yeah but for some reason it wanted me to put the CF_DNS_API_TOKEN_FILE into the dockge stacks.folder
because it kept saying it doesnt exist, so i had to add it there
yes i also did try the .env
i’ll try that again i suppose
the other big thing where i diverged from time was cloudflare.
i am still using wolf’s setup for that in regards to dns. whereas to, opted to set dns locally.
actually tim’s method is nice in that he can set to any local url he wants, whereas wolf we had to either use a paid domain, or a crappy free domain.
anyway had i got tim’s setup working i’m pretty sure i could have setup authentik because i am familiar with the labels for that to make it work. but not much experience with it in nginx proxy manager which requires copying the code into npm and do a minor edit to save, but when i tried it failed xd
Its a security thing. If you use an environment variable to pass the token, then its visible in the process environment, but if you instead pass a file, then you need access to the file to view the token.
In some of the Docker images I’ve built I used a script which supports either SOME_TOKEN or SOME_TOKEN_FILE so that its up to the user if they want the token as an environment variable, or as a path to a file.
BTW, all these considerations exist in apps and plugins etc… its just that you have little control over them
but when i only do this it mentioned the file cf_api_token doesn’t exist in /mnt/docker/stacks/ so it wouldn’t deploy. so i was forced to copy it there
i also did try
has this out #CF_DNS_API_TOKEN_FILE: /run/secrets/cf_api_token
# note using _FILE for docker secrets
then add this to the .env in dockge as such CF_DNS_API_TOKEN: ${CF_DNS_API_TOKEN}
but that didn’t work.
when i tried to add the token in between the { } it said it was wrong format or something
tim’s troubleshoot where my result differentiated from him,
when he did the echo for the CF_DNS_API_TOKEN and the TRAEFIK_DASHBOARD_CREDENTIALS, he had the paths returned. but mine was simply empty o-O;
so i know there is a problem there and that token is valid, just it can’t find it.
yet for the TRAEFIK_DASHBOARD_CREDENTIALS despite not outputting anything in echo, these credentials still worked when logging into the dashboard, so i surmise that the .env labels for it was working at least
though not sure about token becauz the output error was acme could not find the token
but i don’t know if it would work or not, or whether there will be bottlenecks and would boot drive from here be possible or not?
only available slot i have is a single pcie 2.0 x 4 the other slots are already occupied by graphics card and a sfp+ 10g pcie
hm…
【Note】 You can run 4 NVME SSDs at the same time, but 1—The motherboard must support PCI-E RAID function or PCIe signal splitting (support splitting PCIE X16 into 4 PCIE X4). The motherboard BIOS shows “PCIEX16 Bifurcation” and “PCIE 4x4” generally support splitting. 2—The motherboard needs to host PCIe 3.0 4.0, otherwise the speed cannot reach full speed.
Just wanted to share some information with the wonderful folks on STH forums. I stumbled on this about nine months ago by accident digging in aliexpress. There are adapters being sold by two Chinese domestic market companies that allow multiple NVMe drives on the same slot without requiring bifurcation. This has value for folks that have Ryzen or LGA115x/1200 Intel systems and want a lot of NVMe connectivity these systems would not otherwise offer. This is in lieu of moving up to HEDT (Ryzen Threadripper, Haswell-E[P]/Broadwell-E[P]/Skylake-E[P]/etc) and using a card like ASUS Hyper M.2 with bifurcation enabled.
These cards are using PLX controllers. I have one in my Ryzen 3900X system on ASUS Prime X470-PRO that is hooked to 3x 2TB Intel P3500 in software RAID 0 on Win10. It has worked very smoothly for about nine months. I get about 5GB/s write and about 4.5GB/s read using Blackmagicdesign’s Disk Speed Test. Not too shabby. I couldn’t be happier with the results and the price was not too tough to deal with.
The companies are LinkReal and Ceacent. Some others are being added periodically like DIE WU.
Generally speaking, cards that bottleneck down to a x8 interface should be fine for most people using these. Most folks running these systems will probably have a x16 graphics card in the first slot and then plugging this into a secondary slot will put both slots in x8 mode. This also has some use in older X9 servers (and similar) that don’t support bifurcation.
