WbrJr

Hi there, I just installed Proxmox on my home server and like the idea a lot, but there is a noticable learning curve. I used this wonderful website and the provided link for home assistant os.

Usually home assistant is available at homeassistant.local without any configuration, i think its called mdns? But on my setup, homeassistant.local does not work for me, on any device, but the ip does.

So i suspect some settings in the proxmox firewall stops the ha vm mdns service from creating an entry in my router (fritzbox). I could not find any useful information about this though, and AI gave me the usual not quite helpful advice.

I hope you have some tips what i can check. Thanks a lot!

ps: I want to host caddy as a reverse proxy on the server some day. Does it make more sense to host a dns server as well and use caddy to forward to the ip?

Update: I was overwhelmed by settings. After some more research and thinking I got it working. My dns was set up incorrectly, i referenced the container with the wrong name (the name of the container is not the container_name, but the name of the service in the docker compose file). I then had some other issues with port collisions but could resolve them by killing (docker stop) thingsboard and restarting all services.

So: problem solved! thanks for the answers though!

Hi! I have a server with static ip, that runs docker with caddy and thingsboard (iot dashboard). I have my domain, that points to the servers ip (both ipv4 and ipv6). (I tried using with "www" and with wilcard "*" in the A and AAAA records)

Thingsboard can be reached in the browser via ip:8080, or domain.com:8080 (or with the wildcard "*" set in DNS records with (anything).domain.com:8080). It is set up this way by the creators, where i got the compose file (without caddy) guide here. So i guess no routing is done via caddy.

the caddyfile looks like this:

thingsboard.domain.com {
	tls internal
	reverse_proxy thingsboard:8080
}

Thingsboard cant be reached via thingsboard.domain.com which i would be expecting with this config. Below is the compose file. They are all part of the same docker network (they get listed when i inspect the network).

some specific questions:

• how do i have to setup my dns records, so that all requests to any subdomain get send to caddy and i can do all the routing (from the subdomain to the service) in caddy? What am i missing in the caddyfile
• can i deactivate the port from the thingsboard container, so it cant be reached via the port from "outside" only from inside the docker network, by caddy?
• why am i struggling so much with this basic docker and networking stuff "docker is easy, you should try it" :D

Thanks a lot for reading, i hope someone can help! I dont know what to search for to get this working, networking stuff is still a blurr.

Here is the docker compose file:

services:
  caddy:
    image: caddy:latest
    container_name: caddy
    restart: unless-stopped
    cap_add:
      - NET_ADMIN
    ports:
      - "80:80"
      - "443:443"
      - "443:443/udp"
    volumes:
      - /srv/caddy/Caddyfile:/etc/caddy/Caddyfile
      - /srv/caddy/site:/srv
      - caddy_data:/data
      - caddy_config:/config
    networks:
      - caddy_network


