Posts by Wek

    Even though I was successful using this script in the past, I just wanted to put it out there that the guys at linuxserver released a docker container for wireguard that I helped verify works for omv 4 and 5 with normal and backport kernels. It has some nifty features like easily adding users and re-displaying QR codes if needed.

    yep I used the docker at first, but I'm having this weird issue with not being able to connect to internet with it but I can connect to my lan, same with the script, I was just playing around to see what was the culprit, but I got almost same result with both methods except maybe with the script a bit worse, I will try again totally manual on the host without script and if that doesn't work I will try again the docker

    Nope unfortunately changing dns doesn't work I tried even with google dns 8.8.8.8 doesn't work.


    Also when I switched back to the normal dns 10.13.13.2 on the android phone, it behaved even stranger, some apps where working like the youtube app whatsapp and so on, but not firefox nor gmail...


    mmmh it seems this docker container is making more trouble than what really needs to, I guess I will delete the container and try to install the proper wireguard on the host itself as ryecoaaron pointed out the package is into buster-backports, this way I hope I will delete the problem of dealing with dns requests not forwarded by the docker gateway correctly.

    Hi nick2k3 my phone wireguard config also seems fine:

    Code
    [Interface]
    Address = 10.13.13.2
    PrivateKey = xxxxxxxxxxxxx
    ListenPort = 51820
    DNS = 10.13.13.1
    [Peer]
    PublicKey = xxxxxxxxxxxx
    Endpoint = mambojambo.duckdns.org:51820
    AllowedIPs = 0.0.0.0/0, ::/0

    and ipv4 forward is also enabled:


    Code
    root@omv:~# sysctl net.ipv4.ip_forward
    net.ipv4.ip_forward = 1

    I don't know what else to think about.

    The only thing that I see strange is DNS = 10.13.13.1 on the config, because my normal intranet get dns by my isp through 192.168.1.1 but then again I guess wireguard creates another subnet so I guess is fine, so I'm out of ideas here.


    tinh_x7 thank you, I was more asking specifically about wireguard if it would be better to run directly on the machine instead of docker, because of all this issue the container is giving me, but whatever works it's ok, it's just strange that the lan works but not the wan, but as you can see the config seems fine.

    Hi I have the same issue of tinh_x7, wireguard is working fine to access the smb share of omv through my phone when connected to wireguard vpn, but I cannot access internet, use of firefox or other apps it says there is no internet connection.


    The config file of the server seems fine:



    My router is forwarded correctly (otherwise my phone would not work even to browse lan, as I tested it without using the wifi, but only cellular data).

    I'm using the docker container from linuxserver.


    Is it better at this point to discard, the container\docker way, go directly the debian way installing wireguard from the buster-backports and configure it manually instead?

    Hi, I was setting up my fresh installed Omv5 to have access only through SSH public key auth but no matter what I try it keeps give me authentication failing to connect.


    What I did

    • I created an user and gave him ssh permission (with password works great)
    • created ssh keys with ssh-keygen and check that the public one was matching between the user and the /var/lib/openmediavault/ssh/authorized_keys
    • disabled permit root login and password authentication

    still what I get is wek@192.168.1.2: Permission denied (publickey).


    So I went ahead and looked at the /var/log/auth.log to see what was going on:



    Not really informative, so I went inside the server and check the permission for the authorized key and seems fine:


    Finally I thought to check the /var/log/auth.log and found this:



    Now first of all I didn't pay really attention ever to the / folder on other machines, but that directory permissions look a bit strange to me, or am I missing something?

    I did a fresh install of the latest Omv5 iso, I was trying to install omv-etras repos, as per instruction with wget -O - https://github.com/OpenMediaVa…ckages/raw/master/install | bash but I get this error while installing it:



    so I'm ending up with a broken Omv-Extras broken repo, I already tried install manually and even from terminal, but all gave me same error, looks like something weird with the *.deb package itself


    Anyone knows how to fix this?

    Hi Guys,


    it's been a while since I posted here, being busy at work lately.
    Today I had some spare time, so I decided to have a sneak peak here and see how things are going, with the chance to see if I need to upgrade any of my servers (they run omv 4).


    I got stuck though and a bit confused by the omv site, so here is my question:


    Does Omv 5.0 still to be considered in Beta? or is it ready to use in production?
    it's a long time since I remember that it was already in beta, omv homepage get me even more confused, as I click on download and redirect me to sourceforge I saw 5.0.5 folder and 5.0 beta folder...other than that the blog report some images of a new version in the progress OMV 6 (?!?!).


