Can create Instances on Fangoth

frooop · May 28, 2025, 10:37am

Hi,
I just updated to 25.04.1. Everything worked great, now since I had a HAOS VM I’m trying to get the VM back following the Migration Documentation.

However, I’m stuck because whenever I’m trying to do the initial Incus setup I’m only getting to this error:


 Error: Traceback (most recent call last):
  File "/usr/lib/python3/dist-packages/middlewared/job.py", line 515, in run
    await self.future
  File "/usr/lib/python3/dist-packages/middlewared/job.py", line 560, in __run_body
    rv = await self.method(*args)
         ^^^^^^^^^^^^^^^^^^^^^^^^
  File "/usr/lib/python3/dist-packages/middlewared/api/base/decorator.py", line 93, in wrapped
    result = await func(*args)
             ^^^^^^^^^^^^^^^^^
  File "/usr/lib/python3/dist-packages/middlewared/plugins/virt/global.py", line 186, in do_update
    verrors.check()
  File "/usr/lib/python3/dist-packages/middlewared/service_exception.py", line 72, in check
    raise self
middlewared.service_exception.ValidationErrors: [EINVAL] virt_global_update.pool: Port 53 is required for virtualization but is currently in use by the following services on wildcard IPs (0.0.0.0/::): 'lyrion-music-server' application, 'unifi-controller' application, 'calibre' application application. Please reconfigure these services to bind to specific IP addresses instead of wildcard IPs.

Any suggestions on how to get my VM back?

Trevor68 · May 28, 2025, 10:58am

Wow that seems odd, I have never understood why everyone even wants specific IP’s for apps myself. Personally I forward port 443 to my truenas box, and all my apps work, wunderbar!.

Seems like port 53 is in use, which also seems to be a common theme in the forums since fangtooth. I think instead of locking in 53 it would be better to be able to choose a port perhaps?

For now I would reboot back to your last working version.

frooop · May 28, 2025, 11:02am

Yeah, thats what I did. Reverted back to 24.10 Version for now.

My setup is similar I have a lot of apps running. Most of them behind a the Nginx Reverse Proxy which handles the routing based on Domain name. Nothing special at all. Port 53 is used by Adguard though. But this can’t really be a problem, can it?

I guess I’ll wait until the Instances stuff is not “experimental” anymore.

LarsR · May 28, 2025, 11:26am

Yes adguard is your problem since incus also wants to use port 53 for DNS resolution, but you can change the incus port with a command. When I’m back from my lunch break I’ll see if I can find the forum post with the command

Edit
this is the command to change the incus dns port

incus network set incusbr0 raw.dnsmasq="port=5354"

frooop · May 28, 2025, 1:16pm

That sounds very valid I will try the update again at another time. Thanks you!

winnielinnie · May 28, 2025, 1:25pm

You can create rules and access restrictions, including VPN and port forwarding, on each “App” as if they are separate servers, including distinction from the TrueNAS host itself.

I can block all internet access from TrueNAS with only local access from specific computers, while forcing my qBittorrent jail (app) to tunnel through a specific Wireguard config, just as an example.

joemc3 · May 28, 2025, 8:31pm

This works. I ran into it on a fresh install of 25.04.0 a month or so back when I was setting up AdGuard (which wants port 53, obviously).

This morning I upgraded that instance to 25.04.1 and incus stuck itself to port 53 again and AdGuard refused to come up.

I changed the incus port again and all is well. It is just annoying that I seemingly have to do this with each upgrade. But a small annoyance (at least for me).

archonic · July 12, 2025, 4:54am

I started on Fangtooth and was trying to follow the HAOS VM instructions but I can’t get around this issue. My bridge is working, I have DHCP disabled on it and the name is br1. I enabled SSH for the root user and tried to bind dnsmasq to 5354 but I’m getting this error:

incus network set br1 raw.dnsmasq="port=5354"
Error: Only managed networks can be modified

I tried a few --help commands and found list-allocations

incus network list-allocations
+---------+---------+------+-----+-------------+
| USED BY | ADDRESS | TYPE | NAT | MAC ADDRESS |
+---------+---------+------+-----+-------------+

That seems to indicate that incus has no connections. The web UI has it connected to br1 and that bridge is working.

I’m hesitant to run commands as root since they would potentially need to be run for every upgrade and config backups wouldn’t capture that setting. Any ideas why incus seems to have no connection when I configured it to have br1?

MillerWDJr · July 15, 2025, 4:33pm

FWIW, my setup is identical to yours. Migrated from 24.10 to Fangtooth, but Pihole, NPM, and Dockge all seem to be causing problems. I’ve got HA running as a VM, so I wanted to see what it would take to migrate it to the new Instances system, since the take is that Instances is better, it’s just very new.

I’ve posted in a few places, and it seems like right now, unless there’s something I’m missing, the best solution is to configure each app to use a dedicated IP. I’d just like to understand if this will become a requirement going forward, or if this is just a workaround because things are so new.