  kafka:
    restart: unless-stopped
    image: bitnami/kafka:3.8.1
    container_name: kafka
    ports:
      - 9092:9092 #to localhost:9092 from host machine
      - 9093 #for Kraft
      - 9094 #to kafka:9094 from within Docker network
    environment:
      ALLOW_PLAINTEXT_LISTENER: "yes"
      KAFKA_CFG_LISTENERS: "OUTSIDE://:9092,CONTROLLER://:9093,INSIDE://:9094"
      KAFKA_CFG_ADVERTISED_LISTENERS: "OUTSIDE://localhost:9092,INSIDE://kafka:9094"
      KAFKA_CFG_LISTENER_SECURITY_PROTOCOL_MAP: "INSIDE:PLAINTEXT,OUTSIDE:PLAINTEXT,CONTROLLER:PLAINTEXT"
      KAFKA_CFG_INTER_BROKER_LISTENER_NAME: "INSIDE"
      KAFKA_CFG_AUTO_CREATE_TOPICS_ENABLE: "false"
      KAFKA_OFFSETS_TOPIC_REPLICATION_FACTOR: "1"
      KAFKA_TRANSACTION_STATE_LOG_MIN_ISR: "1"
      KAFKA_TRANSACTION_STATE_LOG_REPLICATION_FACTOR: "1"
      KAFKA_CFG_PROCESS_ROLES: "controller,broker" #KRaft
      KAFKA_CFG_NODE_ID: "0" #KRaft
      KAFKA_CFG_CONTROLLER_LISTENER_NAMES: "CONTROLLER" #KRaft
      KAFKA_CFG_CONTROLLER_QUORUM_VOTERS: "0@kafka:9093" #KRaft
    networks:
      - caddy_network
    volumes:
      - /srv/thingsboard/kafka-data:/bitnami
  mytb:
    restart: unless-stopped
    container_name: thingsboard
    image: "thingsboard/tb-postgres"
    depends_on:
      - kafka
    ports:
      - "8080:9090"
      - "1883:1883"
      - "7070:7070"
      - "5683-5688:5683-5688/udp"
    environment:
      TB_QUEUE_TYPE: kafka
      TB_KAFKA_SERVERS: kafka:9094
    networks:
      - caddy_network
    volumes:
      - /srv/thingsboard/.mytb-data:/data
      - /srv/thingsboard/.mytb-logs:/var/log/thingsboard



#general networks
networks:
    caddy_network:
      driver: bridge
      ipam:
        config:
          - subnet: 172.20.0.0/24


#general Volumes:
volumes:
  caddy_data:
  caddy_config:
  kafka-data:
    driver: local

Hi there! So i build a new pc with hardware < year old and installed mint on it and it takes annoyingly long to boot, 1:50min from the output of systemd-analyze:

Startup finished in 14.075s (firmware) + 10.681s (loader) + 51.070s (kernel) + 34.573s (userspace) = 1min 50.400s 
graphical.target reached after 34.570s in userspace.

The 50sec on kernel boot seems strange to me, maybe 34sec of userspace as well.

It seems to be the systemd-usdev-settle.service according to the output of systemd-analyze blame:

29.451s systemd-udev-settle.service
 3.254s NetworkManager-wait-online.service
  948ms zfs-load-module.service
  491ms NetworkManager.service
  154ms blueman-mechanism.service

The output of systemctl status systemd-udev-settle.service shows:

systemd-udev-settle.service - Wait for udev To Complete Device Initialization
     Loaded: loaded (/usr/lib/systemd/system/systemd-udev-settle.service; static)
     Active: active (exited) since Wed 2025-01-22 12:06:16 CET; 5min ago
       Docs: man:systemd-udev-settle.service(8)
   Main PID: 526 (code=exited, status=0/SUCCESS)
        CPU: 2ms

Jan 22 12:05:47 tower systemd[1]: Starting systemd-udev-settle.service - Wait for udev To Complete Device Initialization...
Jan 22 12:05:47 tower udevadm[526]: systemd-udev-settle.service is deprecated. Please fix zfs-load-module.service, zfs-import-cache.service not to pull it in.
Jan 22 12:06:16 tower systemd[1]: Finished systemd-udev-settle.service - Wait for udev To Complete Device Initialization.

So i think i need to fix the zfs modules, because they slow udev down, but how?

Any other tips to improve boot time of my system? Ubuntu on my 4 yo laptop takes maybe 20-30 seconds to boot, so linux should be a lot faster. I appreciate any helpl!

Hi there! This is quite the annoying issue how programs (like btiwig now or many others before) handle the google drive that is connected to my explorer. In Ubuntu, Fedora and now Mint, many programs do not display my google drive when i want to save my projects or open files and stuff like that.

