[Support] ich777 - Application Dockers


ich777

Recommended Posts

4 hours ago, Maggi0r said:

Thank you very much so I have entered that.
When I look at system devices in unRaid, I don't see a name there.

However, if I forward the device to a VM, it works without problems.

Regards Maggi

USB Gerät in VM.PNG

USB Gerät Touchscreen.PNG

Yep because a VM has access to the physical device and you install the driver inside the VM but with Docker the driver must work on the Host.

 

4 hours ago, Mikey160984 said:

Since the last update, DirSync is filling up my Docker Image File to the maximum. Anyone got the same issue? Re-installed it several times, but as soon as it starts to sync, it fills up the Docker File. Didn't change anything before, just updatet...

I will look into that, can you post a picture from your template configuration, i think a path isn't set right and DirSyncPro sync to a directory inside the container.
Which sync method did you use?

 

EDIT: Found it, the last update removed the SMB option and i forgot to put one line in the code.

Now you have to use the Unassigned Devices plugin to mount an SMB share and then create a path in the template to that share so that it picks up.

Completely my fault... Sorry

Do a force update on your unraid docker page with advanced view turned on and then start the container, you will see a light tutorial how to do use it now with an SMB share.

Edited by ich777
Link to comment
59 minutes ago, Mikey160984 said:

found the problem... its due to the "new lack" of smb. I had it configured via smb to sync the files to the backup server. Had to change it to the local thing now. Had some issues at first, but now it seems to work fine again

Yep, i've already wrote that in the first post, also one line was missing in the code.

Please read the first answer above.

  • Like 1
Link to comment

Hey guys, as you may know zabbix-agent2 is out. Which brings support for docker monitoring natively.

I managed to get this working properly on CentOS 8 server running docker, there was only one issue which was that server couldn't fetch data from agent.

Fix to that was to simply add user "zabbix" to docker group issuing this command: "gpasswd -a zabbix". I have exacly the same issue in zabbix-server logs again with unraid so i tried to do the same command. While the unraid did successfully added user zabbix to docker group I still cant get it working.

 

Here's how i manually created docker container in unraid.

 

docker create \
--name zabbix-agent \
--net host \
--privileged \
-e HOST_OS="Unraid" \
--restart unless-stopped \
-e ZBX_HOSTNAME="Unraid server" \
-e ZBX_SERVER_HOST="10.0.20.10" \
-e ZBX_ACTIVE_ALLOW="false" \
-e TZ=Europe/London \
-v /var/run/docker.sock:/var/run/docker.sock \
-v /usr/bin/docker:/usr/bin/docker \
zabbix/zabbix-agent2:alpine-trunk

 

Any idea what am I missing to make this working?

 

Link to comment
6 hours ago, Korshakov said:

Hey guys, as you may know zabbix-agent2 is out. Which brings support for docker monitoring natively.

I managed to get this working properly on CentOS 8 server running docker, there was only one issue which was that server couldn't fetch data from agent.

Fix to that was to simply add user "zabbix" to docker group issuing this command: "gpasswd -a zabbix". I have exacly the same issue in zabbix-server logs again with unraid so i tried to do the same command. While the unraid did successfully added user zabbix to docker group I still cant get it working.

 

Here's how i manually created docker container in unraid.

 

docker create \
--name zabbix-agent \
--net host \
--privileged \
-e HOST_OS="Unraid" \
--restart unless-stopped \
-e ZBX_HOSTNAME="Unraid server" \
-e ZBX_SERVER_HOST="10.0.20.10" \
-e ZBX_ACTIVE_ALLOW="false" \
-e TZ=Europe/London \
-v /var/run/docker.sock:/var/run/docker.sock \
-v /usr/bin/docker:/usr/bin/docker \
zabbix/zabbix-agent2:alpine-trunk

 

Any idea what am I missing to make this working?

 

I think this can be a permission issue of some kind have you allready provided the UID or GID to the container otherwise it uses eventually the wrong user or group but on the other hand you don't have to create a user for this on unraid (also i think users will be wiped if they are created from the command line if you reboot the server, someone correct me if i'm wrong ;) ).

 

Link to comment

Hi, 

I've a problem with RapidPhotoDownloader, 

Installation goes well, docker start too but when I plug my Nikon D7000 in a USB port it pop into RPD and I have this message

 

image.png.9a7881857ce4c09155bad241b6f2c705.png

 

I'm confused because I usually connect it to a raspberry with gphoto2 on it and everything works well !

