Posts by sNiXx

    Thanks to everyone's help, it is now working as expected. I can confirm that pinging containers by hostname that are outside of the network does not work.


    Something else I figured out: When using user-defined bridge networks, it is not necessary to expose ports (makes sense when I think about it...)


    My files for future reference:

    docker-compose.yml for Jellyfin

    docker-compose.yml for SWAG

    docker-compose.yml for Nextcloud

    Thank you for this!


    I was reading the SWAG documentation and they said it makes sense to use a user-defined bridge network (container names can be used as hostnames). Because I didn't quite understand how this worked, I read the docker documentation and they use an example to isolate the containers. I thought this might be a sensible approach to protect the other containers if one container is compromised, but also making sure that SWAGs reverse proxy still functions?


    My docker-compose.yaml for SWAG (I removed a few lines under "environment")

    My docker-compose.yaml for Jellyfin

    So, would it be better to change my docker-compose.yaml (instead of using network_mode = swag) to something like this?

    So, I'm starting this off with a few questions myself. First of all, thank you, chente , for creating your helpful tutorials!


    I have two questions regarding the user-defined bridge, which might also be of interest to other users:

    1. When using SWAG and Jellyfin (for example), the line network_mode: swag should be added to both compose files, right? Otherwise, SWAG would stay in its own default network. At least for me, this wasn't clear when reading the tutorial.
    2. To isolate additional apps (if I add Nextcloud to the mix, for example), it should be helpful to create another network to isolate traffic between SWAG and Nextcloud, so Nextcloud and Jellyfin containers don't see each other. I was reading the docker documentation (Network Tutorial) and it seems that having separate networks would be beneficial for isolation of traffic.
      --> For example: Create two networks named swag_jellyfin and swag_nextcloud, where SWAG is part of both, while Jellyfin and Nextcloud are only part of their respective bridge.

    I haven't tested this and wanted to confirm before I try anything that doesn't make sense. I assume that it would be necessary to use "networks" instead of "network_mode" to add SWAG to several networks, as described in the docker documentation (Networking in Compose)?

    Sorry for unearthing this ancient thread, but I was just looking for this as well. I've been donating via PayPal for quite some time now and have started taking greater interest in more open and/or privacy-respecting alternatives.


    Any chance you could add other options besides PayPal? For instance, bank transfer or liberapay would be great.

    I found a way to have it automatically cleanup stale images. I added a daily scheduled job through the OMV interface with the following command: docker images -q --filter "dangling=true" | xargs -n1 -r docker rmi


    Seems to work!

    This still works like a charm, thanks!


    One question though: Do the arguments "-n1" and "-r" add any value? The command seems to work without them:
    docker images -q --filter dangling=true | xargs docker rmi

    Where can I set Name-based Servername ?Where to put the Extra options?
    Did not find any settings in OVM webgui for nginx.
    Do I have to edit the nginx.conf?


    Regards
    Erich

    Quick solution to your question - note that you don't need the nginx plugin for this!


    Using Nextcloud as an example:
    Create /etc/nginx/openmediavault-webgui.d/nextcloud.conf with the content below. Make changes to the file name, nextcloud and http://localhost:port/ to suit your needs. This example would allow you to access Nextcloud via https://yourdomain/nextcloud.

    Code
    location ^~ /nextcloud/ {
    proxy_pass http://localhost:port/;
    proxy_set_header Host $host;
    proxy_set_header X-Real-IP $remote_addr;
    proxy_set_header HTTP_X-Forwarded-For $proxy_add_x_forwarded_for;
    }

    Hey,
    I’m by no means an expert, but I have been trying to do this for a while and I think this might help. I, too, had been trying to get NextCloud from docker running SSL. I installed a NC docker container (wonderfall/nextcloud) and now have it running through OMV letsencrypt cert with SSL. Here was my process.

