Community Apps

Synchronize AdGuardHome config to replica instances. No config file needed, all done via environmental variables. General Settings Filters Rewrites Services Clients DNS Config DHCP Config Theme

Self-hosted anonymous email forwarding

A privacy-respecting, ad-free, self-hosted Google metasearch engine with strong security that offers full API support and utilizes Qwant for images, and DuckDuckGo for auto-complete.

cryptgeon is a secure, open source sharing note or file service inspired by PrivNote. each note has a generated id (256bit) and key 256(bit). The id is used to save & retrieve the note. the note is then encrypted with aes in gcm mode on the client side with the key and then sent to the server. data is stored in memory and never persisted to disk. the server never sees the encryption key and cannot decrypt the contents of the notes even if it tried to. This container was built using SmartPhoneLover's cryptgeon but runs using Redis instead of memcache. Also has extra variables that can be configured. This requires Redis to be already running. I obtained SSL certificate through NGINX proxy manager and let's encrypt.

defguard is a true Zero-Trust WireGuard® VPN with 2FA/Multi-Factor Authentication, as each connection requires MFA (and not only when logging in into the client application like other solutions). This is the core component of defguard, which may required for the other components to work (gateway, proxy)

defguard is a true Zero-Trust WireGuard® VPN with 2FA/Multi-Factor Authentication, as each connection requires MFA (and not only when logging in into the client application like other solutions). This is the gateway component of defguard.

defguard is a true Zero-Trust WireGuard® VPN with 2FA/Multi-Factor Authentication, as each connection requires MFA (and not only when logging in into the client application like other solutions). This is the proxy component of defguard.

Gerbil (https://github.com/fosrl/gerbil) is a simple WireGuard interface management server written in Go. Gerbil makes it easy to create WireGuard interfaces as well as add and remove peers with an HTTP API. Gerbil is meant to enable the tunneling functionality of Pangolin (https://github.com/fosrl/pangolin), the tunneled reverse proxy server and dashboard UI with identity and access control. Chat with us on Discord! https://discord.gg/HCJR8Xhme4

GreenTunnel is a proxy server that bypasses DPI (Deep Packet Inspection) systems found in many ISPs (Internet Service Providers) which block access to certain websites.

Hearchco is a distributed and fast metasearch engine that respects your privacy.

Hearchco is a distributed and fast metasearch engine that respects your privacy.

This docker image will install the latest current stable version of Tor server. It will run Tor as an unprivileged regular user, as recommended by torproject.org. It includes the latest Tor Debian package from torproject.org which is installed and configured according the Tor project recommendations. Additionally it can be run as a hidden bridge using obfs4proxy The Tor network relies on volunteers to donate bandwidth. The more people who run relays, the faster the Tor network will be. If you have at least 2 megabits/s for both upload and download, please help out Tor by configuring your server to be a Tor relay too. INSTALLATION: Create a folder appdata/tor-data/config (this will be used to store the config between restarts) Download sample Config: https://github.com/josh-gaby/tor-server/blob/master/torrc Edit the config as necessary (Configuration details can be found here: https://2019.www.torproject.org/docs/tor-manual.html.en) Put this into the config folder. Create a folder appdata/tor-data/data (this will be used to preserve your relays keys/data between restarts) Edit the docker parameters and run it. https://hub.docker.com/r/joshgaby/tor-server/

A framework- and JavaScript-free privacy respecting meta search engine, giving you results from Google, Qwant, Ahmia and popular torrent sites without spying on you.

A fork of LibreX, a framework- and JavaScript-free privacy respecting meta search engine, giving you results from Google, Qwant, Ahmia and popular torrent sites without spying on you. LibreY changed some features like automatic redirection. See documentation for all available settings: https://github.com/Ahwxorg/LibreY/tree/main/docker#environment-variables-that-can-be-set-in-the-docker-container

Allows you to connect your containers to a dual-stack or even ipv6 only wireguard server. Comes with Privoxy as http proxy (https://www.privoxy.org/) and mircosocks as socks5 proxy (https://github.com/rofl0r/microsocks)

Newt (https://github.com/fosrl/newt) is a user space tunnel client for the Pangolin (https://github.com/fosrl/pangolin) tunneled reverse proxy server. Newt is the entry point that allows you to safely expose your Unraid services to the internet through a reverse proxy tunnel! Chat with us on Discord! https://discord.gg/HCJR8Xhme4

