security max-age=31536000;


        client_max_body_size 1024M;


        location / {
                # Send traffic to the backend
                proxy_pass http://127.0.0.1:8096;
                proxy_set_header X-Real-IP $remote_addr;
                proxy_set_header X-Forwarded-for $proxy_add_x_forwarded_for;
                proxy_set_header Host $host;
                proxy_set_header X-Forwarded-Proto $remote_addr;
                proxy_set_header X-Forwarded-Protocol $scheme;
                proxy_redirect off;


                # Send websocket data to the backend aswell
                proxy_http_version 1.1;
                proxy_set_header Upgrade $http_upgrade;
                proxy_set_header Connection "upgrade";
        }
}

sorry for late answer,
subzero79 explains well thanks.
and thanks for mnui for letting me know options `defaults,allow_other` missing
I should have to submit patch for that problem

back to the problem
did you check your permission, mnui?
check thread subzero79 wrote
since mergerfs is not raid you don't need to empty before merging

I tested, I can see my shares in samba (OMV 3.0.31, omv-ufs 3.1.4)

IMHO, most of usb is not good at lifetime as SSD
but these day, pro class USBs seem same as SSD
(for example sandisk extreme, Mushikin Ventura, Corsair Flash Voyager GTX)
actually they use same nand and controller which SSD use
they are also recognized as local disk not removable disk (also support S.M.A.R.T,
but unfortunately TRIM support is not)
costs is same as SSD

I'm currently on SSD 32GB for OMV OS
but I would prefer USB install since it saves one sata and space

so, it would be perfectly fine installing OMV here without modification

currently, it is not working on OMV > 3.013
workaround for this is

cat <<'EOF' > /var/www/webdav/app/WebDAV/Auth/Openmediavault.php
<?php


/**
 * Copyright (C) 2015 OpenMediaVault Plugin Developers.
 *
 * This program is free software: you can redistribute it and/or modify
 * it under the terms of the GNU General Public License as published by
 * the Free Software Foundation, either version 3 of the License, or
 * (at your option) any later version.
 *
 * This program is distributed in the hope that it will be useful,
 * but WITHOUT ANY WARRANTY; without even the implied warranty of
 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
 * GNU General Public License for more details.
 *
 * You should have received a copy of the GNU General Public License
 * along with this program. If not, see <http://www.gnu.org/licenses/>.
 */


namespace OmvExtras\WebDAV\Auth;


use OMV\Rpc\Rpc;
use Sabre\DAV\Auth\Backend\AbstractBasic;


/**
 * HTTP Basic authentication backend that integrates with OpenMediaVault.
 */
class Openmediavault extends AbstractBasic
{
    /**
     * Validates a username and password.
     *
     * @param string $username
     * @param string $password
     *
     * @return bool
     */
    public function validateUserPass($username, $password)
    {
        $omvRpcContext = [
            'username' => 'admin',
            'role' => OMV_ROLE_ADMINISTRATOR,
        ];


        $result = Rpc::call('UserMgmt', 'authUser', [
            'username' => $username,
            'password' => $password,
        ], $omvRpcContext, Rpc::MODE_REMOTE);


        if (!$result['authenticated']) {
            return false;
        }


        $user = Rpc::call('UserMgmt', 'getUser', [
            'name' => $username,
        ], $omvRpcContext, Rpc::MODE_REMOTE);


        // Only allow admin or users in the webdav-users group.
        if ($username === 'admin' || in_array('webdav-users', $user['groups'])) {
            return true;
        }


        return false;
    }
}
EOF

I will submit this patch soon

Although I didn't test it
I'm sure it will work for now because dependencies for deluged and deulge-web are all equal now
but I don't think it is good practice installing deb directly since it is not upgradable and you manually check and manage before install it
so consider installing from ubuntu ppa which is corresponding to debian jessie

I'm using deluge in OMV 3.x and it works well
what do you think it should updated?

Zitat von tinh_x7

@luxflow,

From what I read, your method is also working on OMV2.
My OMV-testing repo is enabled, but I don't see your plug-in.
I'm only seeing this package: OpenMediaVault-letsencrypt 2.4

I just update original plugin to adapt to OMV 3.x, I didn't add any function at all
and add another method to setup virtualhost for letsencrypt
In OMV 2.x, I just patch small bug that's all

omv-letsencrpyt is not owned by me
so If you want to change, then you can change it by yourself
since I didn't use acmetool before and you know the both certbot and acmetool command, I think you are right person for this job

here are list of file to be modified I think

this is for OMV 3.x
changing command to adapt to acmetool
https://github.com/OpenMediaVa…/rpc/letsencrypt.inc#L259

removing certbot dependency
https://github.com/OpenMediaVa…f58749/debian/control#L12

installing and uninstall acmetool for debian OMV in postinst & postrm
(https://github.com/hlandau/acme#getting-started)
https://github.com/OpenMediaVa…678f58749/debian/postinst
https://github.com/OpenMediaVa…13678f58749/debian/postrm

for OMV 2.x, it just same file in same path

Zitat von OhMyVirtual

So you are still decided on using certbot for letsencrypt on OVM ? It invokes dependency hell on many systems, not to mention the huge storage footprint. Why not use acmetool instead? It's

yes omv-letsencrypt is still using certbot
I agree with you that it has somewhat heavy dependency
but Impact is neglectable

I have three reasons not to use acmetool in OMV 3.x
first
because original author of this plugin used it, and since acmetool is not drop-in-replace in command
rather than modify that, I prefer to stay same
second
it is not official client, yeah I know it is popular, it will works well but it is not same meaning of official
it seems users in letsecrypt forum use more certbot than acmetool
since certbot is offitial, life time of certbot go along with letsencrypt
third
benefit from changing is minimal I think in omv
becuase omv do jobs for you
Fast setup, Zero downtime and autorenwal? omv-letsencrypt already do for you
Supports any webserver? omv uses only nginx so should we support any webserver? I doubt

Zitat von MattA

I don't need to run/do anything after editing that file, do I?

I forgot to mention

. /usr/share/openmediavault/scripts/helper-functions
omv_purge_internal_cache

since I was in debug mode, I didn't notice it

Zitat von Sc0rp

Seems not to be the "reverse proxy" function, but "virtual hosting" - don't mix that up.

I'm saying it with nginx context.
IMHO, Virtualhost is server block in nginx
and configuration files in `/etc/nginx/openmediavault-webgui.d` are included by `/etc/nginx/sites-available/openmediavault-webgui` which is one single virtualhost
so I call them using reverse proxy function (actually calling it reverse proxy function is somewhat awkward but I cannot find approriate term for this)
(reference are here and here)

anyway,
what I want to is, since many omv plugins use different approach, and they are not unified,
changing them all to use reverse proxy
or
making a guideline when to use reverse proxy, when to use application own webserver
but I'm not unsure how others developer think about it

but it seems

Zitat von tekkb

It is hard to develop plugins that please everyone's preferences.

as tekkb said