    • Install NC (wonderfall/nextcloud) through docker webgui inside OMV
    • Opened the port 8888 in router
    • Setup directories like the image below (I’m not sure if the /etc/ section helped, but I just added it (these are the location of my OMV letsencrypt key and nginx)
    • Do initial setup of NC by logging in with IP:8888
    • Go to the docker config directory of NC you created earlier in step 3 (in my case it was /etc/home/Docker/conf/nextcloud)
    • Open & edit config.php with the sections highlighted with your WANIP & Domain
    • Go to OMV nginx directory and open/edit to add the proxy (in my case directory was /etc/nginx/site-available/openmediavault-webgui)
    • Check and restart nginx with nginx -t and /etc/init.d/nginx restart (to check for syntax errors)
    • Now try accessing NC via https://yourdomain/nextcloud/

    Hopefully this works for you.

    Thank you for writing this down @colehan! I would, however, not change /etc/nginx/site-available/openmediavault-webgui, as this may get replaced. Better practice IMO would be to add an additional file to /etc/nginx/openmediavault-webgui.d/ (e.g. nextclound.conf) and then add the block in your source code to this new file. Explanation: All files "*.conf" in the folder "openmediavault-webgui.d" are added via include at the end of the "openmediavault-webgui" file


    I made almost everything work, but am currently stuck, because of the security warnings Nextcloud produces. Ideas anyone?

    Code
    The "X-XSS-Protection" HTTP header is not set to "1; mode=block". This is a potential security or privacy risk, as it is recommended to adjust this setting accordingly.
    The "X-Content-Type-Options" HTTP header is not set to "nosniff". This is a potential security or privacy risk, as it is recommended to adjust this setting accordingly.
    The "X-Frame-Options" HTTP header is not set to "SAMEORIGIN". This is a potential security or privacy risk, as it is recommended to adjust this setting accordingly.

    Here's the solution to the problem of multiple headers:
    The issue lies within both /nginx/sites-enabled/nginx.conf, but also /nextcloud/lib/private/legacy/response.php, as the headers are defined there as well. In addition to commenting out the headers in nginx.conf (using #), comment out ("//" or /* */ for php) the lines at the end of the response.php and the warnings should disappear. Apparently, this is a precaution by Nextcloud, should your server not send those security headers). As OMV already includes most and I would like security measures to apply to all my services, I removed all headers from those files and created and additionalsecurity.conf that I placed in /etc/nginx/openmediavault-webgui.d/ - here's the content of my file:



    Code
    add_header Referrer-Policy "no-referrer";
    add_header X-Robots-Tag none;
    add_header X-Download-Options noopen;
    add_header X-Permitted-Cross-Domain-Policies none;

    Hint: Make sure to check your server settings using https://scan.nextcloud.com or https://securityheaders.com/

    @ryecoaaron and @tekkb, thanks for the hint!


    I replaced the 1x2GB RAM with 2x8GB RAM, but emby crashed nonetheless. I then went to the dashboard and saw that it was running a pending syncing job. After stopping it manually, emby stopped crashing. So, everything is working now and hopefully someone else might find this information useful in the future.

    Performance isn't an issue wasted space is. I have no need for the ssd in this box and I have no use for the extra space at this time.
    I know there is a plugin to reduce writes to SD cards but is anyone using the SD card in the gen8


    I had the same problem and decided to give the SD card as system drive a try. I have been running OMV with the openmediavault-flashmemory plugin for almost a year now. Also see this post from last year:

    Have been using the somewhat complicated ODD bay option (with GRUB on a USB stick), but wanted something simpler and more energy saving. That's why I installed OMV on a microSD and the flashmemory plugin.
    If anyone is interested in the same setup, I suggest using the "Virtual Media" feature on the Gen8, as booting seemed to fail when installing from USB drives (I suspect issues with GRUB). However, installing from CD/DVD should give the same result. So far, everything is working perfectly.

