Posts by jata1

    OK so next we really need to see your wireguard logs from the OMV plugin. I don't use this plugin. Careful if these logs have something sensitive such as your wan ip or wireguard keys etc. I have no idea,


    I will be of limited help with your wireguard setup but I will try. Others in the community might see something.


    I think you are going a tricky direction using wireguard to access home assistant. You are limited to only having access remotely with a single client and you need wireguard app/on for it to work.


    I can show you how to get home assistant working with a reverse proxy (swag) with adguard etc etc... Maybe look into this at the same time as fixing wireguard. Then you have two options and you can use the one you prefer?

    I have used both pihole and adguard. I use adguard as I prefer it but both do the same thing so it’s a personal choice.


    You have adguard running in a docker so you shouldn’t need to reinstall omv.


    Stop adguard. Change dns settings on your router to something that works (8.8.8.8). Change your client to use router dns.


    Then check this is working. Then try WireGuard again.

    I can’t help too much with your WireGuard setup as I have it setup differently.


    Overall, I’m not sure vpn it’s the best solution for remote access to home assistant.


    If I were you (and I have been in your situation) I would start simple and then add additional capability/security. My advice:


    Adguard on docker bridge network

    Port forward router tcp 8123 to your HA setup

    Check HA works on lan and remote


    Now you have a working system, secure and improve it.


    Get a duckdns ddns account (or cloudflare etc)

    Research a docker called swag. Get this working with duckdns.


    Once you have swag, you can reverse proxy home assistant and any other service on your network.




    It really depends on use case. That’s why I asked the OP.


    I like using reverse proxy to access home assistant remotely from any client at any time. No vpn client needed.


    I have setup Plex to work in the same way. No need to use upnp that opens a port.


    Both are set and forget examples.


    I do have wireguard setup on my router. I use it occasionally if I’m away from home and really need to access my entire network (and I have my laptop with WireGuard client with me)

    Just thinking a little more about your issue and I think it is related to using wireguard to access your omv server?


    Can you clarify why you are wanting to do this using a vpn? What is your overall goal with this config?


    Im asking as vpn are great but not the only way to access network services over the interweb. I have found secure reverse proxy to work really well and are easier to maintain and extend etc.

    I did a test and I see where the problem is - the container needs a volume for config - see below example


    for rpi there is a preinstall script that needs to be run before the main install script. This will fix an issue with the network config.


    You can fix this manually if it is the issue (not sure from the error message)

    eherle


    I don't use mariadb but it looks like you have created a volume called 'data' and mapped this to /var/lib/mysql inside the container.


    Is this really where your camera data is? That seems weird to me.


    I would start the container without any volumes at all mapped. Then look at OMV GUI for Containers to see what is created by the container as default.


    Once you know what the volumes the container needs (if any), you can start to get it all fixed.


    I always map volumes to a local folder so you can more easily see what is going on.


    e.g.


    Well this explains why it is working using 1001:100 as this is a real account on your system probably with permission to read/write.


    And nope - containers do not automatically use the appuser account. Most containers have environment variables that need to be configured.


    There is not much more you really need to do but if you have issues with read/write permissions on the folders that you are creating for docker volumes (e.g. /appdata/node-red) you might just need to update the permissions (folder/file level) using chown.


    Note: Use chown -R with caution as it will change ownership all files and directories recursively. It won't delete anything but can cause bug issues (e.g. if you change the owner of OS files)


    You can actually use the GUI to chown - from the shared folder page of the GUI - It is known as ACL (access control list) - but don't use this unless you really need to. It's safe to have a look (but don't save changes) as you can get a better idea of the folder/file level permissions in your /appdata folder.


    Good luck.

    Good that it worked for you but...


    You really need to change 1000:100 to the GUID and GPID of your normal docker user account. You should try to use a dedicated account for all your containers (where possible). For security and reasons mainly. But it is up to you.


    When you create or view users in the OMV GUI, you can add the columns to the view in the dashboard to see the IDs - see below.


    Then you just make sure that your appdata directory/folder is also setup so that your 'docker' user account has read/write access.



    all good Ghazzawi


    It is quite unusual for such a mature container to not have environment variables for PUID and PGID.


    In my test, I have got nodered working using my usual appuser account permissions. This is probably a cleaner way of doing it as you do not need to play around with setting chown permissions.


    Have fun with nodered! I have linked it with my home assistant setup but i'm too scared to use it properly. haha

    I couldn't help myself and have setup node-red in docker. Working fine. This is what I did. Exactly...


    1. created data folder in appdata and set permissions to appdata:users (using winSCP)



    2. created compose file like this



    3. pulled and then started the container


    4. checked docker logs


    Yep. I don't use node-red so can't help too much. This is what I would do.


    1. remove the user info from the compose file so that nodered is using the standard 1000:1000 user/group

    2. ssh to console and chown the data folder (sudo chown -R 1000:1000 path/to/your/node-red/data)

    3. start container


    post any error after doing this and I will see if I can help further.


    if you are a windows person, I suggest you install winSCP on your PC as it's quite helpful for checking/updating permissions etc.

    I have seen something similar in the past and it was related to the user accounts accessing the shares.


    Everything looked fine but I couldn't connect until I reset the password for the account (you can use the same password - just need to re-enter it in the OMV GUI).


    While you are there (in the user settings in OMV GUI) double check your user has read/write access to the share(s).


    Finally, when trying to access from windows try \\ip_address\share_name