Tywèle [she|her]
- 10 Posts
- 65 Comments
Joined 1Y ago
Cake day: Jun 25, 2023
You are not logged in. If you use a Fediverse account that is able to follow users, you can follow this user.
English- •
- 9d
- •
I'm a beginner in networking things but due to my ISP I can only open a certain range of ports in my router to be accessible from the outside of my network (something like ports 11000-11500).
That means I can't open port 443 to access my reverse proxy from the outside. Is it possible to redirect all traffic that's coming from one of the ports in the range to port 443 of my server?
I haven't found that possibility in my router (Fritzbox 7530) so is there a way to do this on my server (running Fedora Server)?
- •
- 2M
- •
I have used FreshRSS before but I was always annoyed that some sites don't provide RSS feeds and that even if they provide feeds they don't provide the whole content through it and only a preview.
What do you recommend for the perfect RSS setup? What are you using? Which app are you using to read them?
I have an Ansible playbook that I use to setup everything and all troubleshooting steps I ever had to take to fix something get written down in an Obsidian.md vault.
- •
- github.com
- •
- 4M
- •
After getting fed up with TrueNAS (after it borked itself for the third time and I would have had to set it up AGAIN) I decided to learn Ansible and write a playbook to setup my homeserver that way.
I wanted to share this playbook with you in case someone might find it useful for their own setup and maybe someone has some tips on things I could improve.
This server will not be exposed to the public/internet. If I want to access a service on it from outside my home network I have Wireguard setup on my router to connect to my home network from anywhere.
Keep in mind that I'm relatively new to sysadmin stuff etc so don't be too harsh please 😅
creator
toI added the REDIS_HOSTNAME and DB_DATA_LOCATION environment variables.
Not sure if I understood it right, but I guess not since it still doesn’t work:
Ansible tasks
- name: create Immich network
community.docker.docker_network:
name: immich-network
state: present
- name: deploy Immich-Redis
community.docker.docker_container:
name: immich-redis
image: registry.hub.docker.com/library/redis:6.2-alpine@sha256:84882e87b54734154586e5f8abd4dce69fe7311315e2fc6d67c29614c8de2672
restart_policy: always
networks:
- name: immich-network
env:
DB_DATABASE_NAME: "{{ immich_postgres_db_name }}"
DB_USERNAME: "{{ immich_postgres_db_user }}"
DB_PASSWORD: "{{ immich_postgres_db_password }}"
DB_DATA_LOCATION: "{{ nvme_mount_point }}/immich/postgres"
- name: deploy Immich-Postgres
community.docker.docker_container:
name: immich-postgres
image: registry.hub.docker.com/tensorchord/pgvecto-rs:pg14-v0.2.0@sha256:90724186f0a3517cf6914295b5ab410db9ce23190a2d9d0b9dd6463e3fa298f0
restart_policy: always
volumes:
- "{{ nvme_mount_point }}/immich/postgres:/var/lib/postgresql/data"
env:
POSTGRES_DB: "{{ immich_postgres_db_name }}"
POSTGRES_USER: "{{ immich_postgres_db_user }}"
POSTGRES_PASSWORD: "{{ immich_postgres_db_password }}"
REDIS_HOSTNAME: immich-redis
networks:
- name: immich-network
- name: deploy Immich-Machine-Learning
community.docker.docker_container:
name: immich-machine-learning
image: ghcr.io/immich-app/immich-machine-learning:release
restart_policy: always
volumes:
- "{{ nvme_mount_point }}/immich/model-cache:/cache"
networks:
- name: immich-network
env:
DB_DATABASE_NAME: "{{ immich_postgres_db_name }}"
DB_USERNAME: "{{ immich_postgres_db_user }}"
DB_PASSWORD: "{{ immich_postgres_db_password }}"
DB_DATA_LOCATION: "{{ nvme_mount_point }}/immich/postgres"
REDIS_HOSTNAME: immich-redis
- name: deploy Immich-Microservices
community.docker.docker_container:
name: immich-microservices
image: ghcr.io/immich-app/immich-server:release
restart_policy: always
command: ['start.sh', 'microservices']
volumes:
- "{{ hdd_mount_point}}/immich/library:/usr/src/app/upload"
- /etc/localtime:/etc/localtime:ro
networks:
- name: immich-network
env:
DB_DATABASE_NAME: "{{ immich_postgres_db_name }}"
DB_USERNAME: "{{ immich_postgres_db_user }}"
DB_PASSWORD: "{{ immich_postgres_db_password }}"