    Hey everyone


    I realised a few days ago that emby stops working after approximately 10 minutes for no apparent reason. Looking at other threads didn't help much, but after having looked at the logs, I am a bit confused, because it seems to be memory related. I then looked at the processes and saw that memory taken by mono was increasing relatively fast upon restarting the service and later also tested my memory with memtest86, but there were no errors. Does anyone have any ideas where this could suddenly come from?


    System:
    HP ProLiant MicroServer Gen8
    CPU: Intel(R) Celeron(R) CPU G1610T @ 2.30GHz
    KiB Mem: 2019536 total
    OMV 2.2.4
    Kernel 3.2.0-4-amd64


    Partial log:

    Code
    Jun 1 21:04:17 openmediavault kernel: [10549.037398] Out of memory: Kill process 15433 (mono) score 704 or sacrifice child
    Jun 1 21:04:17 openmediavault kernel: [10549.037443] Killed process 15874 (ffmpeg) total-vm:297604kB, anon-rss:25268kB, file-rss:0kB


    There are also several errors listed in the log that are related to ffprobe. I'll upload the full log if it's any help.


    Thanks in advance for your help!


    PS: If anyone else is ever wondering where to find the emby logs, I found them here: /var/lib/emby/logs

    Have been using the somewhat complicated ODD bay option (with GRUB on a USB stick), but wanted something simpler and more energy saving. That's why I installed OMV on a microSD and the flashmemory plugin.
    If anyone is interested in the same setup, I suggest using the "Virtual Media" feature on the Gen8, as booting seemed to fail when installing from USB drives (I suspect issues with GRUB). However, installing from CD/DVD should give the same result. So far, everything is working perfectly.

    Just out of curiosity, how long does it take your systems to boot? My OMV is running on an HDD in the ODD bay (Gen8) and it takes more than two minutes until it is fully running. Do you guys know of any way to improve this?


    sNiXx, the prompt I've when I boot is "open login: " and if I enter here "ifconfig" or "ifconfig -a" I've an error message, It seems like before entering any command I've to validate using user/pass (system asks for login and pass), but I've try all possible combinations with no succeed, always "Login incorrect".
    Regards


    You're exactly right! The user should be "root" and the password was set during installation. After entering the correct login credentials, you can check the IP address with either of the two commands. Alternatively, you could tell your router to always assign the same IP address to your machine (if you have that option)? Or simply check there which IP was assigned to your NAS? Or make use of ping?

    If I remember correctly, I had a similar problem. Apparently, the NAS may receive the IP address "too late", so the info doesn't show up on the screen, but instead you get "no interface(s) available". Maybe try

    Code
    ifconfig -a

    and check if the relevant NIC got an IP address.


    Schlag dir das aus dem Kopf. Ich kann dir versprechen das Volker keine gewinnbringenden Absichten verfolgt, freiwillige Spenden ausgenommen!


    Muss halt jeder selbst wissen ob er mehr fuer weniger ausgeben moechte. ;)


    OMV ist ein sehr unterstützenswertes Projekt - daher möchte ich wirklich jedem ans Herz legen, etwas zurückzugeben. Sei dies in Form einer (regelmässigen) Spende, Fehlersuche oder Tutorials. Für eine solche Leistung habt ihr meinen tiefsten Respekt!


    Wie omavoss bereits sagte würde ich auch gerne bei den Guides/Tutorials unterstützen, da ich diese als zentral für die Verbreitung von OMV ansehe. Leider habe ich aber auch nur sehr beschränkte Kenntnisse. Evtl. könnte man die Überarbeitung des wiki als nächsten Meilenstein festlegen, so dass hilfsbereite User auch ergänzen und erweitern können? Vor allem bei den Plugins wäre es oft sehr hilfreich, damit nicht immer wieder die gleichen Fragen gestellt werden (müssen).

    Ok, that makes sense - thanks for the hint! I will have to try this once I'm at home. I'm just a little bit confused about this field's function and why I see "openmediavault.xxx.ddns.net" as hostname under "System Information" when I defined "openmediavault" as hostname.