In the past yes, but not with this setup. I cannot recall now why I gave that approach up but it did not work as intended. Now, with a modified "ping" command of my fritz box web address I can feed this to the docker cloudflare-ddns compose file and it is now working well. I realised though the command could be done without echo and now it is working after the IP address was changed already once by my ISP. So all stable. Will be looking at moving to IPV6 though...
Ok, I find I have it working again. I switched to a different image for cloudflare-ddns where you can generate the IPv4 address from a custom command. Then I remembered I have a fritz.box address provided by the router company which always tracks my real IP4 address. Using echo and a rather convoluted linux command I could get echo to output the IP address of the fritz.box address which shows my real IP4 address. Now it seems to work. let us wait until the address changes but I am hopeful for now.
Will mark as resolved. Thanks
JACKPOT: oh my god this has caused me a headache. For whatever reason my cloudflare-ddns is not providing to cloudflare the correct IPv4 address. My containers are now back up and running but of course I now need to find out why this is....but god, at least I narrowed it down. Thanks for all your help and suggestions. I will report back once I found the issue with the docker cloudflare-ddns container.
I noticed my public IPv4 is not what my router says is the IP4 address. When I use what the router says it connects with a 404 page not found error. Which at least is a response
I think my ISP told me this some time ago, I just forgot. However, what I find interesting is that my cloudflare-ddns is also reporting the same public IPv4 address. I am starting to wonder if this is what is causing the problem...I will try and replace the DNS with my real IPv4 address as a test.
Ok, so the public IP address approach does not work. Timeout.
I checked the migration logs. All good. I have not changed my Traefik version as I use 2.2.2-rc4
I played around with a few things. I changed the DNS in cloudflare to proxy, not just DNS. Then I got 522 errors. So my request goes out to the net, goes ok via cloudflare and then no request is received back from my origin server. I also cannot curl my domain. I get timeouts. All I have done these last weeks is apply the standard OMV updates, nothing more. Has a firewall issue suddenly arisen? I have yet to try the access logs. So lost and so much time wasted....you think things are finally stable and then this....
On the first point, how could I do this without exposing an insecure dashboard to the internet. Would I need to open for example the standard dashboard port on my router firewall or is there a way I can go over the normal port 80:443 combination in Traefik? Thanks again for all your help.
Thanks, I will give these things a try.
Update: The Traefik dashboard shows no errors. (using IP address for local machine). I have also managed to now get the acme.json file working user the API Token approach rather than API Key. I set logging to debug for Traefik and it checked all domains and subdomains for updates, reported none needed and my acme.json file shows now a valid certificate for my main domain and sub-domains. This all looks normal. Still, even after waiting a while, I cannot access the containers over the internet (from inside my LAN) when I could always do this before.
The cloudflare API Token is working and the DNS challenge works in Traefik so I cannot think it is a DNS issue on the host machine. I am lost as I said before.
Ok, I can now access the dashboard but only via local IP. I will report back tonight on what the dashboard shows. Thanks a lot for this first suggestion.
Thanks for the response. That is the issue, I cannot access the Traefik dashboard to check anything but I was not using my local ip. I will try and check what you said. I believe now my acme.json file is not working as before as under certificates no entry is there. I need to see if I can dig out a backup of the file. In trying to troubleshoot I could have screwed this up but it might have been screwed before. I noticed I need to enable acme logging in my traeffik config file which I will do now and see what errors it generates. I also noticed I have a watchtower error regarding pulling images (it pulls the image but not the first method it tries).
To add one comment, when troubleshooting and changing the API KEY to API TOKEN for Cloudflare Environment variables in Traefik Docker file I had made the mistake of leaving my email and using the Zone ID Token for the CF DNS API Token (I had set the token up so long ago for the Cloudflare-DDNS docker image that I had forgotten the token id is shown only during creation). I now have copied the correct token ID to the docker compose file of traefik, deleted the acme.json file and forced a container recreation. Still, as I had done a few restarts in between and the staging server was not being used, I might have run into rate limits with Letsencrypt which might complicate troubleshooting.
Anyway, just to say that now my Docker compose file for traefik should at least now have the recommend API Token authentication (with two tokens, the DNS change token (ID generated upon original creation) and the Zone ID token (from Cloudflare Overview Tab)).
The log files for the Traefik container, with this new setup show no errors (as before under the old set up..).
I am scratching my head not sure what is going on.
Since about 10 days I cannot access via the web (gui) any of my docker containers that are on the external network of Traefik v2 docker which itself is linked to a Docker Socket Proxy. The lack of access came around the same time I lost the Container Management Gui in the Cockpit provided as part of the OMV Extras Plugin. The containers not accessible are Linuxserver Nextcloud and a Duplicacy Container. I get timeout errors on all web guis of the containers. Command line access is fine.
Details of my configuration:
OMV 5 latest version. Docker latest version (resinstalled via OMV Extras tab on OMV gui)
Running latest kernel
Docker networks setup with IPV4 but not IPV6 support (has never been an issue)
Internet is IPV6 enabled
DNS/certificates is on the docker containers managed via Traefik v2 with Cloudflare DNS
A couple of things I checked/tried:
1) Tried to access through multiple different machines on local network including Windows, Android and Linux - no success
2) checked ping and nslookup and host machine, clients and also in the Nextcloud container itself. All provide responses with both IPV4 and IPV6 addresses reported back.