DB_DATA_LOCATION: "{{ nvme_mount_point }}/immich/postgres"
REDIS_HOSTNAME: immich-redis
- name: deploy Immich-Server
community.docker.docker_container:
name: immich-server
image: ghcr.io/immich-app/immich-server:release
restart_policy: always
command: ['start.sh', 'immich']
volumes:
- "{{ hdd_mount_point}}/immich/library:/usr/src/app/upload"
- /etc/localtime:/etc/localtime:ro
ports:
- "2283:3001"
networks:
- name: immich-network
env:
DB_DATABASE_NAME: "{{ immich_postgres_db_name }}"
DB_USERNAME: "{{ immich_postgres_db_user }}"
DB_PASSWORD: "{{ immich_postgres_db_password }}"
DB_DATA_LOCATION: "{{ nvme_mount_point }}/immich/postgres"
REDIS_HOSTNAME: immich-redis
This is what I have now and I get the following error in immich-server and immich-microservices:
[Nest] 7 - 05/02/2024, 3:45:01 PM ERROR [TypeOrmModule] Unable to connect to the database. Retrying (1)...
Error: getaddrinfo ENOTFOUND database
at GetAddrInfoReqWrap.onlookupall [as oncomplete] (node:dns:118:26)
Edit: It works! I forgot to add DB_HOSTNAME
- •
- 4M
- •
Edit: I found the solution. I was missing a few environment variables.
These are the functioning Ansible tasks to deploy Immich:
::: spoiler Solution
```
- name: create Immich network
community.docker.docker_network:
name: immich-network
state: present
- name: deploy Immich-Redis
community.docker.docker_container:
name: immich-redis
image: registry.hub.docker.com/library/redis:6.2-alpine@sha256:84882e87b54734154586e5f8abd4dce69fe7311315e2fc6d67c29614c8de2672
restart_policy: always
networks:
- name: immich-network
- name: deploy Immich-Postgres
community.docker.docker_container:
name: immich-postgres
image: registry.hub.docker.com/tensorchord/pgvecto-rs:pg14-v0.2.0@sha256:90724186f0a3517cf6914295b5ab410db9ce23190a2d9d0b9dd6463e3fa298f0
restart_policy: always
volumes:
- "{{ nvme_mount_point }}/immich/postgres:/var/lib/postgresql/data"
env:
POSTGRES_DB: "{{ immich_postgres_db_name }}"
POSTGRES_USER: "{{ immich_postgres_db_user }}"
POSTGRES_PASSWORD: "{{ immich_postgres_db_password }}"
networks:
- name: immich-network
- name: deploy Immich-Machine-Learning
community.docker.docker_container:
name: immich-machine-learning
image: ghcr.io/immich-app/immich-machine-learning:release
restart_policy: always
volumes:
- "{{ nvme_mount_point }}/immich/model-cache:/cache"
networks:
- name: immich-network
env:
DB_DATABASE_NAME: "{{ immich_postgres_db_name }}"
DB_USERNAME: "{{ immich_postgres_db_user }}"
DB_PASSWORD: "{{ immich_postgres_db_password }}"
DB_DATA_LOCATION: "{{ nvme_mount_point }}/immich/postgres"
DB_HOSTNAME: immich-postgres
REDIS_HOSTNAME: immich-redis
- name: deploy Immich-Microservices
community.docker.docker_container:
name: immich-microservices
image: ghcr.io/immich-app/immich-server:release
restart_policy: always
command: ['start.sh', 'microservices']
volumes:
- "{{ hdd_mount_point}}/immich/library:/usr/src/app/upload"
- /etc/localtime:/etc/localtime:ro
networks:
- name: immich-network
env:
DB_DATABASE_NAME: "{{ immich_postgres_db_name }}"
DB_USERNAME: "{{ immich_postgres_db_user }}"
DB_PASSWORD: "{{ immich_postgres_db_password }}"
DB_DATA_LOCATION: "{{ nvme_mount_point }}/immich/postgres"
DB_HOSTNAME: immich-postgres
REDIS_HOSTNAME: immich-redis
- name: deploy Immich-Server
community.docker.docker_container:
name: immich-server
image: ghcr.io/immich-app/immich-server:release
restart_policy: always
command: ['start.sh', 'immich']
volumes:
- "{{ hdd_mount_point}}/immich/library:/usr/src/app/upload"
- /etc/localtime:/etc/localtime:ro
ports:
- "2283:3001"
networks:
- name: immich-network
env:
DB_DATABASE_NAME: "{{ immich_postgres_db_name }}"
DB_USERNAME: "{{ immich_postgres_db_user }}"
DB_PASSWORD: "{{ immich_postgres_db_password }}"
DB_DATA_LOCATION: "{{ nvme_mount_point }}/immich/postgres"
DB_HOSTNAME: immich-postgres
REDIS_HOSTNAME: immich-redis
```
:::
I'm trying to install Immich via Ansible and so far so good. The containers are all running and as long as I don't try to access it the logs all look fine but as soon as I try to access the GUI I get the following error spammed in the immich-server container log and the browser just shows a timeout and doesn't connect to the GUI.
