More > JRiver Media Center 26 for Linux
Docker Container for JRiver Media Center 26
HaWi:
Thanks Max! This is very helpful. With my latest changes to the firewall and closing all unnecessary ports on my router, I haven't seen a single attempt coming through for >24 hours.
EDIT: I realized that I could NOT fwd ports 5800/5900 and still get local access to the UI via a browser which is all I need.
I will look into SECURE_CONNECTION, as long as it doesn't break JRemote access, as this is the only app I use to access the library remotely.
In case I wanted to change the default VNC ports I know how to forward them from my router but I am unsure how to tell the container since I am running in host mode. Would I have to switch to bridge mode? Or could I just change the remote port and fwd to 5800, for example.
Your are right, of course, the number of combinations is huge, even for 6 characters. JRiver assign a unique, random VNC password for every installation, so worries are unfounded. I also have 3-2-1 backups, so if anything nasty should happen, I should be OK.
Thank you so much again, Max, for giving us the opportunity to run MC on a NAS.
cheers,
Hans
max096:
--- Quote from: HaWi on August 07, 2020, 03:29:58 pm ---EDIT: I realized that I could NOT fwd ports 5800/5900 and still get local access to the UI via a browser which is all I need.
I will look into SECURE_CONNECTION, as long as it doesn't break JRemote access, as this is the only app I use to access the library remotely.
--- End quote ---
It does not impact MC in any way. VNC is just the remote desktop server running in the container. When you go to the website at :5800 thatīs the novnc webui (which is just a client for the VNC Server running on the web, so youīd see an access from 127.0.0.1 in the docker logs when you use the webui, no matter from where you do that). Otherwise, youīd use a program such as https://www.realvnc.com/en/connect/download/viewer/ or http://www.karlrunge.com/x11vnc/ssvnc.html and access the "desktop" that way using port 5900. If you donīt do that ever. You might as well block 5900 entierly.
About the SECURE_CONNECTION this itīs just another environment variable. Remember how you set the USER_ID thing. Do the same thing except this one is just on or off. So 1 would be on. When you access your browser it will then tell you "this is not a secure connection" (or something similar to that, ironically). This is because you created your own certificate (or the container did anyways on first startup with that flag). You are not an authorized certificate provider that sells certificates. So your certificate isnīt trusted automatically. Itīs used to make https work, so you actually have an encrypted connection. This is a lot better than not having https/ssl.
--- Quote from: HaWi on August 07, 2020, 03:29:58 pm ---In case I wanted to change the default VNC ports I know how to forward them from my router but I am unsure how to tell the container since I am running in host mode. Would I have to switch to bridge mode? Or could I just change the remote port and fwd to 5800, for example.
--- End quote ---
What i was suggesting is to forward port 8083 on your router to port 5900 on your NAS. So, then if you where outside your local lan youd have to use :8083 for VNC instead of 5900 inside your Lan still 5900. It does not make the VNC server disappear entierly, but it does make it harder to discover.
--- Quote from: HaWi on August 07, 2020, 03:29:58 pm ---Your are right, of course, the number of combinations is huge, even for 6 characters. JRiver assign a unique, random VNC password for every installation, so worries are unfounded. I also have 3-2-1 backups, so if anything nasty should happen, I should be OK.
--- End quote ---
Youīre probably talking about the 6 digigs access key in Media Center (now I also know where you got the idea from that there would be a limit for the lenghts...). Thatīs not your vnc password. Nobody tried to access media center in the PDF you sent. And nobody really wants to do that either (at least it would surprise me). They donīt know the "desktop" they are trying to get into is literally just media center without anything else running. It could be any machine, like a Windows desktop where you can encrypt random peoples harddrives and then send them emails to pay you xyz money so that you supposedly unencrypt it again (maybe). It all does not really apply here. This is bearly even a working desktop and the only program is MC. As I laid it out earlier whoever is or was trying to get into it would be very disappinted when he acutally sees whatīs there. A whole lot of nothing. If they wanted songs they could just pirate them it would be much easier than trying to get into random peoples media libraries.
HaWi:
Thank you, Max!
Now I understand better how it works. I had no idea that the VNC Access Key is not the VNC password because the Access Key is what I plug in every time I open the UI on the browser. Also, I only need to access the webui locally so I have removed both 5800 and 5900 from my router.
One more question, to update the container, do I just download the latest image and then re-run the script I originally used to install the container or is there a way to just update from the new image?
cheers,
Hans
max096:
--- Quote from: HaWi on August 08, 2020, 11:07:34 am ---One more question, to update the container, do I just download the latest image and then re-run the script I originally used to install the container or is there a way to just update from the new image?
--- End quote ---
Yes, thats how I would recommend you do it with this image.
--- Quote from: HaWi on August 08, 2020, 11:07:34 am ---Now I understand better how it works. I had no idea that the VNC Access Key is not the VNC password because the Access Key is what I plug in every time I open the UI on the browser. Also, I only need to access the webui locally so I have removed both 5800 and 5900 from my router.
--- End quote ---
Maybe I got lost here as well. The one you enter into the webui is indeed the vncpassword. But you also said that it is random for every media center installation and that itīs limited to 6 characters. Both of those things are not true for the vncpassword, but would be if you are talking about the access key media center creates. You defined the vncpassword when you created the container, you choose it with any lengths you want. The access key is this thing https://wiki.jriver.com/index.php/Access_Key and has nothing to do with VNC.
HaWi:
Thanks Max, that makes sense. My faulty assumption was that the VNC password had to be the VNC Access Code, so thats what I put as the VNC password. Now I understand that I can put anything as the VNC password. I will change that, next time I update.
Navigation
[0] Message Index
[#] Next page
[*] Previous page
Go to full version