3) Checked ALL logs of all containers. No strange errors. All are running, all have the right networks etc (and all containers on traefik which are exposed to the web are on the same network).
4) Checked ifconfig on host machine and docker0 appears normal.
5) Adjusted docker-compose file to use API Token instead of API Key for Cloudflare DNS/Traefik setup (as more recently recommended) even though previous configuration works.
6) Added privileged: true to docker socket proxy container (based on https://github.com/Tecnativa/docker-socket-proxy) just in case.
7) Tried the fix relating to libseccomp here https://docs.linuxserver.io/fa…ges-based-on-ubuntu-focal
Rebooted and restarted/recreated all containers and made sure latest versions used.
9) Tried using earlier kernel versions
10) Installed portainer via the web gui for OMV and everything is shown in green for containers. Can see the containers running, can access command line of containers but cannot access via web.....
11) Portainer itself, which is not accessed via Traefik is accessible via the web.
12) On Cloudflare I see no requests reaching my domain, no visits, nothing.
One thing I notice (although this might be normal) is that if I do "docker ps" no port is shown for docker socket proxy even though the correct port is exposed in the docker compose file. Also, if I check which ports the host is listening on, it has multiple entries for docker-pr with the container ports for traefik listening on the standard ports.
Ok, now I really have run out of ideas and it is so frustrating. The system was working perfectly for months.
Any help would be appreciated as I have reached the limits of my troubleshooting skills...
Thanks for the quick answer. I installed already ntfs-3g from the command line some time ago. It originally worked by editing the fstab entries and it did appear to be mounted as ntfs-3g. I do appreciate this is not an ideal situation but the idea of using ntfs was to allow me to use the drive in windows and linux. As it turns out (today I am sick at home so I have some rare time), my back up solution is duplicacy and the developer told me the file permission data is stored in metadata so it does not matter if the filesystem is mounted as ntfs-3g or not. So for my current purpose it should be ok. Thanks again for the great support!
I have also had these Buffer I/O errors. Never happened before but now in 2 days two complete crashes. Yet drives are clean and have run tests. First the errors appeared on sdd (external USB). Now they appear on sde. I cannot believe I have multiple drives failing. Was there an update to OMV 5 on October 27th? My OMV box has been working great but suddenly I get these problems (and this is also why I noticed my fstab settings had changed from OMV 4 to 5 migration - hence 2 posts in 1 day).
Update: I had a flash drive USB stick plugged in for Clonezilla. I think the flashdrive has failed. I just unplugged it and rebooted and had a cleaner looking Dmesg so maybe this was the issue as the other drive is fine. I will report back if I get the same crash without the usb flash drive plugged in. thanks
Hi ryecoaaron. First thanks for all the work you do for OMV. Your posts have saved me numerous times. Kudos and thanks. I was able to migrate succcessfully from OMV 4 to 5 using your tools and it seemed to work perfectly. I had to abondon some plugins but the effort was worth it and Cockpit integration is great. Now my small observation. I have an external NTFS drive which I had previously mounted with NTFS-3G and had amended this in fstab. When I ran the upgrade tools, FSTAB file was replaced and the NTFS-3G mount was replaced by NTFS. This for me is an issue because I use the NTFS drive to make backups and my past experience was that without NTFS-3G permissions were not correctly recorded. Is it possible somehow that a user gets a notification that FSTAB will be replaced during the upgrade. Thanks.
Thanks. I may have cracked it. Despite always having these email errors I decided to see if this was causing the problem and I found this post.
I deleted the maildrop folder and recreated it (manually). The system did not create it for me again like in the post. I then changed the permissions with chmod to 0730 and changed the owner and group to postfix:postdrop using chown. I can now login to the GUI!!!!!
Thanks for responding so quickly. Really appreciate it.
You are a champion. Your post saved me!!!! I changed CHOWN to 0730 and did chmod postfix:postdrop and now I can login to my GUI again!!!! Brillant. Thanks
Regarding the status of PHP7 service, there is always an error regarding "create file maildrop" saying permission is denied. I think I always had these email errors in my syslog and it never stopped me logging into the gui before.
Thanks a lot. I had also done this before but I had tried to restart php5 I think. Anyway, I ran the above commands and still a timeout error. I have also done a SMART check of all drives mounted (no errors). All drives are also mounted.
I am absolutely desperate. I had a hard drive failure in October and spent a month getting everything back up and running. It was running well all November and December. A few days ago I ran a small update via the gui and since then every time I try to log into the web interface it is stuck trying to connect.
I have done the following:
1) checked status of all services related to OMV gui - all ok
2) Checked file system to see if drives filling up - all fine
3) Checked Raid status - fine
4) Increased timeouts in relevant files - more than 480s - this should be enough
5) Cleaned package caches etc
6) Ran OMV-firstaid and checked configuration files - all ok
7) Changed gui interface connection in Omv-firstaid to see if this would help - no difference
I am now totally lost. All services work, all docker packages work, everything works except the gui and I cannot change mount points without it.
Any help to get a working Gui would be great.