The letsencrypt docker provides a ssl certificate for an encrypted https connection to services which you expose to the internet.
if you are using a vpn connection to connect to your LAN, you don’t need letsencrypt.
Thanks a lot.
Posts by bbsen666
-
-
don’t worry about it.
What you do next depends on the question: which service you want to expose to the Internet via letsencrypt?thank you very much for your prompt reply.
I would like to secure connections for openvpn, transmission and OMV web admin.
I am going to install openvpn in docker later. -
Hi,
my atomic pi server is running on OMV version 4.1.31-1 and everything is working fine! Samba, bt, ssh, jellyfin, pi hole etc.
I tried to follow Techno dad's video to set up letsencrypt in my OMV's docker.
https://www.youtube.com/watch?…k0h00410.1581250481904870I couldn't save my container if I add "==network xxxx" after "--cap-add=NET_ADMIN" in extra arguements section, the error message popped up was something like this:
with exit code '125': docker: conflicting options: cannot attach both user-defined and non-user-defined network-modes. See 'docker run --help'.I managed to save the container without this bit and carry on with the process, not sure if it will cause any issue, though.
I login to OMV root using putty and generated the cert sucessfully, I checked it with my dns address as suggested by Techno dad and the same web page as techno dad demo pops up.Then I double check my putty's LOG and realized that at the end of the long cert generation message, It says this:
ngnix [alert] detected a LuaJIT version which is not OpenResty's, many optimisations will be diabled and performance will be compromised...
does it matter?It is my first time setting up letsencrypt in docker, what else do I need to do?
any advise will be greatly appreciated, thanks in advance! -
Use the latter. I think the community has the most experience with it and can help troubleshoot. It also has an included nginx reverse proxy.
Hi,
You should use this one: linuxserver/letsencrypt.For you omv having the SSL, you'll have to create a file omv.subdomain.conf as in this following thread.
whenever you use a docker container look at what is supported by the community of whatever application you are running. most of the time it will be self-named (ie. emby/embyserver) or linuxserver.
thank you guys! i will give it a shot!
-
Hi,
I have been told that let's encrypt plugin is no longer under maintenance and I should use letsencrypt in docker instead.
There are 2 versions in docker, jrcs/letsencrypt-nginx-proxy-companion and linuxserver/letsencrypt.I believe that the former one has nginx reserve proxy included which I have no idea what is it, shall I just install the latter one if I just want simply secured connection for my omv?
thanks
-
thanks for your reply, i will give it a shot later today and see what happen.
The plugin in is in OMV repo, i assumed it to be working properly...
next time I will try docker version. -
Hi,
I received an email regarding let's encrypt cert expiry notice this evening, soIlogin to my omv as usual and click renew in letsencrypt plugin. It failed to do so... something to do with connection, I tried to turn off forced SSL connection box and then retry but a error warning message kept popping up.... so I tried to turn off ssl/tlc connection all together but when I check my cert in let's encrypt, it's gone!
Starting from that moment, I can no longer get access to WEBUI page,
This site can’t be reached
192.168.0.xxx refused to connect.i reset GUI configuration in omv-firstaid but the page is still inaccessible. all my other plugins as well as transmission are accessible, though.
I uninstalled let's encrypt in putty using command line, still no luck.Any advise will be greatly appreciated.
-
Display More
After poking a while to make this work and yes THIS thread helped a lot to figure out my problem. Could not find a tutorial for this at all but here it is my attempt of creating one:
- First install the plugin (openmediavault-openvpn 4.0.1)
SETTINGS:
General settings:
- Configure the plugin:
- enable: true
- port: 1194
- use compression: true
- PAM: trueVPN network:
- Address: 10.8.0.0
- MASK: 255.255.255.0
- Gateway interface: your internet interface (mine is ens5, but the interface is in the dropdown list just select the one connected to the internet)
- Default gateway: trueDHCP options
everything is emptyPublic:
- Public address: your IP or if NO-IP use your domain.ddns.net
FIXING THE SERVER:
- ssh into your server
- cd /etc/openvpn/
- nano server.conf
- find in this file something like ;push "route 192.168.0.0 255.255.255.0" (the IP address can be different 192.xx.xx.xx)
- in the above two things need to be changed first remove the ; if you have one in your config file, and than change the IP to the same VPN address 10.8.0.0
- From this: ;push "route 192.168.0.0 255.255.255.0" to this: push "route 10.8.0.0 255.255.255.0"
- restart the openvpn service: service openvpn status check if already started service openvpn stop, service openvpn status be sure it stopped, service openvpn start, service openvpn status be sure it startedCERTIFICATES:
- first create a user from left menu ACCESS RIGHTS MANAGEMENT -> User
- navigate back to your openVPN -> certificates click on ADD and select the user and give it a common name and finally save.