```
[Nest] 7 - 05/02/2024, 9:20:45 AM ERROR [TypeOrmModule] Unable to connect to the database. Retrying (5)...
Error: Connection terminated due to connection timeout
at Connection.<anonymous> (/usr/src/app/node_modules/pg/lib/client.js:132:73)
at Object.onceWrapper (node:events:632:28)
at Connection.emit (node:events:518:28)
at Socket.<anonymous> (/usr/src/app/node_modules/pg/lib/connection.js:63:12)
at Socket.emit (node:events:518:28)
at TCP.<anonymous> (node:net:337:12)
```
```
Error: connect ETIMEDOUT
at Socket.<anonymous> (/usr/src/app/node_modules/ioredis/built/Redis.js:170:41)
at Object.onceWrapper (node:events:632:28)
at Socket.emit (node:events:518:28)
at Socket._onTimeout (node:net:589:8)
at listOnTimeout (node:internal/timers:573:17)
at process.processTimers (node:internal/timers:514:7) {
errorno: 'ETIMEDOUT',
code: 'ETIMEDOUT',
syscall: 'connect'
}
```
Here are my Ansible tasks to deploy Immich:
::: spoiler Ansible tasks with missing ENV variables
``` yml
- name: create Immich network
community.docker.docker_network:
name: immich-network
state: present
- name: deploy Immich-Redis
community.docker.docker_container:
name: immich-redis
image: registry.hub.docker.com/library/redis:6.2-alpine@sha256:84882e87b54734154586e5f8abd4dce69fe7311315e2fc6d67c29614c8de2672
restart_policy: always
networks:
- name: immich-network
- name: deploy Immich-Postgres
community.docker.docker_container:
name: immich-postgres
image: registry.hub.docker.com/tensorchord/pgvecto-rs:pg14-v0.2.0@sha256:90724186f0a3517cf6914295b5ab410db9ce23190a2d9d0b9dd6463e3fa298f0
restart_policy: always
volumes:
- "{{ nvme_mount_point }}/immich/postgres:/var/lib/postgresql/data"
env:
POSTGRES_DB: "{{ immich_postgres_db_name }}"
POSTGRES_USER: "{{ immich_postgres_db_user }}"
POSTGRES_PASSWORD: "{{ immich_postgres_db_password }}"
networks:
- name: immich-network
- name: deploy Immich-Machine-Learning
community.docker.docker_container:
name: immich-machine-learning
image: ghcr.io/immich-app/immich-machine-learning:release
restart_policy: always
volumes:
- "{{ nvme_mount_point }}/immich/model-cache:/cache"
networks:
- name: immich-network
env:
DB_DATABASE_NAME: "{{ immich_postgres_db_name }}"
DB_USERNAME: "{{ immich_postgres_db_user }}"
DB_PASSWORD: "{{ immich_postgres_db_password }}"
- name: deploy Immich-Microservices
community.docker.docker_container:
name: immich-microservices
image: ghcr.io/immich-app/immich-server:release
restart_policy: always
command: ['start.sh', 'microservices']
volumes:
- "{{ hdd_mount_point}}/immich/library:/usr/src/app/upload"
- /etc/localtime:/etc/localtime
networks:
- name: immich-network
env:
DB_DATABASE_NAME: "{{ immich_postgres_db_name }}"
DB_USERNAME: "{{ immich_postgres_db_user }}"
DB_PASSWORD: "{{ immich_postgres_db_password }}"
- name: deploy Immich-Server
community.docker.docker_container:
name: immich-server
image: ghcr.io/immich-app/immich-server:release
restart_policy: always
command: ['start.sh', 'immich']
volumes:
- "{{ hdd_mount_point}}/immich/library:/usr/src/app/upload"
- /etc/localtime:/etc/localtime
ports:
- "2283:3001"
networks:
- name: immich-network
env:
DB_DATABASE_NAME: "{{ immich_postgres_db_name }}"
DB_USERNAME: "{{ immich_postgres_db_user }}"
DB_PASSWORD: "{{ immich_postgres_db_password }}"
```
:::
The variables are:
```
immich_postgres_db_name: immich
immich_postgres_db_user: postgres
immich_postgres_db_password: postgres
```
for testing purposes.