Managed to get truenas dashboard to use nginx proxy manager
all i did, was add an entry to it in npm, the ip, instead of to docker, put it to the truenas ip (u have 2 static ips. one for docker, the other for truenas fyi). You also had to enable web sockets or it won’t work
in general have the ip to dashboard pointing to truenas static ip, i unselect for 0.0.0.0
Some reviews what this setup might be like. one user suggested horror stories when lets encrypt certs fail to upate
but even if the duckdns.org url fails cauz lets encrypt didnt update, the fall back lan ip address would still work regardless. so… i don’t think this is a major issue
*update
further testing with the configuration, when you reboot you have to wait for docker to launch before the duckdns url works again. so there is that. If you simply just put the lan ip, it will work sooner. Other than that quirk, it works fine, and you even get a valid cert when using in https. So it has that for it. Anyway i use both depending on the situation, if i just rebooted and need immediate access without waiting, i use lan ip. if the nas has been on continously i just use the duckdns url.
not much of an issue, just wanted to point this quirk.
i’m redoing a dataset since i want to add encryption. so moving to a temp dataset, delete original, remake with encryption, copy back over.
i do this in truenas shell
cp -R /mnt/xxxxxx/temp/docker/docker /mnt/xxxxx/
once done i do it in reverse. if not sure you can always try with some test dataset see how it works
to verify i check the filesize if it matches. before i delete, create new dataset with encryption, then do the transfer to restore. then delete the temp dataset.
hm couldn’t delete the dataset it was busy with something.
so i tried restart truenas, same thing.
next thing i tried, go shell jlmkr stop docker
after that it allowed me to delete.
must be because i had a mount bind for that dataset to the jailmaker docker jail. in case someone else has a similar issue you know what might be the reason it’s locked.
tested encryption works lock/unlock. now i can move data back to it. even if for some reason it didn’t work, i still had a backup on a separate storage device.
i have a QWA wireless addon card by qnap. Can that perhaps be repurposed to use some sort of non qnap software to setup a wifi 5 access point using it? Connected to that pcie card is some sort of wifi 5, and antenna’s connected to it. What can i do with that for truenas? just wondered
In qnap qts, there were 2 wifi interfaces so dual band?
so don’t simply install whatever container on github or anywhere for that matter. dyor if the container devs are legit or not. i know a few good ones
to name a few are trusted sources. linuxserver especially will repackage container images with good security practices and provide docker compose.
stay safe out there. don’t get duped into installing a clone of a clone of a clone with an added malware package slipped in with a fake profile to make them look legit
just got ubiquiti unifi ap lite setup for the unifi controller docker container. It wasn’t working properly after i had moved from qnap to truenas, so i had to factory reset it to re-adopt it.
i had to reset the access point. so to putty to connect to it, update the firmware.
factory reset again. enter putty, then info then set-inform http://192.168.0.24:8080/inform
note: to find out your unifi lan ip just go to your router, check the dhcp leases. it will say the device is a unifi, so that is how
then switch back to the unifi controller. I used the 192… rather than my duckdns url to do this…
video explains
after i had finished adopted, it’s working properly.
i did try setting the inform to the duckdns url but i don’t think it liked that since that didn’t work when i tried
for the controller i’ll probly just use the 192… rather than duckdns because the later keeps dropping device but the former doesn’t. as such i updated dashy to point to 192 rather than the other url.
so yes this is how i got the unifi controller docker contained setup on truenas
the reason why i mentioned this, because i want to share the disruption for my qts to truenas migration. this was part of that disruption. the wireless ap still worked, but i couldn’t connect it to the unifi controller. you need that to be able to manage and update the ap from time to time.
it only took less than an hour to do the research and fix the issue. also i imported a previously saved unifi controller config, so this got me back up and running. as soon as you adopt the unifi controller, it then copies the settings for the ap you had setup previously for the ap. so this saved me a lot of headache setting that up again
personally i don’t think so. it’s a truenas journal for migration from a TS-877.
the early half covered the specific steps for that. after that is configuration. the later half was into setting back docker since it’s a different environment where before it was container station, but now we use jailmaker, so went into detail for that when setting up docker compose and what that entailed. and now, i’m covering other aspects that affected my switch from qts to truenas e.g. unifi controller broke had to fix that to get it working again in truenas docker jailmaker, expansion cards like qwa no longer working so what solution do we have for those previous qnap addon cards?
yes other stuff i may have digressed a bit, like i mention docker github may have malware in there. but that’s not a bad reminder don’t you think?
i don’t claim to be the best writer, so if my style of writing, humor to keep things fun and interesting or if you feel i veered too much and no longer of value to you, i’m not forcing anyone to read *shrug and i even added summaries at certain check points to even remind on that point where this thread was at and even one point where i added a reminder what to expect moving forward if people feel they are done and want to hop off. i was also concerned about this but i was still in the process exploring what else i might have missed when navigating truenas for this setup but i did warn others to temper expectations about that since i myself wasn’t too sure at this point cauz i was still contemplating this
and yes i also do also recommend to skim. I use the forum topic search option to go straight to the talking point i need to refer back to. if you are looking for a short to the point thread this ain’t it >_<: maybe someone else can do that. i would mostly use this to come back to refer back so i can troubleshoot issue later if i need to recall the steps i did for this switch. and maybe it will help someone else in the process too.
it’s mostly a journal for my experience migrating to truenas and the stuff i had to go through to get here more or less.
i mentioned some apps options i could use on truenas, to point out the app options you could use, so it’s not like you are bound to some nas ecosystem and their native apps. made some suggestions like immich (pictures), jellyfin (video streaming), and how to set that up.