    So what is going on here? :D
    Can someone help me out to understand the situation right now? :)


    Anyway have a nice Xmas to everybody :)

    Anyway I just went through a run test of it, but I can't understand, I'm a bit confused by the suggestion, here's the result:


    of the command:


    Linux 4.19.0-0.bpo.5-amd64 (wai) 06/13/2019 _x86_64_ (4 CPU)



    avg-cpu: %user %nice %system %iowait %steal %idle
    1.94 2.20 1.43 5.64 0.00 88.78



    Device: tps kB_read/s kB_wrtn/s kB_read kB_wrtn
    sda 105.77 1195.04 587.14 1173971 576788
    sdc 0.30 11.54 0.49 11337 486
    sde 0.35 14.40 1.03 14144 1014
    sdb 2.73 38.57 3.04 37889 2989
    sdd 34.48 283.68 189.21 278681 185870



    How an hard disk\cpu monitor should help me out to understand why after some uptime the services seems to be like "cut off" from the lan? what should I found in it? it just spits out statistics about reads\writes and cpu usage...am I missing something?

    No I'm not using flashmemory plugin, I just supposed it has been deleted because from the logs through the openmediavault webpage doesn't look anything strange everything seems to be fine, except most of the logs are deleted like syslog etc. because I had to hard reset the machine to get back to it.


    Also I looked at dmesg errors, nothing strange expect some warning about ACPI errors due to bios not really good implementation of it, but nothing strange it's been there since the beginning, also another error from the docker container of emby, saying "emby-daemon.service: Failed at step USER spawning /usr/bin/mono-sgen: No such process" again don't know why is saying that at the startup of the deamon, but everything works fine (once I rebooted of course).


    Syslog dmesg and Messages, seems pretty normal so I didn't know what to look for, I'm using the command you suggested, so let's see what happens, but I guess I have to make it as a cronjob am I rihgt? because otherwise it will be killed as soon as my shell get cut out due to the server strange behaviour.

    Hi everyone,


    Since a couple of months, I'm having some weird issues with Omv4.


    As soon as I boot up the machine everything works fine, I can reach the smb shares, ssh into it, login through the webinterface, check transmission everything's good,
    BUT as soon as the machine stays uptime for some time, it begin to be "unreachable".


    I put it on quotes, because in fact the machine is online I can ping it, and I can see it through the modem connected, but I cannot login or use any of the services in it.
    example:


    • I try to login through the webserver -> firefox doesn't complain about not reaching it (so the site weblogin "is present") but the page is blank no banner no nothing
    • I try to ssh into it, it just answer back that the server needs a passphrase to login (which it needs indeed, but is like it doesn't see my private key that I sent to it, so it doesn't let me login in)
    • samba shares complain about being not unreachable

    The only fix I found is to hard reset the machine so everything boots up again it works as it should for some time and then everything back to square 1.


    Unfortunately I cannot investigate the problem any further with logs, because doing an hard reset it basically erases any traces or at least traces I can think of.


    Did any of you experiences same issues and know how to solve it? or can give me an idea on what to look for?



    Some specs:
    OS: Omv 4.2.22-1 Arrakis
    kernel: 4.19.0-0.bpo05-amd64

    Hi everyone I'm having a little trouble accessing bitwarden remotely through the use of duckdns and letsencrypt + reverse proxy, I hope someone can help me I'm still in the learning process.


    I developed bitwarden through docker as @TechnoDadLife explains in his tutorial


    Unfortunately the process let you with a local access through standard port, no https, so I decided to go the route duckdns+letsencrypt+reverse proxy (everything through docker) to access it remotely via https.


    Every container worked fine on its own:


    • I have my domain let's say iloveomv.duckdns.org
    • I created my subdomain inside letsencrypt docker, let's say bitwarden.iloveomv.duckdns.org
    • I open the right ports on my router and everything works fine I can see my page remotely with https answer back and the letsencrpy ssl certificate going through.



    Now the problem happens, I can't connect my bitwarden loal docker to the subdomain https://bitwarden.iloveomv.duckdns.org without getting the error 504 from nginx when I try to connect to it.




    Sure I suspect is an error on my part, tryng to config the bitwarden docker, so I went ahead and look at the info page of the docker itself -> bitwarden docker


    Here is the first problem as you can see, on the docker infopage itself, there is no variable to set https, it seems to operate just through http.



    Reading further there is a way to activate https trough ROCKET_TLS, and use this proxy config, for letsencrypt docker.



    So I tried this:


    • created a variable environment on the bitwarden docker as ROCKET_TLS, giving it physical access to the sharedfolder where fullchain.pem and privkey.pem produced by letsencrypt are stored
    • changed the due localhost parameter with the duckdns domain on the proxy config
    • added --network mynetwork flag to the bitwarden container to let it talk to letsencrypt container

    but none of it worked out. I'm still getting error 504 when I try to connect to https://bitwarden.iloveomv.duckdns.org



    Any idea what I'm doing wrong here?! can someone point me in the right direction?!


    Thank you very much in advance