There is no such support in the plugin today. Personally I've made a similar setup as you want to achieve manually using the macvlan network driver. For those containers I'm not using the plugin... Additionally there is a docker openvpn image I'm using that relies on iptables to make sure all traffic on specific containers are forced via the vpn tunnel. Not sure if my setup really marches your requirements but let me know if you want more details.
By the way, adding support for user specific networking is probably quite complex and not something I will be able to fix unfortunately. It is on the top of my own wishlist though
Just to clarify, I'm not using macvlan with vlan trunking, but rather to give the containers their own layer2 access and providing them with their own IP numbers on the same network as my docker host. I have multiple vlans in my network but haven't had the need to isolate the containers on that level yet.
Yes, I actully got around to doing this manually myself.. short hint for people who need this:
Create the network (do not create the .30 interface! docker does this for you.)
Then just fire up dockers as you need, every container needs to have its own ip and there will be no need to exposing ports as all of the container ports gets exposed (exposing ports is also not supported by macvlan).
Obviously this requires an trunked vlan 30 on eth0...
Why are you setting this in options? This seems to be the problem.
Ah yes, that was the problem indeed.
I used to use this cause it helps formatting df output;
Happy christmas everyone.
Yesterday I got around to reinstalling OMV to 3.0.57 and setting up mergefs with a bunch of drives, but whenever I navigate the web ui where it maps the mergefs mountpoint (eg. in NFS, Samba or Docker plugins) I get the following errorCodeexception 'OMV\Exception' with message 'Couldn't extract an UUID from the provided path 'xfiles'.' in /usr/share/php/openmediavault/system/filesystem/backend/mergerfs.inc:80#0 /usr/share/php/openmediavault/system/filesystem/backend/mergerfs.inc(58): OMV\System\Filesystem\Backend\Mergerfs::extractUuidFromMountPoint('xfiles')#1 /usr/share/php/openmediavault/system/filesystem/filesystem.inc(908): OMV\System\Filesystem\Backend\Mergerfs->getImpl('xfiles')#2 /usr/share/openmediavault/engined/rpc/sharemgmt.inc(156): OMV\System\Filesystem\Filesystem::getImplByMountPoint('/media/e5663f53...')#5 /usr/share/php/openmediavault/rpc/rpc.inc(84): OMV\Rpc\ServiceAbstract->callMethod('enumerateShared...', Array, Array)#6 /usr/sbin/omv-engined(516): OMV\Rpc\Rpc::call('ShareMgmt', 'enumerateShared...', Array, Array, 1)
My fstab looks like thisCodeUUID=ecd148be-ca29-4789-97d9-3ec18e6a93a6 /media/ecd148be-ca29-4789-97d9-3ec18e6a93a6 ext4 defaults,nofail,user_xattr,noexec,usrjquota=aquota.user,grpjquota=aquota.group,jqfmt=vfsv0,acl 0 2UUID=3b6cb615-7e08-4513-b189-eb87479c31ea /media/3b6cb615-7e08-4513-b189-eb87479c31ea ext4 defaults,nofail,user_xattr,noexec,usrjquota=aquota.user,grpjquota=aquota.group,jqfmt=vfsv0,acl 0 2UUID=671f6948-8f66-4f7f-bd60-c6374cc2f637 /media/671f6948-8f66-4f7f-bd60-c6374cc2f637 ext4 defaults,nofail,user_xattr,noexec,usrjquota=aquota.user,grpjquota=aquota.group,jqfmt=vfsv0,acl 0 2UUID=64265307-6cb2-4e92-bbcc-c034fa7931b2 /media/64265307-6cb2-4e92-bbcc-c034fa7931b2 ext4 defaults,nofail,user_xattr,noexec,usrjquota=aquota.user,grpjquota=aquota.group,jqfmt=vfsv0,acl 0 2UUID=64c9b022-c3a0-43dd-9aed-e576c097c093 /media/64c9b022-c3a0-43dd-9aed-e576c097c093 ext4 defaults,nofail,user_xattr,noexec,usrjquota=aquota.user,grpjquota=aquota.group,jqfmt=vfsv0,acl 0 2/media/ecd148be-ca29-4789-97d9-3ec18e6a93a6:/media/671f6948-8f66-4f7f-bd60-c6374cc2f637:/media/3b6cb615-7e08-4513-b189-eb87479c31ea:/media/64265307-6cb2-4e92-bbcc-c034fa7931b2:/media/64c9b022-c3a0-43dd-9aed-e576c097c093 /media/e5663f53-d5dd-4f44-92f1-da22b39e5d17 fuse.mergerfs defaults,allow_other,direct_io,use_ino,fsname=xfiles,category.create=mfs,minfreespace=4G 0 0
Anyone with any ideas as to why this is happening? or is it a bug?
