And this is my bridge network:
Beiträge von Nabukodonosor
-
-
Zitat
do you "reStart" swag, duckdns & vaultwarden to be sure that can be resolved?
All of them are restarted after changing the network. I mean, it did it automatically, since I had to redeploy when I changed the network.
ZitatAlles anzeigento resolve vaultwarden, you need to edit file /yourpathhere/Dockers/swag/nginx/proxy-confs/vaultwarden.subdomain.sample
to /yourpathhere/Dockers/swag/nginx/proxy-confs/vaultwarden.subdomain
and then ReStart sawg to load this new config
once done your swag must access to https://vaultwarden.yourduckdnsname.duckdns.org
of course you need to have well configured duckdns docker to use yourduckdnsname
All of this is already done. I've been using reverse proxy for months, with radarr, sonarr and few more services, vaultwarden among them, but I had to redo vaultwarden since I couldn't access it within my LAN for some reason. But here's my vaultwarden.subdomain.conf file again:
Code
Alles anzeigen## Version 2023/11/12 # make sure that your vaultwarden container is named vaultwarden # make sure that your dns has a cname set for vaultwarden # if you are using bitwarden (the official image), use the bitwarden conf # if you are using vaultwarden (an unofficial implementation), use the vaultwarden conf # # vaultwarden defaults to port 80 and can be changed using the environment variable ROCKET_PORT on the vaultwarden container server { listen 443 ssl http2; listen [::]:443 ssl http2; server_name vaultwarden.*; include /config/nginx/ssl.conf; client_max_body_size 128M; # enable for ldap auth (requires ldap-location.conf in the location block) #include /config/nginx/ldap-server.conf; # enable for Authelia (requires authelia-location.conf in the location block) #include /config/nginx/authelia-server.conf; # enable for Authentik (requires authentik-location.conf in the location block) #include /config/nginx/authentik-server.conf; location / { # enable the next two lines for http auth #auth_basic "Restricted"; #auth_basic_user_file /config/nginx/.htpasswd; # enable for ldap auth (requires ldap-server.conf in the server block) #include /config/nginx/ldap-location.conf; # enable for Authelia (requires authelia-server.conf in the server block) #include /config/nginx/authelia-location.conf; # enable for Authentik (requires authentik-server.conf in the server block) #include /config/nginx/authentik-location.conf; include /config/nginx/proxy.conf; include /config/nginx/resolver.conf; set $upstream_app vaultwarden; set $upstream_port 8086; set $upstream_proto http; proxy_pass $upstream_proto://$upstream_app:$upstream_port; } location ~ ^(/vaultwarden)?/admin { # enable the next two lines for http auth #auth_basic "Restricted"; #auth_basic_user_file /config/nginx/.htpasswd; # enable for ldap auth (requires ldap-server.conf in the server block) #include /config/nginx/ldap-location.conf; # enable for Authelia (requires authelia-server.conf in the server block) #include /config/nginx/authelia-location.conf; # enable for Authentik (requires authentik-server.conf in the server block) #include /config/nginx/authentik-location.conf; include /config/nginx/proxy.conf; include /config/nginx/resolver.conf; set $upstream_app vaultwarden; set $upstream_port 8086; set $upstream_proto http; proxy_pass $upstream_proto://$upstream_app:$upstream_port; } location ~ (/vaultwarden)?/api { include /config/nginx/proxy.conf; include /config/nginx/resolver.conf; set $upstream_app vaultwarden; set $upstream_port 8086; set $upstream_proto http; proxy_pass $upstream_proto://$upstream_app:$upstream_port; } location ~ (/vaultwarden)?/notifications/hub { include /config/nginx/proxy.conf; include /config/nginx/resolver.conf; set $upstream_app vaultwarden; set $upstream_port 8086; set $upstream_proto http; proxy_pass $upstream_proto://$upstream_app:$upstream_port; } } -
Here you go. You can just ignore other containers, I'm only trying with vaultwarden. If that works, I will maybe add 2 or 3 more containers. I don't access others from outside my LAN.