What is you approach on working with cloud storage or network drives? Or is there a solution, like different explorer or account handler? Thanks, I really how anyone can help :)

Hi! I am trying to set up a wireguard client in docker. I use the linuxserver image, I it running in server mode on a different machine (exactly the same ubuntu version) and i can login with my laptop to the wireguard server, but the docker wg-client has problems, i hope someone has an idea :)

The client docker container has trouble starting and throws this error: [___](modprobe: FATAL: Module ip6_tables not found in directory /lib/modules/6.8.0-47-generic ip6tables-restore v1.8.10 (legacy): ip6tables-restore: unable to initialize table 'raw' Error occurred at line: 1 Try 'ip6tables-restore -h' or 'ip6tables-restore --help' for more information. )

I copied the config to the server with the wg server running, it has the same problem with the client. I can ping google.com from inside the server container, but not from inside the client container. Here is the output of the 'route' cmd from the client:Kernel IP routing table Destination Gateway Genmask Flags Metric Ref Use Iface 172.18.0.0 * 255.255.0.0 U 0 0 0 eth0

I searched for a solution quite a bit, but cant seem to find something that works. changed the .yml compose file according to some suggestions but without success.

I tried to install the missing module but could not get it working.

Its a completely clean install of ubuntu 24.04.1 LTS, Kernel: Linux 6.8.0-47-generic.

here is the compose file, in case its needed, it should be exact same one as provided by linux-server in their github:

services:
  wireguard:
    image: lscr.io/linuxserver/wireguard:latest
    container_name: wireguard-client
    cap_add:
      - NET_ADMIN
      - SYS_MODULE #optional
    environment:
      - PUID=1000
      - PGID=1000
      - TZ=Europe/Berlin
#      - SERVERURL=wireguard.domain.com #optional
#      - SERVERPORT=51820 #optional
#      - PEERS=1 #optional
#      - PEERDNS=auto #optional
#      - INTERNAL_SUBNET=10.13.13.0 #optional
#      - ALLOWEDIPS=0.0.0.0/0 #optional
#      - PERSISTENTKEEPALIVE_PEERS= #optional
#      - LOG_CONFS=true #optional
    volumes:
      - /srv/wireguard/config:/config
#      - /lib/modules:/lib/modules #optional
    ports:
      - 51820:51820/udp
    sysctls:
      - net.ipv4.conf.all.src_valid_mark=1
    restart: unless-stopped

here is the complete error log from the wg-client docker:

[migrations] started
[migrations] no migrations found
usermod: no changes
───────────────────────────────────────

      ██╗     ███████╗██╗ ██████╗
      ██║     ██╔════╝██║██╔═══██╗
      ██║     ███████╗██║██║   ██║
      ██║     ╚════██║██║██║   ██║
      ███████╗███████║██║╚██████╔╝
      ╚══════╝╚══════╝╚═╝ ╚═════╝

   Brought to you by linuxserver.io
───────────────────────────────────────

To support the app dev(s) visit:
WireGuard: https://www.wireguard.com/donations/

To support LSIO projects visit:
https://www.linuxserver.io/donate/

───────────────────────────────────────
GID/UID
───────────────────────────────────────

User UID:    1000
User GID:    1000
───────────────────────────────────────
Linuxserver.io version: 1.0.20210914-r4-ls55
Build-date: 2024-10-10T11:23:38+00:00
───────────────────────────────────────
    
Uname info: Linux ec3813b50277 6.8.0-47-generic #47-Ubuntu SMP PREEMPT_DYNAMIC Fri Sep 27 21:40:26 UTC 2024 x86_64 GNU/Linux
**** It seems the wireguard module is already active. Skipping kernel header install and module compilation. ****
**** Client mode selected. ****
[custom-init] No custom files found, skipping...
**** Disabling CoreDNS ****
**** Found WG conf /config/wg_confs/peer1.conf, adding to list ****
**** Activating tunnel /config/wg_confs/peer1.conf ****
[#] ip link add peer1 type wireguard
[#] wg setconf peer1 /dev/fd/63
[#] ip -4 address add 10.13.13.2 dev peer1
[#] ip link set mtu 1420 up dev peer1
[#] resolvconf -a peer1 -m 0 -x
s6-rc: fatal: unable to take locks: Resource busy
[#] wg set peer1 fwmark 51820
[#] ip -6 route add ::/0 dev peer1 table 51820
[#] ip -6 rule add not fwmark 51820 table 51820
[#] ip -6 rule add table main suppress_prefixlength 0
[#] ip6tables-restore -n
modprobe: FATAL: Module ip6_tables not found in directory /lib/modules/6.8.0-47-generic
ip6tables-restore v1.8.10 (legacy): ip6tables-restore: unable to initialize table 'raw'
Error occurred at line: 1
Try `ip6tables-restore -h' or 'ip6tables-restore --help' for more information.
[#] resolvconf -d peer1 -f
s6-rc: fatal: unable to take locks: Resource busy
[#] ip -6 rule delete table 51820
[#] ip -6 rule delete table main suppress_prefixlength 0
[#] ip link delete dev peer1
**** Tunnel /config/wg_confs/peer1.conf failed, will stop all others! ****
**** All tunnels are now down. Please fix the tunnel config /config/wg_confs/peer1.conf and restart the container ****
[ls.io-init] done.

