- recommended to use Debian installer and then the omv debian packages
- recommended to run
omv-firstaidafter omv packages installation. - any additional disk, apart from the main one (the Debian/OMV installation one) must be added from the OMV interface. No manual
/etc/fstabfile edition is allowed. Otherwise you are not allowed to use those disks to share folders, etc. To incorporate the disks in OMV: 1. unmount and remove them from /etc/fstab, 2. Check the disk are available in Settings-Storage-Disks, 3. Go to Settings-Storage-File systems and mount (don´t create and mount) and configure as it was in the /etc/fstab file.
-
Add the
non-freestring to the first line in/etc/apt/sources.list. -
Install
firmware-realtekandfirmware-misc-nonfreepackages to avoid dmesg messages like:enp2s0: unable to load firmware patch rtl_nic/rtl8168h-2.fw (-2)or[drm] Failed to load DMC firmware i915/glk_dmc_ver1_04.bin.
-
Install backport kernel:
apt-get -t buster-backports install linux-image-amd64
Debian doesn't include pre-built JS so Glances Web UI doesn't work but API REST does, so you still be able to integrate it with Home Assistant or view glance in text mode.
sudo systemctl edit glances
# Add these lines in uppper file section
[Service]
ExecStart=
ExecStart=/usr/bin/glances -w -B 0.0.0.0
# save the temp file and then reload & restart glances
sudo systemctl daemon-reload
sudo systemctl restart glances
Note that OMV 7 is based on Debian 12 and DNS client configuration is in /etc/systemd/resolved.conf instead of classic /etc/resolv.conf
If apt or any cli command insists to resolve the IPv6 address for a host instead of using the IPv4, you can configure the /etc/gai.conf file and uncomment the line:
#precedence ::ffff:0:0/96 100
I use a free domain from ClouDNS up to now. I have to move away from Duckdns service because it fails.
Config: https://dev.to/stjernstrom/block-ips-on-all-ports-with-fail2ban-on-a-docker-host-1983
Set AllowTcpForwarding yes in /etc/ssh/sshd_config file to allow ssh -L xxxx port forwarding and Visual Studio Code Remote support.
NOTE: In order to avoid 22 TCP port forwarding in my router I use 2222 or 2200.
docker run -d -p 9000:9000 --name=portainer --restart=always -v /var/run/docker.sock:/var/run/docker.sock -v portainer_data:/data portainer/portainer-ce:latestNOTE: I have replaced by Adguard Home in 2023 because some issues.
docker run way:
docker run -d --name=pi-hole --env=DNS1=80.58.61.250 --env=DNS2=80.58.61.254 --env=ServerIP=192.168.1.5 --env=TZ='Europe/Berlin' --env=WEBPASSWORD=<CHANGEME> --volume=etc-dnsmasq.d:/etc/dnsmasq.d --volume=etc-pihole:/etc/pihole --cap-add=NET_ADMIN --dns=80.58.61.250 --dns=80.58.61.254 --network=ph_network -p 53:53 -p 53:53/udp -p 67:67/udp -p 80:80 --restart=unless-stopped 'pihole/pihole'
docker-compose way:
pihole:
container_name: pi-hole
image: "pihole/pihole:latest"
# For DHCP it is recommended to remove these ports and instead add: network_mode: "host"
ports:
- "53:53/tcp"
- "53:53/udp"
- "67:67/udp" # Only required if you are using Pi-hole as your DHCP server
- "80:80/tcp"
environment:
- TZ=$TZ
- DNS1=80.58.61.250
- DNS2=80.58.61.254
- ServerIP=192.168.1.5
- WEBPASSWORD=$PIPASSWD
dns:
- 80.58.61.250
- 80.58.61.254
networks:
ph_network:
ipv4_address: 192.168.1.5
volumes:
- './etc-pihole:/etc/pihole'
- './etc-dnsmasq.d:/etc/dnsmasq.d'
cap_add:
- NET_ADMIN # Required if you are using Pi-hole as your DHCP server, else not needed
restart: unless-stopped
networks:
ph_network:
name: ph_network
external: true
- Pending to migrate cli
docker network createto docker-compose - Change the dns values to your Internet access provider DNS servers.
- No conflicts with 80 or 443 ports because is running in a different IP from host (in this case 192.168.1.5):
[NOTE: limited solution]
docker network create -d macvlan -o parent=enp1s0f0 --subnet=192.168.1.0/24 --gateway=192.168.1.1 --ip-range=192.168.1.4/30 ph_network - The network address will be 192.168.1.4/30 and the pi-hole address will be 192.168.1.5
- If you want to communicate your Pi-hole with another docker instances in the same host:
sudo ip link add macvlan0 link enp1s0f0 type macvlan mode bridge
sudo ip addr add 192.168.1.4/30 dev macvlan0
sudo ip link set macvlan0 up
You can put these commands in a macvlan0.sh script in a systemd file in /etc/systemd/system/macvlan0.service:
[Unit]
Description=macvlan0 interface
After=network-online.target
[Service]
Type=oneshot
RemainAfterExit=yes
ExecStart=/srv/docker/macvlan0.sh
[Install]
WantedBy=multi-user.target
More details about these networking solution: https://gist.github.com/xirixiz/ecad37bac9a07c2a1204ab4f9a17db3c
- Howto: https://github.com/thelebster/example-mosquitto-simple-auth-docker
- Notes:
- execute
chown 1883:1883 ./login the host to avoid permissions issue.
- execute
SWAG requires text-based configuration but it works for me. I've tried Ngnix Proxy Manager but it takes several minutes to boot.
If container doesn't share a bridge network with the SWAG nginx, remember to add in http.trusted_proxies[] in configuration.yml its docker ip (something like 172...). In order to avoid configure the actual host IP-address (which it might change when your router/network changes) in ngnix conf files as a reverse-proxy for Home Assistant container, a solution is configuring the default docker gateway IP if you use variables in proxy_pass, something like:
set $upstream_app 172.17.0.1; # 172.17.0.1 is the default docker gatew`ay (host) IP
set $upstream_port 8123;
set $upstream_proto http;
proxy_pass $upstream_proto://$upstream_app:$upstream_port;
Add ngnix https and websocket for home assistant Stackoverflow Q&A