-
Yeeah, that didn't work aswell. I get 502 bad gateway when I try to access vaultwarden via duckdns reverse proxy. My new network is on the screenshot below. I created it with default value, I didn't enter anything in the fields since when I tried 172.20.0.1 for the gateway it said it's already in use, and I didn't know what to enter there. EDIT: I used 172.40.0.1, but still bad gateway error. Now my ips for vaultwarden, swag and duckdns are 172.40.10.128, 129 and 130.
-
OK, I made a bridge network, used the same gateway, ip range and subnet like I did for the macvlan, and now vaultwarden is on 192.168.0.200, swag on 201 and duckdns on 202. Or should I have left everything on default?? I can't access vaultwarden from LAN, and I can't access it via reverse proxy. My vaultwarden.subdomain.conf file is set to default, I changed nothing there. Do I have to change anything there? I did all this through Portainer.
Code
Alles anzeigen## Version 2023/11/12 # make sure that your vaultwarden container is named vaultwarden # make sure that your dns has a cname set for vaultwarden # if you are using bitwarden (the official image), use the bitwarden conf # if you are using vaultwarden (an unofficial implementation), use the vaultwarden conf # # vaultwarden defaults to port 80 and can be changed using the environment variable ROCKET_PORT on the vaultwarden container server { listen 443 ssl http2; listen [::]:443 ssl http2; server_name vaultwarden.*; include /config/nginx/ssl.conf; client_max_body_size 128M; # enable for ldap auth (requires ldap-location.conf in the location block) #include /config/nginx/ldap-server.conf; # enable for Authelia (requires authelia-location.conf in the location block) #include /config/nginx/authelia-server.conf; # enable for Authentik (requires authentik-location.conf in the location block) #include /config/nginx/authentik-server.conf; location / { # enable the next two lines for http auth #auth_basic "Restricted"; #auth_basic_user_file /config/nginx/.htpasswd; # enable for ldap auth (requires ldap-server.conf in the server block) #include /config/nginx/ldap-location.conf; # enable for Authelia (requires authelia-server.conf in the server block) #include /config/nginx/authelia-location.conf; # enable for Authentik (requires authentik-server.conf in the server block) #include /config/nginx/authentik-location.conf; include /config/nginx/proxy.conf; include /config/nginx/resolver.conf; set $upstream_app vaultwarden; set $upstream_port 80; set $upstream_proto http; proxy_pass $upstream_proto://$upstream_app:$upstream_port; } location ~ ^(/vaultwarden)?/admin { # enable the next two lines for http auth #auth_basic "Restricted"; #auth_basic_user_file /config/nginx/.htpasswd; # enable for ldap auth (requires ldap-server.conf in the server block) #include /config/nginx/ldap-location.conf; # enable for Authelia (requires authelia-server.conf in the server block) #include /config/nginx/authelia-location.conf; # enable for Authentik (requires authentik-server.conf in the server block) #include /config/nginx/authentik-location.conf; include /config/nginx/proxy.conf; include /config/nginx/resolver.conf; set $upstream_app vaultwarden; set $upstream_port 80; set $upstream_proto http; proxy_pass $upstream_proto://$upstream_app:$upstream_port; } location ~ (/vaultwarden)?/api { include /config/nginx/proxy.conf; include /config/nginx/resolver.conf; set $upstream_app vaultwarden; set $upstream_port 80; set $upstream_proto http; proxy_pass $upstream_proto://$upstream_app:$upstream_port; } location ~ (/vaultwarden)?/notifications/hub { include /config/nginx/proxy.conf; include /config/nginx/resolver.conf; set $upstream_app vaultwarden; set $upstream_port 80; set $upstream_proto http; proxy_pass $upstream_proto://$upstream_app:$upstream_port; } } -
oh OK. I was wondering why would you suggest me to create a macvlan network and than asked me why did I make it, but you thought I wanted to deploy pihole
So, back to the start for me 
-
I don't quite understand. What is my-net? And why don't I use the macvlan network when the whole point was to create one?