Thanks a lot. I appreciate every input!

So I am working on my home server. I installed docker and use a dnsmasq container as my dns server to resolve local ip adresses.

Laptop and server are both linux (ubuntu LTS 24.4)

What works:

• 'resolvectl status' shows the ip of my dns server
• i can ping the ip of the dns server (that will run other stuff like nextcloud soon as well)
• i can use nslookup to resovle server.local to the correct ip address (even after changing the entry, so its not the cache in my laptop)

what does not work:

• i can not ping server.local (- for testing i have to stop the systemd-resolved.service to run the dnsmasq server, or else there are port collisions, but that should not be the problem i guess. I am happy to hear your solution :))
• i can also not use ssh to log in to server.local, ip address works

What am i missing?

Thanks a lot already! BTW: ZFS is crazy nice :D

Hi! I know this is a kind of dangerous topic to ask :D And I am sorry this got so long.

I plan on building my own little home server. Currently I will mostly use it for nextcloud, maybe some other stuff, like git. I would like to be able to access nexcloud or git from outside my home (yes, i actually go outside sometimes.. dont know why though). I will run docker and portainer on a pi5 (i guess its enough for one person) and I have 4x4tb disks. I currently plan on creating a software raid 10 with the disks to get 8tb of storage.

I have two types of disks, a new set of ironwolf and a used set of wd 24/7 drives. How would you arrange them? Put both from one type in raid 1 or mix both types in raid 1? I just heared about LVM. Would you recommend to put that on top of the raid? I dont know If i plan to change the storage setup, but doubt it currently. Im not shure if ZFS would be a better solution for me, but it seems unneccesserry at the moment.

I dont quite know what i should search for to find a solution about accessing the services from outside. I would like to avoid a (wireguard) vpn so i can log in on a different device without setting it up, or that i can connect to the vpn at work or uni and still be able to use my nextcloud data. So dyn dns with portforwarding seems to be the only option. But I am a little afraid to open up my home network to the outside like this, without another protection like a login. I know nextcloud has that, but im not shure if that is enough or what can be seen and accessed from the outside if i use ddns and port forwarding.

For backups I plan on using dublicati and storing the backups encrypted to either pcloud (would need to by, additional cost..) or a server at a friends or my dads house. But with the second solution I am not shure how I would create a tunnel to their server, so its secure for both of us. He has a static ip, so no ddns needed. Maybe here would be a wireguard tunnel be best? My dad does not have a static ip but would create a wirequard vpn for me with MyFritz (avm ddns service). Any thoughts on that? I would create a disk image of the completed os (the sd card..) once the services are running, so i can revert if something breaks. I guess a manual image is enough after the setup, because the docker containers reset anyways on restart, right?

Thank you so much, I am greatefull for every advice!

In other cad programs i use two points of a sketch to extrude a feature. In freecad it does not seem to be possible. What are your recommended workarounds for that?

I would like to extrude the base not just from the face of the sketch, but from point 1 to point 2 on the side view sketch. This workflow proved very robust in other cad tools, but I cant get it work in freecad.

