Posts by Methy

    Hello,


    I am on OMV4 and I use portainer in container

    I update my containers by watchtower

    Portainer is just a graphical overlay to administer the containers and to my knowledge does not manage the updates at the moment.


    I don't know zonealarm so I can't help too much on the domain.


    Once a container has been deleted, if you haven't committed your container, it will be permanently deleted.

    in traefik version 2.x redirection http to https works easily ?

    you no longer have to go through middleware as indicated here https://github.com/containous/traefik/issues/4863

    I got the LE cert valid for Traefik site, but the dashboard only load if it's in private mode Chrome.

    I have my external services (Plex, Emby) green status in Traefik dashboard, but they can't be access externally.



    Code
    Your connection isn't private
    Attackers might be trying to steal your information from media.abctest.com (for example, passwords, messages, or credit cards).
    NET::ERR_CERT_REVOKED

    Just in case you have opened ports 80 and 443 to your traefik container ?

    Hello,


    I slip into this topic to see if some people would have tested the Veeam wireguard in their VeeamPN solution?

    If ever other people are interested to exchange on the subject in a private message or then see to create a topic for that.


    As far as I'm concerned, I would have tested this solution well, but I don't see a container for the moment, just an ova.


    Do you think it's possible to make one?


    I started from a basic ubuntu container and I added the application as indicated by Veeam: https://helpcenter.veeam.com/d…ampn_on_linux.html?ver=21


    Then I did a docker commit to generate my image and I created my container from my image but it doesn't seem to work.

    no particular reason I just followed the tutorial because I spent a lot of time before it worked and I ended up following the tutorial to the letter :D (before I tested with version 2.1 of traefik and I could not achieve what I wanted.)


    But by changing in the traefik.toml you can probably reset the HttpChallenge I have not tested.

    my registrar is OVH, I just changed the DNS server to indicate that it is Cloudflare which manages the DNS zone

    You create an account with cloudflare and enter the SID identifiers in the conf.

    The DNs zone web interface is simple and intuitive

    You can use a proxy to hide your public IP from your services.


    I do not regret having tried. :)

    Hello,


    in your traefik.yml you must force https redirection replace


    Code
    entryPoints:
    http:
    address: ":80"
    https:
    address: ":443"
    dashboard:
    address: ":8080"

    By


    Code
    # Force HTTPS
    [entryPoints]
    [entryPoints.http]
    address = ":80"
    [entryPoints.http.redirect]
    entryPoint = "https"
    [entryPoints.https]
    address = ":443"
    [entryPoints.https.tls]

    Regarding the access problem I am sure it is related to the number of requests you made for nextcloud because each time you access the URL in https it makes a certificate request at LE


    You just have to wait or test for another service :)

    I can show you my docker-composed of my Portainer and Traefik containers :


    Docker-compose for Traefik :



    And my Traefik.toml


    Good evening,


    The blocking comes from the generation of the certificate which is limited 50 per week by LE


    https://letsencrypt.org/docs/rate-limits/

    The main limit is Certificates per Registered Domain (50 per week).


    As far as I'm concerned, I set it up more than a month ago.

    I haven't figured it all out yet but it's great.

    No more bothering with certificates for all the applications you publish: D


    For security I even put double authentication with OAuth from google. (2FA) it's safer :)


    Ps:

    if I can advise (even if the word is a bit strong) use version 1.7.21 of Traefik because version 2 seems to lack documentation at the moment and there seems to be a lot of changes compared to V1.7

    I used this tutorial:

    https://www.smarthomebeginner.…auth-with-traefik-docker/


    if your services are containers, it's super simple you just have to add labels in your container :)

    If it is a different service that does not run under docker, like for me my OMV which is physical I use an additional conf file or I define the service:


    [backends]

    [backends.backend-omv]

    [backends.backend-omv.servers]

    [backends.backend-omv.servers.server-omv-ext]

    url = "http: // Your_IP: 80"

    weight = 0

    [frontends]

    [frontends.frontend-omv]

    backend = "backend-omv"

    passHostHeader = true

    [frontends.frontend-omv.routes]

    [frontends.frontend-omv.routes.route-omv-ext]

    rule = "Host: Your_Dom"

    [frontends.frontend-omv.headers]

    SSLRedirect = true

    SSLHost = "omv.Your_Dom"

    SSLForceHost = true

    STSSeconds = 315360000

    STSIncludeSubdomains = true

    STSPreload = true

    forceSTSHeader = true

    frameDeny = true

    contentTypeNosniff = true

    browserXSSFilter = true

    customFrameOptionsValue = "allow-from https: Your_Dom"

    [frontends.frontend-omv.auth]

    headerField = "X-WebAuth-User"

    [frontends.frontend-omv.auth.forward]

    address = "http: // oauth: 4181"

    trustForwardHeader = true

    authResponseHeaders = ["X-Forwarded-User"]

    Hello,


    as far as I understand, the docker package-(docker-ce) does not seem to be present and blocks the openmediavault-docker-gui installation


    openmediavault-docker-gui : Depends: docker-ce (>= 5:19.03) but it is not installable
    Depends: docker-ce (< 5:19.04) but it is not installable


    you may have to try to install docker-ce manually.


    In OMV menu do you have the OMV-extra ?


    2019-10-19_11h08_27.png