Orbital Sync synchronizes multiple Pi-hole instances for high availability (HA) using the built-in "teleporter". In other words, it performs a "backup" in the Pi-hole admin interface of your primary Pi-hole instance, and then "restores" that backup to any number of "secondary" Pi-holes also via their admin interface. As a result, it supports the synchronization of anything currently supported by Pi-hole's "teleporter". If you have more than one slave instance you can add extra variables for SECONDARY_HOST_2_BASE_URL: SECONDARY_HOST_2_PASSWORD: SECONDARY_HOST_3_BASE_URL: SECONDARY_HOST_3_PASSWORD: If one or all of your pihole instances use a custom path which isn't '/admin' (ie. you are running them behind a reverse proxy) you can specify a custom path with SECONDARY_HOST_X_PATH variable, where X is the slave numer or PRIMARY_HOST_PATH for the primary. There is no web UI for this app, check the logs to see if it has run successfully.

A simple OIDC provider that allows users to authenticate with their passkeys to your services.

This container is a dedicated http/https and SOCKS5 proxy both with authentication support. It's intended usecase is to use it in combination with a VPN container to give your applications outside of your server access to the VPN. If you VPN supports native Wireguard support: 1. Go to the built in VPN Manager in the Settings tab in Unraid 2. Import the configuration vrom your VPN provider 3. Make sure that "Peer type of access" is set to "VPN tunneled access for docker" 4. Change the slider to active 5. Set the network from this container to the wg: network from your provider To connect the container to a already installed VPN container: 1. Set the Network Type in this Docker template to None 2. Enable the Advanced View on the top right corner from this Docker template and append: --net=container:CONTAINERNAME To the Extra Parameters (you have to change CONTAINERNAME to the VPN Docker container name eg: --net=container:binhex-delugevpn when the VPN Docker container name is binhex-delugevpn - case sensitive!). 3. Go to the VPN Docker template and create two new port mappings with the button Add another Path, Port, Variable, Label or Device, by default 8118 (for http/https proxy) and 1030 (for SOCKS5 proxy) both TCP protocol and with host/container port set to the same port. 4. When you've done that you can connect the application(s) to the proxy to the host IP from the VPN Docker container, by default with 8118 (for http/https proxy) and 1030 (for SOCKS5 proxy) Note for Firefox and Chrome: Firefox and Chrome natively don't support authentication for a SOCKS5 proxy, it is recommended to use a extension like FoxyProxy supports authentication). URL encode: If you are using a password with special charcters and want to use the http/https proxy system wide, the container ships with urlencode to convert your password to a URL compatible format. Just open up a terminal from the container, issue urlencode and follow the prompts. The container uses dumbproxy and socks5 (both written in golang) as a backend to serve http/https and SOCKS5 proxy.

Dockerized Signal Messenger REST API This project creates a small dockerized REST API around signal-cli. Useful for Apprise! At the moment, the following functionality is exposed via REST: Register a number Verify the number using the code received via SMS Send message (+ attachments) to multiple recipients (or a group) Receive messages Link devices Create/List/Remove groups List/Serve/Delete attachments Update profile and many more

Small TOR and Privoxy container with just 8 MB

SSH to your config folder (/mnt/user/appdata/unifi-cam-proxy) Run: openssl ecparam -out /tmp/private.key -name prime256v1 -genkey -noout openssl req -new -sha256 -key /tmp/private.key -out /tmp/server.csr -subj "/C=TW/L=Taipei/O=Ubiquiti Networks Inc./OU=devint/CN=camera.ubnt.dev/[email protected]" openssl x509 -req -sha256 -days 36500 -in /tmp/server.csr -signkey /tmp/private.key -out /tmp/public.key cat /tmp/private.key /tmp/public.key > client.pem rm -f /tmp/private.key /tmp/public.key /tmp/server.csr to create an cert for your cam. Get a token: https://{NVR IP}/proxy/protect/api/cameras/manage-payload Modify the Post Parameters to your needs. (check documentation)

Why this template? Because I've been struggling for a few months to use the integrated version of WireGuard on unRAID but it never worked for me and from what I've seen I'm not the only one with this problem. The complete list of possible configurations can be found on the Linuxserver.io website. The easiest way to access the peers list is by accesing config folder via SMB. For PUID & PGID run "id user'' on terminal against the user which is used for smb authentication in the network. Port: default 51820 but it is strongly recommended to be changed. Do not forget that this port must be port forwarded on your router.

ZNC is an IRC network bouncer or BNC. It can detach the client from the actual IRC server, and also from selected channels. Multiple clients from different locations can connect to a single ZNC account simultaneously and therefore appear under the same nickname on IRC. It supports Transport Layer Security connections and IPv6. DEFAULT CREDENTIALS: Username: admin Password: admin