- select the user and click on DOWNLOAD CERTIFICATE
- Extract the archive
- in your VPN GUI import *.ovpn fileIF BEHIND ROUTER:
- if you have a router between your server and internet do not forget to open port 1194 UDPI stopped openvpn in docker and re-installed openvpn plugin in OMV again because of the missing server.conf...
mysteriously it works right after I enable the plugin.... i didn't do anything special this time...my VPN connection cannot get access to internet, though.... when I enabled redirect gateway...line... it doesn't work anymore...
anyway I will keep it this way for time being... a bit tired of it.... i won't update the system again until OMV stable releases and I will do a fresh installation...
-
Display More
My advice to you guys is to stop using this plugin, it does not work for me either, and it happens every time I update something on the server, so I chose to go the docker way.
Fairly simple:
https://hub.docker.com/r/kylemanna/openvpnopen ssh terminal to your server and copy paste:
OVPN_DATA="ovpn-data-myvpn"docker volume create --name $OVPN_DATA
docker run -v $OVPN_DATA:/etc/openvpn --log-driver=none --rm kylemanna/openvpn ovpn_genconfig -u udp://DNS-SERVER.COM-OR-IP
docker run -v $OVPN_DATA:/etc/openvpn --log-driver=none --rm -it kylemanna/openvpn ovpn_initpkidocker run -v $OVPN_DATA:/etc/openvpn -d -p 1194:1194/udp --cap-add=NET_ADMIN kylemanna/openvpn
docker run -v $OVPN_DATA:/etc/openvpn --log-driver=none --rm -it kylemanna/openvpn easyrsa build-client-full CLIENTNAME nopass
- nopass if you just want to connect to your VPN server only with your *.ovpn file, or remove nopass for login with username - password
docker run -v $OVPN_DATA:/etc/openvpn --log-driver=none --rm kylemanna/openvpn ovpn_getclient CLIENTNAME > CLIENTNAME.ovpn
cat CLIENTNAME.ovpn
copy the contents of this file on your host, text editor save as CLIENTNAME.ovpn than just connect.Works like a charm.
Hi,i had so much trouble with OMV 4.19 openvpn plugin, always shows waiting for server, no matter what i do, ie edit server conf, it just wouldn't work even my firewall and router are already properly setup.
I followed your guide and copy and paste the command lines one by one...I changed DNS-SERVER.COM-OR-IP in ovpn file to my domain... my android client shows waiting for server again... i really have no idea why....
I can no longer fine the server.conf file in etc/openvpn.... wanted to add push "route $vpn_network $vpn_mask" and see what happens....
any advise will be greatly appreciated. thx!
-
UPDATE
gderf wrote:I used the Settings tab to relocate my existing docker base path. I had no problems with any of the existing containers that were running. The only manual thing I needed to do was delete the the directorys in the old base path because in my case the plugin only copied the data to the new path. It did not delete the old path's contents for me.
[/quote]Maybe he's made changes to the plugin, I know when I initially set up docker, and had no containers folder.... when I set a containers folder webui and restarted docker, none of my running containers were there, etc. and it was essentially like I was starting over and did not copy my container data over to the new containers folder.
Edit: You basically said exactly what I just said in this thread in post #13... https://forum.openmediavault.o…sing-space-on-boot-drive/
thanks guys! -
I used the Settings tab to relocate my existing docker base path. I had no problems with any of the existing containers that were running. The only manual thing I needed to do was delete the the directorys in the old base path because in my case the plugin only copied the data to the new path. It did not delete the old path's contents for me.
Maybe he's made changes to the plugin, I know when I initially set up docker, and had no containers folder.... when I set a containers folder webui and restarted docker, none of my running containers were there, etc. and it was essentially like I was starting over and did not copy my container data over to the new containers folder.
Edit: You basically said exactly what I just said in this thread in post #13... https://forum.openmediavault.o…sing-space-on-boot-drive/
I ended up solving it using the dumb way... i reinstalled docker and emby. not the shared folder is located in my hdd, also I rearranged my folders so that everything looks more neat now.
I deleted lib/docker folder on my USB drive and 950MB has been free up.thanks guys!
-
Try moving your docker base path to a data drive.
Display More1. Create your container folder ("Containers") in the webUI. This will store your containers on one of your data drives (which are presumably much larger than 8gig)
2. SSH your server and get root access
3. Stop docker service: systemctl stop docker
4. Move the docker folder to Containers folder: mv /var/lib/docker /sharedfolders/Containers
5. Create a link between the two: ln -s /sharedfolders/Containers /var/lib/dockers
6. Start docker service: systemctl start docker
Problem solved.
thanks guys, yes, i have a storage HDD for data.
I will give it a shot when I have time these 2 days...
cheers!!!!!!!!!!!!! -
Running OMV 4.19 on a 8GB USB drive, the partition that OMV created for itself it around 4GB during installation.
