Beiträge von Thormir84

version: '3'
services:
  app:
    image: 'jc21/nginx-proxy-manager:latest'
    container_name: nginx-proxy
    restart: always
    ports:
      - '8980:80'
      - '8981:81'
      - '8943:443'
    environment:
      PUID: YOUR-PUID
      PGID: YOUR-GID
      DB_MYSQL_HOST: "db"
      DB_MYSQL_PORT: 3306
      DB_MYSQL_USER: "npm"
      DB_MYSQL_PASSWORD: "MY-PASSWORD"
      DB_MYSQL_NAME: "npm"
    volumes:
      - /srv/dev-disk-by-uuid/PATH-TO-CONFIG:/data
      - /srv/dev-disk-by-uuid/PATH-TO-CERTS:/etc/letsencrypt
  db:
    image: 'jc21/mariadb-aria:latest'
    container_name: nginx-database
    restart: always
    environment:
      MYSQL_ROOT_PASSWORD: 'MY-PASSWORD'
      MYSQL_DATABASE: 'npm'
      MYSQL_USER: 'npm'
      MYSQL_PASSWORD: 'MY-PASSWORD'
    volumes:
      - /srv/dev-disk-by-uuid/PATH-TO-DATABASE:/var/lib/mysql

On your router you need to open ports like this example:

PORT FORWARD:

Public port: 80

Forward to: 8980

Public port: 443

Forward to: 8943

----

Inside NPM:

Proxy Hosts

Add Proxy Host

Domain name: subdomain.yourdomain.xyz

Scheme: http

Forward Hostname / IP: Ip of your container

Forward Port: Port of your container

Block Common Exploits: ON

Access List: Publicy Accessible

----

SSL

Select "Request a new SSL certificate

Force SSL: ON

Click on save, then select "edit" on your new subdomain and check if SSL is "ON"; if not, activate it then save.

Done.

Veeam Agent

I had used this after a hardware's change:

Locate and delete the file called local-kv.db (make a backup first) inside /var/lib/docker/network/files/

Restart the docker's service

Delete and re-deploy all containers

Done.

Zitat von chente

That is interesting. Do you think that would work instead of Wireguard on the host (plugin) to access the pihole container? why would it be like this?

I would really like to know if it works and what is the reason if it works.

I use Tailscale in Docker and the script for MACVLAN, and i can reach Pihole and other containers without problems.

Zitat von rwifislax

This solution worked to have communication between host and macvlan, but it doesn't work when connected over the wireguard VPN. The wireguard interface "wgnet1" has a different subnet Ex. 10.196.1.254/24. I wonder if any routes need to be set for the traffic to reach from the wireguard VPN network to the macvlan IP.

Probably you need to try Wireguard on Docker.

I also use Tailscale (on Docker) that works fine.

Zitat von chente

This procedure is the one described at the end of this section. https://nginxproxymanager.com/guide/#quick-setup

Read the warning about using netplan in OMV. I'm actually not sure if this can create any problem or not. Does it work for you without problems?

I think it would be more appropriate to do this using netplan, but I haven't figured out how to do it yet.

I don't have problems with this script and is only used with VPN; the MACVLAN isn't "exposed" with NPM.

I have edited my first post, because "ip addr add" isn't 192.168.1.0/24 but 192.168.1.X/24 were "X" is a free IP inside the network.

Oh is possible!

Read here:

EXAMPLE:

Your network is 192.168.1.0/24
Your OMV's network adapter is "eno1"

Pihole via MACVLAN is 192.168.1.200

You need to create a script like "macvlan_dummy.sh" or other (the name isn't important) like this:

#! /bin/bash

ip link add macvlan_dummy link eno1 type macvlan mode bridge

ip addr add 192.168.1.99/24 dev macvlan_dummy

ip link set macvlan_dummy up

ip route add 192.168.1.200/255.255.255.255 dev macvlan_dummy

Save the file inside the /root/

Launch: crontab -e

Add this line and save: @reboot /root/macvlan_dummy.sh

Launch: chmod +x macvlan_dummy.sh

Reboot.

Done.


If you want to try this script before, simply copy&paste in the prompt this, without #! /bin/bash:

ip link add macvlan_dummy link eno1 type macvlan mode bridge

ip addr add 192.168.1.99/24 dev macvlan_dummy

ip link set macvlan_dummy up

ip route add 192.168.1.200/255.255.255.255 dev macvlan_dummy

Zitat von chente

If you do that you will have some conflict with your router, since that range overlaps with that of the router. The correct thing to do is to restrict the range of the vlan and the router so that they do not coincide, as explained here. https://wiki.omv-extras.org/do…_the_same_lan_as_the_host

But my router isn't the DHCP's server (i use Pi-hole for that ) and all IP manually assigned at all containers in MACVLAN are far from the range of the DHCP.

For example, my subnet is 172.22.8.0/24.
Pi-hole IP = 172.22.8.1 (MACVLAN)
Router IP = 172.22.8.250
DHCP range = 172.22.8.100 to 172.22.8.120
IP reservation (devices with DHCP on but with a specific IP assigned, associated at its own MAC ADDRESS, outside the DHCP range) = 172.22.8.40 to 172.22.8.80
Devices with static IP = Router (172.22.8.250), OMV (172.22.8.249).

Zitat von BlueCoffee

Why is yours? ip-range is the IP you want for pihole from what ive read.

Ill check it out thanks

The MACVLAN's adapter can be used for different containers at same time, so "ip-range" should be, for example, "192.168.0.0/24" or whatever is your LAN; then, you need to specify the ip for the container directly inside the compose.