Thanks a lot in advance!

Ubuntu just started renaming files while exporting (sending over mail, KDE Connect, Whatsapp web). The folder is my google drive, connected to my google drive. Sometimes it looses its file ending/type as well. The file is called something like: "1Kfhgsji2rjfIS-fi3oo598nf8ajlfoi.pdf"

I guess its a weird bug, it persist even after a restart. Thanks, maybe you have a solution

Hi! I hope this is the right community to ask.

Next week I will be on the road for 5 Days for work. I have quite some spare time, so I thought I would dig up my raspberry project again and hopefully finish it.

I need it with me, because it controls some hardware, so a VPN to home does not work. So only option I could think of, is to connect the pi directly to my laptop via an ethernet cable. As far as I understood from some research is that I would need to install and run an DHCP server on my laptop, which they did not recommend. Alternatively they suggested to just take a router and plug both devices in there. I don't really have a spare router, so that's not an option either.

To be hones it confuses me a little, that there does not seem to be a standard for connecting to a device directly over a single cable and login with a user account.

Any recommendations how I can work on the pi like with ssh?

Thanks a lot!

Hi! I started to fiddle around with freecad a little again tonight. I still find many things unintuitive. And I just watched a video about master sketches, because they are essential in my workflow on other programs. It makes it soo much easier to keep the overview and change little things quickly because I don't have to search for the responsible sketch.

In this video the person demonstrates at around 9:15 how to use the master sketch as a reference in the sub bodies. I can get used to only get one body from a sketch, but man, how many steps does it take to just reference a sketch?! You even need to use a differen workbech, use the clone tool, but not this one and then drag and drop the duplicate into the same body you are working on? Why?! I mean the sketch is right there, just let me click it!!

This got me wondering it those rough workflows are just designed badly or if this is a limitation of the engine or whstevery it's called, that freecad is based on? Because in my limited programming mind it does not make a difference what file is referenced. If it is some file on a directory above, just use something like "./" Before to go up one directory.

And I think those little things that just work in other cad software, makes freecad so much less approcavhabel and so much harder to jump in.

If I want to make a complicated part, that is not just a box with a hole, I don't want to Google around until I found a solution, I want the intuitive solution to work without 3 extra steps. This just hinders my design process a lot.

Maybe someone knows how freecad works on the background and can explain why freecad works like that.

Thanks!

Edit: thanks everyone for the suggestions. In the end I decided to buy a icy box usb3.1 4xhdd enclosure for around 100€. In the description it says it only works with mac and windows, but my Linux laptop works well with it, I guess the pi will to as well. I will print an enclosure for the power brick and the pi to screw to the drive case.

Here is why I choose this option: The pi is rather cheap compared to its power and also power consumption. I already had 4x4tb HDDs which I wanted to use, so at least 4 slots needed. The pi has 2x usb 3.0 connections which can be used simultaneously. One will be used for the 4bay, the other is free for now. I have the option to connect a second Nas case if I need more storage. Usb 3.0 is pretty fast, even if I don't get all the 5gbit/s. It's still faster than 1gbit/s ethernet.

I also thought about getting 2x 2xhdd enclosures to use the two usb3.0 at the same time. But decided against it because it would be a little more sketchy and I wanted to keep a free usb port for a second drive enclosure.

There are some enclosures that offer raid (hardware raid?) But I could not figure out if that would mean that all 4 drives will be raided, so I decided for the cheaper variant and would do the raid myself.

I plan on running 2 drives as raid1 and the other as raid 0 for secure storage and the other for movies and stuff I can download again.

Thanks again for all the comments!

It seems weirdly difficult to find a good solution to attach HDDs to my pi. Best case would be for me a enclosure with small power supply, space for my pi, and at least 2 bays for HDDs, rather 4. All that for under 100€ of cause :D

I could not really find cheap hhd enclosures that connect via usb. Any recommendations? I don't really want to use HDD toasters, they feel not permanent enough for a Nas. I could also not find sata to usb hats for the pi that are available right now