Posts by Thormir84

Allora, tieni presente che il raid1 serve per questione di "high availability", nel senso che se ti si rompe un disco, subentra l'altro che contiene una copia 1:1 di ogni cosa, senza che il sistema vada offline.

Ovviamente, se prendi un virus o cancelli roba per sbaglio, la perdi istantaneamente su entrambi i dischi; per evitare queste situazioni, è consigliabile avere un ulteriore disco o raid (se possibile) sul quale confluisca il backup del raid principale.

Per quanto riguarda il backup delle foto dei cellulari, conviene installare Docker e il container di Immich (con relativa app per Android e iOS), che è un bomba.

If you need to create a certificate for a container with MACVLAN, you need (for the first request but not for renew) to redirect port 81 (i don't know why, but it works).

I don't know if this works for your problem with port 80, but you can try.

IMPORTANT: Close port 81 immediately after the test, or your NPM will be public accessible.

Use Tailscale inside Docker

services:
  tailscale:
     image: ido1990/tailscale-docker:latest
     container_name: tailscale
     network_mode: bridge
     cap_add:
       - NET_ADMIN
     environment:
       - ROUTES=YOUR_SUBNET/24
       - AUTHKEY=
     volumes:
       - /PATH_TO_TAILSCALE_CONFIG:/tailscale
     restart: always

Go to https://login.tailscale.com/

Create an account.

Go to "Settings" -> "Key" (under "Personal Settings", bottom left)
Generate Auth Key (for AUTHKEY in the stack).
Install the Tailscale's client for your system (Linux, Windows, MacOS, Android).

Si potrebbe provare a fare un cluster con Proxmox e virtualizzare OMV.

Quote from daschmidt1994

Have you also ZFS and the pve Kernel installed?

Kernel: Linux 6.8.12-1-pve

I don't use ZFS, but it has nothing to do with the system disk.

I still have a friend who uses Veeam and uses ZFS for storage.

I did some tests on different OMV installations (I have 6 in all).

The correct procedure to install Veeam is:

1. Download the veeam-release file from the site (Veeam Software for Enterprise) and copy it to the root folder

2. Launch, from the terminal, the command dpkg -i ./veeam-release* && apt-get update

3. Launch the command apt install veeam blksnap

On all the machines tested, the installation was always successful, as well as the backups

Connecting to Veeam Software Repository

Screen 1

Screen 2

Veeamsnap module seems to be missing.

Try this other procedure:

First of all, uninstall Veeam with: sudo apt remove veeam

From the terminal, at this point: apt reinstall veeam blksnap

Quote from daschmidt1994

have you choos the entire machine or the volume level backup?

Volume level.

Quote from daschmidt1994

Thormir84 have you already successful restored with veeam?

When yes have you a quick how to?

I tried it with dd fsarchiv but my restore never worked.

Yes, once for a breakdown and a couple of times for a disc change.

To install the agent you need to go here: Connecting to Veeam Software Repository - Veeam Agent for Linux User Guide

Once the installation is finished, from the terminal, launch the "veeam" command and set the scheduled backup

Wait a moment:

Quote

set the upstream DNS Server of my Pihole to 192.168.XXX.1 (Pihole >> Settings >> DNS >> Upstream DNS Servers)

AND:

Quote

Also you said:

Quote

my Fritzbox 6690 Cable

my android Smartphone

my Windows 11 Notebook for Ethernet and WLAN

So just to confirm all three of those devices are using the 192.168.178.50 as a DNS?

---

Quote

So just to confirm all three of those devices are using the 192.168.178.50 as a DNS?

And all three devices can reach that IP on the LAN?

Display More

BUT:

Quote

Yes, all this devices uses 192.168.178.50 as DNS. And I can access 192.168.178.50/admin (Pihole).

So, Pihole is your DNS server; Pihole itself use your router as DNS server but your router uses Pihole as DNS server.

Who resolve who?

Portainer, by default, is on port 9000.

This is my compose, that works fine:

version: "3"

services:
  pihole:
    container_name: pihole
    image: pihole/pihole:latest
    hostname: pihole
    ports:
      - "53:53/tcp"
      - "53:53/udp"
      - "443:443/tcp"
      - "67:67/udp"
      - "80:80/tcp"
    environment:
      TZ: 'Europe/Rome'
      WEBPASSWORD: 'MY_PASSWORD'
      ServerIP: 172.22.8.1
      VIRTUAL_HOST: pihole.casa
      PIHOLE_UID: 0
    volumes:
      - '/srv/dev-disk-by-label-DATI/AppData/Pihole:/etc/pihole/'
      - '/srv/dev-disk-by-label-DATI/AppData/Pihole/DNSmasq:/etc/dnsmasq.d/'
      - '/etc/localtime:/etc/localtime'
    cap_add:
      - NET_ADMIN
    restart: always
    networks:
      macvlan_casa:
        ipv4_address: 172.22.8.1

networks:
  macvlan_casa:
   external: true

version: '3'
services:
  app:
    image: 'jc21/nginx-proxy-manager:latest'
    container_name: nginx-proxy
    restart: always
    ports:
      - '8980:80'
      - '8981:81'
      - '8943:443'
    environment:
      PUID: YOUR-PUID
      PGID: YOUR-GID
      DB_MYSQL_HOST: "db"
      DB_MYSQL_PORT: 3306
      DB_MYSQL_USER: "npm"
      DB_MYSQL_PASSWORD: "MY-PASSWORD"
      DB_MYSQL_NAME: "npm"
    volumes:
      - /srv/dev-disk-by-uuid/PATH-TO-CONFIG:/data
      - /srv/dev-disk-by-uuid/PATH-TO-CERTS:/etc/letsencrypt
  db:
    image: 'jc21/mariadb-aria:latest'
    container_name: nginx-database
    restart: always
    environment:
      MYSQL_ROOT_PASSWORD: 'MY-PASSWORD'
      MYSQL_DATABASE: 'npm'
      MYSQL_USER: 'npm'
      MYSQL_PASSWORD: 'MY-PASSWORD'
    volumes:
      - /srv/dev-disk-by-uuid/PATH-TO-DATABASE:/var/lib/mysql

On your router you need to open ports like this example:

PORT FORWARD:

Public port: 80

Forward to: 8980

Public port: 443

Forward to: 8943

----

Inside NPM:

Proxy Hosts

Add Proxy Host

Domain name: subdomain.yourdomain.xyz

Scheme: http

Forward Hostname / IP: Ip of your container

Forward Port: Port of your container

Block Common Exploits: ON

Access List: Publicy Accessible

----

SSL

Select "Request a new SSL certificate

Force SSL: ON

Click on save, then select "edit" on your new subdomain and check if SSL is "ON"; if not, activate it then save.

Done.

Veeam Agent

I had used this after a hardware's change:

Locate and delete the file called local-kv.db (make a backup first) inside /var/lib/docker/network/files/

Restart the docker's service

Delete and re-deploy all containers

Done.

Quote from chente

That is interesting. Do you think that would work instead of Wireguard on the host (plugin) to access the pihole container? why would it be like this?

I would really like to know if it works and what is the reason if it works.

I use Tailscale in Docker and the script for MACVLAN, and i can reach Pihole and other containers without problems.

Quote from rwifislax

This solution worked to have communication between host and macvlan, but it doesn't work when connected over the wireguard VPN. The wireguard interface "wgnet1" has a different subnet Ex. 10.196.1.254/24. I wonder if any routes need to be set for the traffic to reach from the wireguard VPN network to the macvlan IP.

Probably you need to try Wireguard on Docker.

I also use Tailscale (on Docker) that works fine.