Messages

At the very least I would recommend accessing plex via a reverse proxy.  Caddy is a simple reverse proxy to set up and handles certificates etc for you.  Yes you will need a domain and a ddns service (unless you have a static public IP address).

Alternatives are accessing over wireguard/tailscale or some people even use cloudflare tunnels, latter may be against cloudflares ToS but these options do not require any open ports.

If you search the plex and selfhosted subreddits you will find lots of posts on how to do these things and they will all be a step up from forwarding a port directly to plex.

Nobody?

No, 24.7.3_1 is fine for me after the devs reverted back to earlier versions of dhcpv6. I believe there were upstream freebsd ipv6 issues that haven't been fixed.

My system went down at 02:13 last night, I'm assuming my ISP assigned me a new IP address or ipv6 prefix but it looks like dhcpv6 couldn't cope and failed?

My ISP is BT in the UK so I'm stuck with pppoe at the moment, my log file is attached and I've trimmed it to start at the point of failure if you read it bottom up.

Any ideas?  This was on 24.7 and after a restart I've upgraded to 24.7.1.

Has anyone managed to successfully send emails via smtp2go from monit or cron?

I've had opnsense set up to send emails via google for a while but I'm trying to eliminate app passwords from my google account by implementing smtp2go.  I can send emails via smtp2go from linux command line, cron on my linux server and various dockerised services, but cannot get opensense to send emails from monit or cron, possibly because of the lack of a sender field.

I have smtp2go set up against my domain and it needs to verify user@domian.com as the sender to work in addition to smtp username and password, and most services have a sender field where I can enter this.  However in monit settings for example there isn't a sender field.

I'm currently having problems with unbound and radvd which I'm still diagnosing.  I think my ISP is having ipv6 issues but can't be sure (pppoe connection).

In the meantime I'd like to use monit to monitor and restart these services so that the family can remain online.

I've achieved this for unbound but find the monit documentation impenetrable so struggling to find the correct syntax to check that the radvd process is running.  As as service test I've tried:

Code Select Expand

check process not exist

And various similar strings but cannot get it to work.

For service settings I've identified the pid file and via ssh found a pluginctl command that successfully stops and starts radvd so I just need to sort the service test with some help please.

Recreated the docker container, nothing at all in there about connecting to the OPNSense LAPI on 192.168.1.1 no errors or even confirmation that it's connected

I can access the docker logs yes, anything specific I should be looking for?  The log is pretty big so just wondering what to search for. I'll restart the container now and watch the log, but it's very verbose so no easy to spot issues.

Do your machine statuses update?

OK just tried this, I have restarted the service and the whole router in the last week and it doesn't make a change to the machine statuses sadly. I've also restarted the linux/docker crowdsec instance as well.

I set up the Crowdsec plugin a week or so ago and I connected a docker Crowdsec instance (192.168.1.9 in the screenshot, monitoring caddy, home assistant and journald logs on a linux server) to the OPNSense Crowdsec instance but I'm not convinced that it's working as the last updated was 6 days ago. The external machine has been verified and is registered with crowdsec.net etc.

See the attached screengrab, is this how it's supposed to be?

Both the OPNSense Crowdsec (192.168.1.1) and the linux docker install are both parsing logs based on their cscli metrics but I'm not convinced that the docker Crowdsec is actually influencing the OPNSense bouncer at all and certainly doesn't appear to be updating it?

Just upgraded to 23.7.6 and restarted and unbound did start this time so it's hit and miss, what else can I do to diagnose?

I am running 23.7.5 on a N100/i226 mini PC.  I have a pppoe WAN connection (FTTP BT, UK). At boot the unbound service isn't starting, here are the relevant logs filtering for "unbound":

Code Select Expand


2023-10-12T07:58:32 Error opnsense /usr/local/sbin/pluginctl: The command '/bin/kill -'TERM' '87338''(pid:/var/run/unbound.pid)  returned exit code '1', the output was 'kill: 87338: No such process'
2023-10-12T07:58:32 Notice opnsense /usr/local/sbin/pluginctl: plugins_configure unbound_start (execute task : unbound_configure_do(1))
2023-10-12T07:58:32 Notice opnsense /usr/local/sbin/pluginctl: plugins_configure unbound_start (1)
2023-10-12T07:58:31 Notice opnsense /usr/local/sbin/pluginctl: plugins_configure unbound_stop (execute task : unbound_service_stop(1))
2023-10-12T07:58:31 Notice opnsense /usr/local/sbin/pluginctl: plugins_configure unbound_stop (1)
2023-10-12T07:46:12 Error opnsense /usr/local/sbin/pluginctl: The command '/bin/kill -'TERM' '64293''(pid:/var/run/unbound.pid)  returned exit code '1', the output was 'kill: 64293: No such process'
2023-10-12T07:41:04 Notice opnsense /usr/local/etc/rc.newwanip: plugins_configure newwanip (execute task : unbound_configure_do(,wan))
2023-10-12T07:40:52 Notice kernel <118>Starting Unbound DNS...done.
2023-10-12T07:40:50 Notice opnsense /usr/local/etc/rc.bootup: plugins_configure bootup (execute task : unbound_configure_do(1))
2023-10-12T07:40:50 Notice kernel <118>Starting Unbound DNS...done.
2023-10-12T07:40:49 Notice opnsense /usr/local/etc/rc.bootup: plugins_configure dns (execute task : unbound_configure_do(1))
2023-10-12T07:40:48 Notice opnsense /usr/local/etc/rc.bootup: plugins_configure early (execute task : unbound_cache_flush(1))


I don't have any domain overrides and I am using DNS over TLS for forward to 2x ipv4 upstreams and 2x ipv6 upstreams.

If I start unbound manually it fires right up and works but will fail on next reboot.

OK done, I'm known as "AltyCoder" on github.

Let me know what else I can do to help diagnose.  I wish ISPs would ditch pppoe as it's seems unnecessary when we can switch out our routers and get a connection with simple credentials!

No nothing like that, fairly simple setup

Under WAN interface, ipv4 is set to PPPoE and ipv6 is set to DHCPv6.  Under LAN I have ipv4 set to to static ipv4 and ipv6 set to track interface.

re github, it's weird as I can access the issue I raised via one browser (brave) but not another (firefox).

I'll subscribe to #6671, should I add my logs to that?