Messages

Perfect.. That's what I was thinking as well..

[what would be the reason]

Have AdGuard Home installed via the mimugmail repo...


If you dont have the mimugmail Elasticsearch plugin installed from the mimugmail repo, what would be the reason why you can't select the native/local Elasticsearch option even though it warns you to do remote?

It looks like you also have mimugmail community repo enabled.
Please be advised that this repo is also serving Elasticsearch and Mongodb packages with their dependencies. In this regard zenarmor and community repositories are not compatible when enabled at the same time. If you would like to continue using both repositories, we advise to install Elasticsearch from the community repository and point zenarmor to this database as a "Remote Elasticsearch" data

Anyone know why the dashboard widget would show the WebGui as down when Im clearly able to use it?





Only log I can find in from the General Log, which I think refers to the acme plugin automation 'restart webgui' maybe:

Code Select Expand

2024-01-25T11:39:34-08:00 Error opnsense /usr/local/etc/rc.restart_webgui:
The command '/usr/local/bin/flock -ne /var/run/lighty-webConfigurator.pid /usr/local/sbin/lighttpd -f /var/etc/lighty-webConfigurator.conf'
returned exit code '255', the output was '2024-01-25 11:39:34:
(/usr/obj/usr/ports/www/lighttpd/work/lighttpd-1.4.73/src/mod_openssl.c.3010) SSL:openssl library
version is outdated and has reached end-of-life. As of 11 Sep 2023, only openssl 3.0.0 and
later continue to receive security patches from openssl.org 2024-01-25 11:39:34:
(/usr/obj/usr/ports/www/lighttpd/work/lighttpd-1.4.73/src/network.c.588)
bind() 127.0.0.1:443: Address already in use'





Thanks in advance

That did it. I changed the AGH https port and that error went away, didnt want to move the admin ui.

On the AGH page the HTTPS port field says:
"If HTTPS port is configured, AdGuard Home admin interface will be accessible via HTTPS, and it will also provide DNS-over-HTTPS on '/dns-query' location."

So it seems the DOH should still work fine?




Thanks!

[Are we able to use the AGH/Settings/DNS Encryption setting in this configuration?]

Are we able to use the AGH/Settings/DNS Encryption setting in this configuration?

Using AGH plugin on 53, Unbound on 53530 w/ DOT to cloudflare.

I have the acme plugin up and running.. Created a cert for AGH.. am pasting fullchain.pem and privatekey.pem but am getting 2 errors:

Code Select Expand

Error: control/tls/validate | port 443 is not available, cannot enable HTTPS on it | 400

and on both key paste entry fields:

Code Select Expand

Status:
    *Certificate chain is invalid




Anyone have this working if even possible?

Yes that was  typo.. edited to correct..

ok will use 53530.. Thanks

I want to use Unbound in resolve mode and have AGH use unbound as its dns server.

Doesn't seem that this guide does that? Or am I missing something?

EDIT:

I think is how you do it correct?

Have AGH listening on port 53
Unbound listens on port 5353
AGH uses only a single upstream of 127.0.0.1:5353