Beiträge von davidh2k

The traefik learning curve can be high at first. Even I had to wrap my head around it for quite some time. But when you have it set up, its a breeze. Cert management at its best, especcially when you use the DNS authentication, which is superb, especially for your typical broadband connection with dynamic IP assignment.

Edit: Scrolling through the guide a bit. You can use

mkdir -p /path/to/new/folders

instead of

mkdir /path/to/new

mkdir /path/to/new/folder

Zitat

It's important to add that LetsEncrypt only supports wildcard domains (i.e. *.yourdomain.com) - and if you have (or plan on having) many containers, and you want to reference them by machine name, ala container.yourdomain.com - you will need wildcards - and therefore you'll need a DNS provider that supports the LetsEncrypt ACME API.

That statement is not completely correct. Letsencrypt only allows for specific domains to be assigned with a cert- this includes subdomains in particular. - So I wouldn't write *.yourdomain.com but rather something like service1.yourdomain.com. However, you are right that you actually want to use wildcard certs *.yourdomain.com you need to use DNS authentication.

Zitat

There is a comprehensive (and growing) list of eligible DNS providers - but it's important to stress that while the Traefik website may list your provider, that provider may be linked to a specific version of LEGO - which Traefik may not have included in a release yet. It's worth checking the LEGO release page for your provider and then checking if that version of LEGO is included in Traefik via the Traefik release page. One reason this article took a while to write was that the author needed support for their DNS provider - LEGO supported it, but that LEGO version wasn't in Traefik until 2.2.2.

Cloudflare served me well in that case on multiple servers/domains.

Zitat

Next up - consider running your containers within a subdomain - not as a subdomain. i.e. if you want to run ZoneMinder - consider zoneminder.yoursubdomain.yourdomain.com instead of zoneminder.yourdomain.com. This is for three reasons:

Security through obscurity. Can work but doesn't have to.

Zitat

Code

[global]

TOML vs YAML. Love it or hate it.

Zitat

Code

[entryPoints.websecure]
        address = ":443"    [entryPoints.web.http.redirections.entryPoint]

Now I'm jealous with my config beeing on 2.0 state.

Zitat

Code

# Uncomment the next line for using the ACME staging server
    # caServer = "https://acme-staging-v02.api.letsencrypt.org/directory"

Be carefull using this. At least in 1.7 there was a bug that I encountered that made it so when switching from staging to prod, it renewed certs on every restart. Maybe throw away the acme.json content just to be sure afterwards.

Overall some good thoughts on the configuration.

Greetings

David

Did you take a look here?

https://help.ui.com/hc/en-us/a…ation-and-Troubleshooting

Greetings

David

Can you post your docker-compose file? And the respective nginx / php conf?

Greetings

David

You'd need to expose the docker socket to the letsencrypt container. Read here:

https://stackoverflow.com/ques…20A%20every%205%20seconds.

Greetings

David

Hey, don't be so descriptive of your error messages that you receive or what you configuration looks like.

Post your configuration and log files and some people may actually be able to help you.

Greetings

David

1004 and 1005 could be users that once were there, but are no longer existant. IDs may stay on folders, even when the user is deleted. You can use the resetperms Plugin to get rid of those entries.

Greetings

David

There is no Buster Repo for TVHeadEnd. You gotta either use the Snap they provide, hope that your old install still works after upgrading to omv 5 or go with a docker setup.

Oh, and OMV is also not Ubuntu, so that PPA might not work well for you.

Greetings

David

I can't answer for letsencrypt specifically (I'm personally using Traefik), but when I get a 502 Bad Gateway, that usually means for me that either the container behind the reverse Proxy is not running, or I got some misconfiguration not pointing correctly to the internal service.

Greetings

David

Zitat von vmb

(max v2 version)

Why max v2? You should be able to run 3.x just fine, depending how high the docker-compose is that portainer uses.

You also didn't state what you explicit issue is. Is the container running? Anything in the logs?

Greetings

David

Zitat von chclark

ive seen a few mentions of fritzbox but when i google it i just find routers is it somthing you can share info on?

It's a german Router manufacturer. It allows to stream any unencrypted cabletv stream via IPTV in your network.

Greetings

David

If its the same domain name it could work just fine.

Greetings

David

Zitat von 71CHi2OOeuF2

What are the best practices to get this working?

In your local network? I'd stay with http/non-ssl and call it a day. For external access I would use letsencrypt.

Greetings

David

Zitat von steakhutzeee

1. During reinstall, should i disconnect the HD from the Odroid?

It's allways a good idea to disconnect data drives while reinstalling.

Zitat von steakhutzeee

2. After the system will be up, what should i do to restore the share folders?

Just re-attach your data drives, mount them and reconfigure your shares containing your existing folders.

Zitat von steakhutzeee

3. Should i do this update again https://wiki.odroid.com/odroid-xu4/software/jms578_fw_update?

I can't answer that. Maybe ryecoaaron can.

Greetings

David

Unless its a wildcard cert, or explicity for your nextcloud subdomain that won't work.

PS: Wildcard certs only work via DNS Challenge.

Greetings

David

What's the output of cat /etc/fstab ?

Greetings

David

Allthough that doesn't seem to be precisely what the questionair asked, yes you can do that. You can use the remotemount plugin and then the unionfs plugin on top of that.

Greetings

David

Zitat von chclark

The tuners are just usb tuners so don't think they use much power and the Arial splitter acts as a booster for the Arial as it would be powered.

Gotcha. I have no Aerial Splitter so I rely on power from the tuner.

Zitat von chclark

Ill have to try a single tuner to start never made a docker which passes through a device.

Yup. Passing through a device should not be a big problem.

Greetings

David

When did this happen? Right after you configured your reverse proxy? Do you have the Webgui of OMV set to another Port or something similiar?

Greetings

David

You can login via SSH or locally and execute omv-firstaid to regain access to the Webgui.

Greetings

David

Zitat von manoloxxl

I'm looking for a way to use my OMV Hardware also as Mediaplayer. Important are HD-Audio Outputs (Dolby Atmos) and i'm familiar with Kodi and also a bit with Plex. The OMV system is connected with HDMI to a HD-Audio-Receiver.

Not particularly suggested to run a desktop environment on OpenMediaVault. It can work but it could raise issues with the Desktop install. Been there, done that - allthough that has been years ago.

Zitat von manoloxxl

Is there any way to let run a MediaPlayer with GUI & HD-Audio on the Host / OMV system? I've seen Docker is impossible.

You can basicly use all 'guides' that are for Debian, since OpenMediaVault is based on Debian.

Zitat von manoloxxl

But can i install Kodi on the OMV with autostart,

Yes, allthough issues may arise. I had issues that the superuser in the desktop couldn't be used somehow. (On a full blown Desktop Environment, like opening menus that require root privileges.)

Zitat von manoloxxl

do something with a VM, Proxmox?

A VM won't net you much, or would require enormous configuration to passthrough the graphics card. Performance can be okay, but doesn't need to be.

Zitat von manoloxxl

I also read something about "emby" (never heard before).

Emby is a centralized Media Server for all your devices. Like using Kodi with a centralized Database, but a tad better.

Zitat von manoloxxl

PS: Schreibt man in diesem Forum eigentlich Deutsch oder englisch?

Das hängt davon ab wie viele Anworten man möchte und wie fähig man sich fühlt in englisch zu schreiben.

Grüße

David