I'm currently running this on a Hyper-V VM running Fedora 39 Server Edition.
I don't know how to fix this issue, can someone help me?
I found [this issue](https://github.com/immich-app/immich/issues/4291) on the Immich GitHub where I found [a possible fix](https://github.com/immich-app/immich/issues/4291#issuecomment-1754325320) regarding the firewall that it might block something but it didn't really help.
So I'm thankful for any ideas you can throw my way. Tell me if you need any more info.
Edit: Overlooked an error in the log and added it to the post.
I recently began learning Ansible and this playlist was very helpful with learning.
- •
- 4M
- •
cross-posted from: https://lemmy.dbzer0.com/post/19310012
>Hello,
>
> I need some help here. I've been trying to write my own Ansible playbook to setup my homeserver. The storage devices on this server are 1 NVMe SSD and 2 HDDs which I want to setup as a mirror. I want to setup all storage devices as either BTRFS or ZFS but I'm having trouble finding the correct modules to use in Ansible for this.
>
> I have also found some roles in Ansible Galaxy but those are either not explained enough for me to use and seem overwhelming to use (especially in comparison to the terminal commands that are needed to setup the BTRFS volumes or ZFS pools). But just using the builtin command module in Ansible somehow feels wrong and not the right way to go about this.
>
> Can someone point me in the right direction? Right now I think I will prefer using BTRFS.
I’m using the Immich app from TrueNAS, how do I properly update it? Or is it being taken care off by TrueNAS?
Edit: I asked on the TrueNAS discord for help and someone who already updated their Immich figured out how to fix the installation afterwards. I copy&paste the guide here:
This guide assumes that Heavyscript is installed and pgAdmin.
https://github.com/Heavybullets8/heavy_script
https://truecharts.org/charts/stable/pgadmin/
-
Upgrade Immich to v.1.95.1.
-
If Immich fails to deploy check the logs
heavyscript pod --logs immich. If the logs complain that indexes need to be deleted continue with this guide. -
Access the shell for the postgres pod
heavyscript pod -s immich. -
Select the
postgrespod. -
Inside the pod run
envand record the password. Then typeexitto exit the pod. -
Get the DNS address and port for Immich postgres pod.
heavyscript dns -a -
Launch pgAdmin and right-click on
ServersselectRegister > Server. -
In the
Connectiontab put the hostname and port from step 6. The username is immich and use the password from step 3. -
Once connected create a backup by expanding
Servers > Immich > Databasesand right-click onimmichthen selectBackup.... Follow the prompts to create a backup. -
Right-click on
immichand selectQuery Tool. -
Use the following query to delete your indexes.
FROM pg_index X JOIN
pg_class I ON I.oid = X.indexrelid JOIN
pg_am A ON A.oid = I.relam
WHERE A.amname = 'vectors';
-
Stop Immich with heavyscript
heavyscript app --stop immich. -
Once all pods have scaled down start Immich
heavyscript app --start immich.
The SQL query will complain about a syntax error but it will work regardless. It just takes some time to redeploy immich.
Credit goes to @verbalsiegeengine on Discord
I think I had the same problem not so long ago. Every proxy host was working except NPM itself. My problem was that I just entered the wrong IP for the proxy host. I had to enter localhost or 127.0.0.1 to get it to work and everything else was like the tutorial you linked (I followed the same one)
Since you want NPM to proxy to itself but using the SSL certificate and the domain you set in the proxy host.
