*** Official Ubiquiti Discussion Thread ***
- Thread starter RoyMi6
- Start date
There is nothing like that currently. They are just pure storage so you would need another device for that to work.
Just realised the UNAS Pro 8 won't fit in my cabinet, the 480mm would just about fit if I pull the rails forward 10mm but then there's no room for the power cable or network cables.
Might have to go for the UNAS Pro 7 bay one that's a lot shorter at 325mm
Might have to go for the UNAS Pro 7 bay one that's a lot shorter at 325mm
Last edited:
Was hoping you have posted that AFTER delivery!!! Could have swapped my 2 week old 7bay..
Looking at reviews though and its total overkill for Plex home use
Last edited:
The only difference I can see is 1 less drive, 8gb less RAM, 1 less sfp and no nvme.Was hoping you have posted that AFTER delivery!!! Could have swapped my 2 week old 7bay..
Looking at reviews though and its total overkill for Plex home use
So don't think it's even an issue really.
Hi. So I've bought a domain at porkbun, changed the name servers to CFs in porkbun. Guides say this can take up to 48 hours but most say that say it's a quick process and I've received an email from CF saying it's active. However the import of the DNS records hasn't worked and they're only 3 in porkbun (2 MX and a TXT). And I'm unsure how to add manually, particularly for the A records. Is it a case of I just need to wait longer for the DNS records to propegate as it's a new domain?
Not too sure, sorry. All my domains are registered with CF directly. Usually you just go to your domain DNS menu to add them once CF is authoritative.
Soldato
- Joined
- 3 Jun 2005
- Posts
- 3,341
- Location
- The South
If you're using Cloudflare's Nameservers (NS) then Porkbun becomes your domain (name) registrar only and all DNS records will be edited within Cloudflare via the Dashboard, ie - 'DNS' > 'Records'.
You can then use a site like https://dnschecker.org to keep an eye propagation of various DNS records on a domain.
Thanks, that's how I was following it but unsure how to populate the A records if doing manually. Have tried a few DNS checking sites including DNS checker - no records found across the board.
Edit - derp. I don't have a host, just a domain. Assume that might be issue....
Edit - Hhhmm not one guide mentions having a host, just needing the domain so maybe not?
Last edited:
Caporegime
- Joined
- 7 Apr 2008
- Posts
- 25,925
- Location
- Lorville - Hurston
What about using tailscale? Is that similar?
Not too sure as I don't know much about Tailscale. My understanding is that it uses Wireguard VPN under the hood, so clients would need configuring to be allowed to access the resources?
Whereas with CF Zero Trust there's no requirement to configure clients or anything else tbh once it's setup.
Caporegime
- Joined
- 7 Apr 2008
- Posts
- 25,925
- Location
- Lorville - Hurston
Ahh right ok.
Yes with tailscale u need to configure clients to use tailscale vpn. Which is easy for Windows Mac and smartphones as there is a app that does it with a few clicks
Yeah I have tailscale running on my phone for my immich server, fairly easy to setup but not ideal once I want to add family members on. Works well for the limited use case I have.
A lot of appeal in CF Zero Trust solution, once I get passed the first hurdle
.
A lot of appeal in CF Zero Trust solution, once I get passed the first hurdle
.Ultimately I would say that Tailscale is more secure, with CF Zero Trust there's an element of services being exposed if someone can guess the DNS name. However everything is protected still by standard CF toolset.
Having my mum as an example configuring a VPN on her devices is a no go, but she can simply sign into Plex and consume the services. Every other service I use when away from home I use a standard Wireguard VPN access method.
Having my mum as an example configuring a VPN on her devices is a no go, but she can simply sign into Plex and consume the services. Every other service I use when away from home I use a standard Wireguard VPN access method.
I think its worth mentioning that using Cloudfare tunnels for serving video and other large files which are not already hosted on their platform is against thier ToS. It works, just perhaps dont rely on it as a long term solution if CF were to ever start enforcing.
This is covered in the blog post I linked to a few days ago. TLDR is if you bypass cache for the Plex/Emby etc hostname then there's nothing explicitly called out in their ToS that disallows it.
On free CF tier you can also setup some additional WAF rules or policies for services exposed via a CF tunnel to give extra security should somebody find your DNS endpoint.
Seems to be a couple of places in the CF dashboard where you can do it but it can be as simple as IP based access or even just providing a specific e-mail address to a CF auth challenge. I've had it working using mTLS, so the client needs a custom SSL certificate installing. When you try to access your public FQDN, your browser asks which SSL to use for authentication.
mTLS with Application Security
To generate and use your own CSR, you can run a command like the following:
developers.cloudflare.com
I can't compare it to the user experience of Tailscale / Wireguard based access as I've not tried them. I'd expect that some applications might not like the CF options when compared to opening a VPN, then starting an application / service.
Caporegime
- Joined
- 7 Apr 2008
- Posts
- 25,925
- Location
- Lorville - Hurston
Just grab your mums phone or remote connect to it and install tailscale app, job done