Also other utility like setting up locally working valid letsencrypt https cert with a domain name url.
Because i’m coming from a qts ecosystem and trying to replicate some of what i could do there on truenas hence why i covered here too to document that it also could be setup as well on here and how. is that going overboard when branching into utility for these configs and how to set that up in truenas? i didn’t think so at the time.
But your the mod it’s your call what you want to do about it. i’m just a regular member posting what i thought would help people making the switch x-x; i’m not a professional paid writer to begin with
and the reason for more msg than necessary, there was a very long cooldown to edit existing messages so i had no recourse for that. i even brought it up x-x; that i was locked out of making edits. So i can’t even do stuff like ammend older posts in thread to tidy things up.
but if you think the thread can go no further well i can stop posting at this point. didn’t know this was an issue i was indeed in the process of winding it down, but guess that can be now i guess
I’m not going to tell you to stop, you have done nothing wrong. It just seems to have gotten off topic a little at times, not that it doesn’t happen and I’m guilty of that as well.
you did nothing wrong either. wasn’t trying to call you out or anything like that.
i just wasn’t sure what exactly you meant and i merely just wanted clarification how i could proceed from this point onward at least in regards to this thread though i will try now onwards to stay on topic as best as i can. warning noted. and ty for the reminder, i do appreciate it. otherwise i would not know
this is why i titled it journal
a record of what you have done, or of descriptions or thoughts, written each day or frequently over a long period; a diary
so the writting style was a bit lax. though i admit maybe it veered too much at times
I’ll try refrain from posting unless it’s as relevant as possible something i may have revisted at later date or missed out on. but i’m more or less done basically at this point. just working out some quirks like the lcd which has been nagging at me.
For myself it didn’t work, but i heard direct from the horses mouth that it still works. So take note of that.
The only reason i can think right now why it didn’t work, is because
so there is something wrong with my truenas where now the root user cannot run this command. i have no idea why or how to fix it
but essentially if you are able to follow the steps in the reddit, it would work as long as you can add that chmod a+x to the lcd files.
in conclussion it does work, just not for me. so if anyone else is attempting this, it’s most likely to work for you cause other users are using the script just fine.
I also wanted to share if you are coming from QNAP QTS ext4 linux (reminder: the TS-877 does not have access to quts hero which is qnaps version of zfs), and know nothing about zfs, then i strongly recommend to read Eric’s introductory on ZFS here
It explains quite a bit how it works under the hood. So i was reading on that during my break
After first reading that, i also recommend these others as well. There are many more especially on Lawrence’s and level1 youtube channels so check those out as well
These introductory material would have been most helpful early on when first setting up your truenas. I myself mostly followed the setup guide recommended settings step by step which was how i avoided landmines. Only later i brushed up on the zfs to better understand the details.
root@truenas[~]# chmod a+x /mnt/xxx/test/lcd/lcd_preinit.sc
chmod: changing permissions of ‘/mnt/xxx/test/lcd/lcd_preinit.sc’: Operation not permitted
root@truenas[~]#
ZFS aclmode property of your dataset is set to ‘restricted’. This probably happened because you configured it to have ‘Windows’ permissions. Chmod tends to break nfsv4 acls hence it is disallowed.
If you absolutely must use chmod on the dataset, you can set the ZFS aclmode property to ‘passthrough’. See ZFS manpage for syntax.
I have a few files that somehow the permissions got changed around locally on freenas. So the owner of the files can not longer write. -r-xrwxr-x+ I am logged in as the local root user, and I am attempting to change the files permissions. I have…
seems my situation is having something else affecting it.
becauz i put the scripts in a test dataset, i dared to change the data > advanced > acl mode > passthrough
after that the command worked.
fyi, no idea what the repercussions is for allowing passthrough for that, but i did it on an uninmportant dataset i use for testing purposes. keep that in mind and dyor.
*shrug and i even added summaries at certain check points to even remind on that point where this thread was at and even one point where i added a reminder what to expect moving forward if people feel they are done and want to hop off. i was also concerned about this but i was still in the process exploring what else i might have missed when navigating truenas for this setup but i did warn others to temper expectations about that since i myself wasn’t too sure at this point cauz i was still contemplating this