Any news on this? Proxmox and OMV on the same host (side by side) would be a big win for me.
Ok so I think I understod you correctly, steps to fix my issue
- Remove omv letsencrypt plugin
- delete /etc/letsencrypt and /opt/letsencrypt
- Install omvletsencrypt plugin
- Regenerate certs with plugin (do not enable test option!)
- (Optional) change certs for webUI, and if you got nginx websites plugin enabled
This fixed it for me atleast
please stop all the references of the certificate in your system , then generating a new certificate.
bitte stoppe alle Referenzierungen des Zertifikates in Deinem System, dann generiere ein neues Zertifikat.
Please elaborate, what do you mean? Remove the "old" certs?
Well getting this error now;Code
Running from CLI:Code
I'm trying to reverse proxy the WebUI of OMW but can't seem to get it to work properly,
For now I have
And this gets me a blue screen with no login. So this tells me I need to rewrite urls in the pages since when I look at the html source some dependencies are still hardcoded to the root url / (/extjs, /images and some more)
Anyone got around this?
According to https://letsencrypt.github.io/acme-spec/#simple-http one could when doing the acme-challenge set tls to true and that would make the letsencrypt server challenge over httpsQuote
/* Signed as JWS */
So if one could do that (with the plugin) you could then via the nginx websites plugin set up an default landing page with https (and change the letsencrypt webroot to wherever landing page's root is)
How about that? No need for SNI proxy.
PS: This is a feature request (acme-challenge over HTTPS instead of HTTP)
Dont know which update gave me this but,Quote
Generating New Certificates
Getting certificates from /etc/letsencrypt/live/****.com/
Updating letsencrypt and virtual environment dependencies...You are using pip version 7.1.2, however version 8.0.2 is available.
You should consider upgrading via the 'pip install --upgrade pip' command.
Requesting root privileges to run with virtualenv: /root/.local/share/letsencrypt/bin/letsencrypt certonly --webroot -w --text --keep-until-expiring --agree-tos --expand --email email@example.com -d ****.com -d www.****.com
letsencrypt-auto [SUBCOMMAND] [options] [-d domain] [-d domain] ...
The Let's Encrypt agent can obtain and install HTTPS/TLS/SSL certificates. By
default, it will attempt to use a webserver both for obtaining and installing
the cert. Major SUBCOMMANDS are:
(default) run Obtain & install a cert in your current webserver
certonly Obtain cert, but do not install it (aka "auth")
install Install a previously obtained cert in a server
revoke Revoke a previously obtained certificate
rollback Rollback server configuration changes made during install
config_changes Show changes made to server config during installation
plugins Display information about installed plugins
letsencrypt: error: argument -w/--webroot-path: expected one argument
ERROR: The params argument is no valid JSON
Applying Configuration Changes
I'd like to move the webroot (/) to something like /omw or /openmediavault and use / for other stuff. As I'm using the plugin let's encrypt I'm forced to have /.well-known/acme-challenge/* available for when ssl cert is renewed
What I'm trying to say is, how do I move webroot without messing up future upgrades? I'm used to nginx and have set it up several times before, but I'm not to fimiliar with the inner workings of OMW
I noticed there are two nginx plugins available, might I use these for this purpose; and if so, how?
What version of mergerfs?Quote
joel@dunder:~$ mergerfs -v
mergerfs version: 2.9.1
FUSE library version: 2.9.5
fusermount version: 2.9.5
using FUSE kernel interface version 7.19
(fuse and libfuse backported from sid because of bug in libfuse 2.9.0 which made libfuse segfault)
Here's one from me (without direct_io)Quote
joel@dunder:~$ dd if=/dev/zero of=/media/xfiles/lol bs=10G count=5 conv=fdatasync
dd: warning: partial read (2147479552 bytes); suggest iflag=fullblock
0+5 records in
0+5 records out
10737397760 bytes (11 GB) copied, 80.7537 s, 133 MB/s
Anyone else besides me seeing crashes with mergerfs? I'm pretty sure it boils down to high I/O but need to gather some logs
https://github.com/trapexit/mergerfs/issues/188 (trapexit thinks it's related to libfuse or kernel as they're somewhat dated in Wheezy)
When enabled I get the following error from daily cronjob,
The fail2ban plugin is enabled but obviously not running, does the plugin actually start the service? (solved this by starting the service manually)
I keep getting this (notified by mail)
Doesn't the plugin setup correct permissions? I solved this manually but thought I'd let you know
Nope. Only filesystems. Do you have an n/a filesystem?
Yeah, I did (one drive which was/is damaged was listed as N/A and still in the array)
I fixed the issue by going to File Systems and removed the N/A device. Then in terminal I did
Now it works as expected