I used to have docker+emby server installed and they have been working fine!Today I tried to installed jdownloader ( 2 version avail through searching), I installed one (following Techno Dad Life's video) but it failed to connect to my jdownloader acc, the 2nd one, plusminus/jdownloader2-headless, never managed to download properly in docker, I also tried to download it using command line, 2x300Mb files were extremely slow speed I decided to give up.
so, I went back to OMV and deleted the installed jdownloader in docker... I realized that these images that docker have been downloading all have very big file size... so i checked disk space and it has 300MB left...
what shall I do in order to free up some space?
this USB drive has 8GB space but OMV only uses 4GB...Any advise will be greatly appreciated. thanks
I ran df -h and the result is shown below.
Filesystem Size Used Avail Use% Mounted on
udev 940M 0 940M 0% /dev
tmpfs 192M 8.5M 184M 5% /run
/dev/sdb1 3.5G 3.0G 289M 92% /
tmpfs 960M 0 960M 0% /dev/shm
tmpfs 5.0M 0 5.0M 0% /run/lock
tmpfs 960M 0 960M 0% /sys/fs/cgroup
tmpfs 960M 20K 960M 1% /tmp
/dev/sda1 458G 49G 410G 11% /srv/dev-disk-by-label-500GB
folder2ram 960M 177M 784M 19% /var/log
folder2ram 960M 0 960M 0% /var/tmp
folder2ram 960M 584K 959M 1% /var/lib/openmediavault/rrd
folder2ram 960M 16K 960M 1% /var/spool
folder2ram 960M 13M 947M 2% /var/lib/rrdcached
folder2ram 960M 8.0K 960M 1% /var/lib/monit
folder2ram 960M 4.0K 960M 1% /var/lib/php
folder2ram 960M 0 960M 0% /var/lib/netatalk/CNID
folder2ram 960M 420K 959M 1% /var/cache/samba
overlay 3.5G 3.0G 289M 92% /var/lib/docker/overlay2/787802b8a2138bc98090c15e4455e74d8eb35058646edc184dbc25506e046069/merged
shm 64M 0 64M 0% /var/lib/docker/containers/ee798d4a04b35dea6099917ae7c021ec595d6b900dd043a02ed77915706d1082/mounts/shm/var/lib/docker/overlay2/ is big... it has DOCKER in the link... but when I look inside the folder, it has these folders in it.
bin,config,dev, etc, home, init, lib, libexec, licenses, mnt, proc, root, share, sys, system, tmp, usr, var
-
I am using OMV version 4.19
I followed Techno Dad Life video and installed jdownload via docker, the only difference i made is that I have different download folder names.
here is the link of the video, https://www.youtube.com/watch?v=l-c9cozu5vwi managed to get it running and registered an account at jdownloader website but it says "No connected JDownloader found".
any idea why this happen?
any advise will be greatly appreciated. thx
-
Have a read through this it seems that the driver being loaded/used is r8169 but following the first post from the link will give you the relevant information.
Well if that happened then I would look toward other networking issues before adding extras options.
I accidentally discovered a new solution....
Since speed was unstable in Win and it is worst in MX linux... it stops transferring every single time....
I opened NetworkManager Applet in MX linux and edited my connection configuration, changed link negotiation to manual, then speed from 1000 Mb/s to 100Mb/s. I was expecting around 9.XX MB/sec MAX actual trasnfer speed, but strangely it turned out transfer speed was around 5X MB/sec, more surprisingly the overall process was very steady and stable, so far I have done five 2GB-4GB file transfers for testing and none of them had any issue...
i am very happy about it.
-
ethtool -i enp8s0
driver: r8168
version: 8.046.00-NAPI
firmware-version:
expansion-rom-version:
bus-info: 0000:08:00.0
supports-statistics: yes
supports-test: no
supports-eeprom-access: no
supports-register-dump: yes
supports-priv-flags: noI installed 8168 driver but the same old problem still persist now.... hopeless....
-
Well if that happened then I would look toward other networking issues before adding extras options.
I have no idea what else I can do now... I added extra options and transfer speed still not stable.
Anyway, it doesn't FREEZE during file transfer and I am fine with it for now.thanks a lot for your advise!
-
Hi, i followed the steps in. https://unixblogger.com/how-to…68-working-updated-guide/
when I ran "sudo ./autorun.sh" using OMV as root,
it says "sudo: unable to execute ./autorun.sh: Permission denied"
please help, thank you.
---------------------------
ps, managed to execute it using.... bash -x ./filename.filetype command
$ dmesg | grep -i ethernet output is r8168 driver loaded...
will test it and see if things are working properly this time, thanks!!!!
----------------
just did a 12GB transfer test. The speed still went up and down like a rollacoaster but it managed to get the job done at the end... which is a big improvement already.
wondering if adding extra options can make things better... -
thank you... yes, 8169 driver is installed. I will read through the site and figure out how to update to 8168.
-
Thanks for your reply.
Is it possible to limit samba lan transfer speed?