-
I added both vaultwarden and swag to the MyMacVLAN network, they now have 192.168.0.200 and 192.168.0.201 IP addresses but I can't access vaultwarden from outside my network, using reverse proxy. Any ideas what should be my next step?
-
I don't use pihole at all. I'm trying to setup vaultwarden in this case. You can see the ip address on my screenshot above.
-
OK, here's what I did so far. I really have no idea where to go next from here.
This is from my DHCP settings:
I created a new macvlan network:
Then:
After that, I redeployed Vaultwarden container with that network:
And when I go to that IP in my browser it opens vaultwarden login page:
But since I use SWAG for my reverse proxies, I have to idea what to do next.
-
Amazingly, I still haven't figured this out. My router doesn't have that DNS option, or I can't find it, so that's out.
Also, last few weeks I had this weird issue with the Bitwarden addon for Firefox...when I new item pops up to be saved, that blue Save button (or Update button), I can't click on it, nothing, it's just stays there. Again, when I disconnect from my LAN, and connect for example to my phone using tethering, that also works fine. So, I can't even save anything new anymore on my local network.
Information presented in the previous posts is very general and I couldn't make anything of it.
-
Mine too.
Thanks! Solved. -
I never got a finite answer to my question.
I see people deploying Wireguard with their Qbittorrent containers, so I was wondering do I need one or not? Are people just too paranoid or what? -
I know,but I'm used to it and I like it. I just want to know what happened here and how to fix it.
-
Hey guys. So, yesterday, for no good reason, I couldn't start Portainer webui. I tried restarting my server, no luck. Then I saw that the docker status of Portainer was "restarting". Tried restarting docker, no luck. Any ideas why this happened and how to solve it?
I was thinking about installing the Portainer again, but what would happen to my stacks?
-
What do you mean older installation? I have the latest OMV 6 installed.
-
If only we had a search function on the forum...
WAIT, we have:
This solved it. Thanks.
-
Can you post the output of ?
sudo omv-upgrade
Use a code box please. It is the </> button in the top bar of the forum window.
I did use </>
From sudo omv-upgrade:
CodeReading package lists... Done Reading package lists... Done Building dependency tree... Done Reading state information... Done Calculating upgrade... Done 0 upgraded, 0 newly installed, 0 to remove and 0 not upgraded. -
Code
500 - Internal Server Error Failed to execute command 'export PATH=/bin:/sbin:/usr/bin:/usr/sbin:/usr/local/bin:/usr/local/sbin; export LANG=C.UTF-8; export LANGUAGE=; export DEBIAN_FRONTEND=noninteractive; apt-get --yes --allow-downgrades --allow-change-held-packages --fix-broken --fix-missing --auto-remove --allow-unauthenticated --show-upgraded --option DPkg::Options::="--force-confold" dist-upgrade 2>&1' with exit code '100': Reading package lists... Building dependency tree... Reading state information... Calculating upgrade... The following packages will be upgraded: amd64-microcode firmware-ath9k-htc 2 upgraded, 0 newly installed, 0 to remove and 0 not upgraded. 44 not fully installed or removed. Need to get 0 B/169 kB of archives. After this operation, 177 kB of additional disk space will be used. (Reading database ... (Reading database ... 5% (Reading database ... 10% (Reading database ... 15% (Reading database ... 20% (Reading database ... 25% (Reading database ... 30% (Reading database ... 35% (Reading database ... 40% (Reading database ... 45% (Reading database ... 50% (Reading database ... 55% (Reading database ... 60% (Reading database ... 65% (Reading database ... 70% (Reading database ... 75% (Reading database ... 80% (Reading database ... 85% (Reading database ... 90% (Reading database ... 95% (Reading database ... 100% (Reading database ... 291242 files and directories currently installed.) Preparing to unpack .../amd64-microcode_3.20230719.1~deb11u1_amd64.deb ... Unpacking am... -
For some reason, I can't install these 2 updates. All other updates install every time, but these 2 can't, with this red error. Any ideas?