Just take a look at line number 7 in the code for the creation of MACVLAN's adapter: "macvlan_home" is only the name of the adapter.

Now, in the compose, see lines 18, 28, 29, 30, 33, 34, 35


NOTE: Why your "--subnet" and "--ip-range" are different?

I had created a MACVLAN's interface using the terminal (putty, for example)

Simply log in as root e copy & paste this:

IMPORTANT:

1. You need to modify "subnet=", "gateway=" and "ip-range=" to match you LAN.

2. Inside the OMV's web interface, under "Network" -> "Interfaces" you can see the name of the device that is necessary for "parent="

docker network create -d macvlan \
    --subnet=192.168.0.0/24 \ #In most cases are the same
    --gateway=192.168.0.1 \
    --ip-range=192.168.0.0/24 \ #In most cases are the same
    -o parent=eno1 \
    -o macvlan_mode=bridge \
macvlan_home #This is the name of the MACVLAN's adapter

Then, this is an example of a stack with the MACVLAN above:

version: "3"


services:
  pihole:
    container_name: pihole
    image: pihole/pihole:latest
    hostname: pihole
    ports:
      - "53:53/tcp"
      - "53:53/udp"
      - "443:443/tcp"
      - "67:67/udp"
      - "80:80/tcp"
    environment:
      TZ: 'Europe/Rome'
      WEBPASSWORD: 'MY_PASSWORD' #Insert your password for admin's web page
      ServerIP: PI-HOLE_IP #Insert here the IP of your Pi-hole container; example: 192.168.0.10
      VIRTUAL_HOST: pihole.home
      PIHOLE_UID: 0
    volumes:
      - '/srv/dev-disk-by-label-DATI/AppData/Pihole:/etc/pihole/'
      - '/srv/dev-disk-by-label-DATI/AppData/Pihole/DNSmasq:/etc/dnsmasq.d/'
      - '/etc/localtime:/etc/localtime'
    cap_add:
      - NET_ADMIN
    restart: always
    networks:
      macvlan_home:
        ipv4_address: PI-HOLE_IP #Insert here the IP of your Pi-hole container; example: 192.168.0.10


networks:
  macvlan_home:
   external: true

I use Veeam works very well!

Index of /.private/deb/

For backup and restore i use Veeam Agent; it works very well and make a lot easier to recover a corrupted installation or disk.

Mmmmm i think that is a little bit incorrect.

Try with the terminal with this command:

docker network create -d macvlan \
    --subnet=172.20.10.0/24 \
    --gateway=172.20.10.1 \
    --ip-range=172.20.10.0/24 \
    -o parent=enx5c857e38f42a \
    -o macvlan_mode=bridge \
macvlan_test

Simply copy-paste all the code inside the terminal.

Zitat von nojohn

Hi,

Im using OMV 6 (updated from v5) with mergerfs plugin, and docker with portainer with somes applications like Plex et jdownloader.

After the lastest update of OMV (i don't remember package list), i have troubles with somes applications on docker. Could you help me?

-Plex logs:

Code

curl: (3) URL using bad/illegal format or missing URL
Unable to claim Plex server. Either manually claim by connecting to http://serverip:32400/web from the same network subnet, or recreate container with a new claim token.
Docker is used for versioning skip update check
[custom-init] No custom files found, skipping...
Starting Plex Media Server. . . (you can ignore the libusb_init error)
Error: Unable to set up server: sqlite3_statement_backend::prepare: disk I/O error for SQL: PRAGMA cache_size=2048 (N4soci10soci_errorE)

Alles anzeigen

Can you post your compose for Plex?

I had used this procedure:

Log in OMV web gui.

Got to "Storage" -> "Software RAID".

Select your RAID with a simple single left-click on it.

Click on the button called "Remove", then select the disk you want to replace, then save.

Shutdown the NAS.

Replace the disk.

Power on the machine.

Log in OMV web gui.

Go to "STORAGE" -> "Disks".

Select the new disk with a single left-click.

Click on the button called "Wipe".

Go to "STORAGE" -> "Software RAID".

Select your RAID (now in degraded state).

Left-click con the "Recover" button.

Select the new disk then save.

Wait for the reconstruction.

Zitat von Logan@78

Buongiorno, perdonatemi se continuò a rompere le scatole ma vorrei configurare il nas nel modo corretto … dopo i codici del DNS mi chiede di impostare il numero di domini utilizzati durante la risoluzione dei nomi host mtu … che numero dovrei metterci? Grazie ancora…. Ps l’errore postato sopra a cosa potrebbe essere dovuto? Grazie

La voce "MTU" io l'ho lasciata come default, cioè "0".

Zitat von Logan@78

Niente alla fine ho deciso di re installare omv sempre su chiavetta… domanda prima di installare un nuovo sistema operativo su chiavetta e configurarlo devo fare qualcosa per poi riassociate i dischi che non formatterò? Scusate l’ignoranza ma son proprio alle prime armi…. Ps allego messaggio di errore che mi compare quasi costantemente e per il quale ho deciso di formattare chiavetta…

Occhio che quell'errore lì, alle volte, non è un problema di OMV ma dei cookies del browser!
Hai provato ad accedere con un browser diverso o dopo la pulizia dei cookies/temporanei o con la modalità "incognito" del browser che usi?

Zitat von auanasgheps

Io ragiono al contrario:

- Tutti i dispositivi sono impostati su "DHCP" (indirizzo automatico)

- Sul router/modem, imposto gli IP che voglio riservare a quel dispositivo.

Io lo trovo più comodo, perché così li ho tutti in un solo posto.

Per alcune cose lo faccio anche io, ma se il DHCP "salta" perdi tutti i dispositivi.