- •
- 10M
- •
What do you use for offsite backup? Since best practice recommends 3 copies on 2 different devices where one device is offsite.
I thought about renting a storage box from Hetzner to use as an offsite backup but I was curious what you are using. And also if there might be some cheaper alternatives to my proposed solution that are equally as easy to setup.
creator
toI don’t quite follow? The domain resolves to IP address I want it to resolve. My TrueNAS server has the IP 192.168.178.167 and on it I have NPM installed as an app. The admin page of NPM is accessible via the same IP on port 10582. Syncthing is also installed and accessible via the same IP address and port 8384. I have both of them configured in NPM so that theoretically subdomain.mydomain.com should resolve correctly and that I can access their respective admin pages. For Syncthing and any other app this is working except for the admin page of NPM itself. I’m trying to figure out why that is.
- •
- 10M
- •
Edit: SOLUTION: I had to use 127.0.0.1 and port 81 for the proxy host that points to the NPM admin page
I'm trying to follow this tutorial from Wolfgang's Channel: https://www.youtube.com/watch?v=qlcVx-k-02E
but I'm using Nginx Proxy Manager (NPM) on TrueNAS Scale.
I managed to get the SSL certificate working (the challenge is successful) but after setting up the proxy host for NPM I'm unable to reach the WebUI of NPM like he does in the video after setting that up.
This is the setting for my proxy host.
But when trying to access the WebUI through the domain name all I get is 504 Gateway Time-out. Does anyone know what I did wrong?
Nginx Proxy Manager is also properly setup to use ports 80/443. So when I access the IP address without any port I get sent to the default site of NPM.
- •
- 1Y
- •
Hi,
I wanted to forward the port to my Traefik install on my TrueNAS server. Unfortunately I have now learned that my ISP restricts the range of ports that I can open externally to 12396-12415, so internally I can open port 443 to port 12400 externally. So far so good, but how do I point my Cloudflare DNS record to this port?
My router is a Fritzbox 7530 if that's relevant.
- •
- 1Y
- •
To be clear I'm a beginner and I'm a bit overwhelmed with all the information I found and not completely sure if the information I found is up to date or outdated and I figured I would just ask here to get some clear answers.
What I want to achieve:
- have TrueNAS Scale web GUI and installed apps like Nextcloud or Photoprism be remotely accessible
- have that remote access be secure
- use my registered domain instead of the IP address of my server to access the TrueNAS Scale web GUI and the installed apps
- don't have certificate warnings when accessing all this over HTTPS
Can someone explain to me how I achieve this or point me to a guide that walks me through it? I appreciate any help I can get.
I already managed to setup Tailscale and managed to access my server through that but then I got stuck on how to set it up to use my registered domain name to access the server.
So the next thing I tried was using the DynDNS of my Fritzbox but unfortunately it seems that Cloudflare (where I have registered my domain) does not provide a "update url" which the Fritzbox DynDNS GUI requires to set it up. This was to use it in combination with port forwarding and Wireguard (this is the guide I was following: https://www.wundertech.net/how-to-set-up-wireguard-on-truenas-scale/)
I also found this guide: https://notthebe.ee/blog/easy-ssl-in-homelab-dns01/ but that's for servers without TrueNAS and I don't think I'm experienced enough to transfer it and apply it to TrueNAS.
So yeah, I'm overwhelmed by information and I need help.
- •
- 1Y
- •
I have installed Komga via the Apps menu on my TrueNAS Scale server, so far so good. I created a user account on Komga and I see the UI of Komga but that's as far as I get. When I go to import and open the file browser I see this:
I recognize the linux directory structure but where is this coming from? Where do I put my comics so that I can select them there?
I'm very new to selfhosting as you can probably tell. Please help me.
Edit: Ok I think I figured it out. I didn't set a mount path for additional storage, after setting this up I can now see my comics folder under /home
I used to run multiple containers with TrueNAS Scale through their apps system (not as a VM in TrueNAS) and it was very unstable. I constantly had to fix something and the apps had constant updates even though there were no updates to the apps itself. It was really annoying to work with. I switched to Fedora Server and it has been much better since.