 

In docker logs thre is this

 

---Checking if UID: 99 matches user---
---Checking if GID: 100 matches user---
---Setting umask to 000---
---Checking for optional scripts---
---No optional script found, continuing---
---Starting...---
---Checking if Rapid Photo Downloader is installed---
---Rapid Photo Downloader found---
---Preparing directories---
---Resolution check---
---Window resolution: 1024x881---
---Preparing Server---
---Checking for old logfiles---
---Checking for old lock files---
---Starting dbus service---
---dbus service started---
---Starting Xvfb server---
---Starting x11vnc server---
---Starting noVNC server---
WebSocket server settings:
- Listen on :8080
- Flash security policy server
- Web server. Web root: /usr/share/novnc
- No SSL/TLS support (no cert file)
- Backgrounding (daemon)
---Starting Rapid Photo Downloader---
WARNING: CPU random generator seem to be failing, disable hardware random number generation
WARNING: RDRND generated: 0xffffffff 0xffffffff 0xffffffff 0xffffffff
// ... this WARNING message repeat many time ...
WARNING: CPU random generator seem to be failing, disable hardware random number generation
WARNING: RDRND generated: 0xffffffff 0xffffffff 0xffffffff 0xffffffff
�[31mERROR �[0m Unable to access camera: GP_ERROR_IO�[0m

everytime I click "Try Again" the last line repeat.

 

Has someone ever had this issue ? 

Thank you !!

 

Alex.

 

 

 

Link to comment

I've tried adding variables:

-e PUID=99 \
-e PGID=100 \

 

However no joy, I am afraid this docker container does not support these? I might be wrong i really don't know. On zabbix docker hub there is no mention of puid of pgid. All it really says is to run it privileged or mount the volumes i want to monitor.

 

 

 

Edited by Korshakov
Link to comment
1 hour ago, alesck said:

Hi, 

I've a problem with RapidPhotoDownloader, 

Installation goes well, docker start too but when I plug my Nikon D7000 in a USB port it pop into RPD and I have this message :

 

I'm confused because I usually connect it to a raspberry with gphoto2 on it and everything works well !

 

In docker logs thre is this

 

everytime I click "Try Again" the last line repeat.

 

Has someone ever had this issue ? 

Thank you !!

 

Alex.

 

 

 

How did you mount the camera inside the container? With an extra startup parameter '--dev=' or did you mount the path to the camera directly in the template?

 

Is the camera in PTP mode (Picture Transfer Mode)? Seems like RapidPhotoDownloader is detecting that the camera is read only.

 

26 minutes ago, Korshakov said:

I've tried adding variables:

-e PUID=99 \
-e PGID=100 \

 

However no joy, I am afraid this docker container does not support these? I might be wrong i really don't know. On zabbix docker hub there is no mention of puid of pgid. All it really says is to run it privileged or mount the volumes i want to monitor.

 

 

 

Can you provide a link to the new container? I'm not really familar with Zabbix since i'm not using it, I only created the templates and tested if everything is working...

Link to comment
38 minutes ago, ich777 said:

How did you mount the camera inside the container? With an extra startup parameter '--dev=' or did you mount the path to the camera directly in the template?

 

Is the camera in PTP mode (Picture Transfer Mode)? Seems like RapidPhotoDownloader is detecting that the camera is read only.

 

I didn't mout the camera into the container, when I connect usb, it pop in. In dmesg from the container console i can read this when I connect my camera :

usb 1-6: new high-speed USB device number 7 using xhci_hc

 

Futhermore, my camera is in PTP mode and I can't change it from it's menu, and if I connect it to my Windows machine it is R/W.

 

official help says : 

Quote

Downloading from Cameras and Smartphones

Unlike devices like hard drives or memory cards, when a camera or smartphone is plugged into your computer, only one program at a time can access it (the same applies to any MTP or PTP device).

Because only one program at a time can access the camera or smartphone, if another program is using the it — Gnome Files, for example — where possible Rapid Photo Downloader will request the other program give up its exclusive control of it. For programs using Gnome technology (GVFS to be precise), that means "unmounting" or "ejecting" the camera / smartphone.

 

Edited by alesck
Link to comment
15 minutes ago, alesck said:

I didn't mout the camera into the container, when I connect usb, it pop in. In dmesg from the container console i can read this when I connect my camera :


usb 1-6: new high-speed USB device number 7 using xhci_hc

 

Futhermore, my camera is in PTP mode and I can't change it from it's menu, and if I connect it to my Windows machine it is R/W.

 

official help says : 

 

And there is the problem, the container can't simply access the device itself, you have to physicaly mount it somehow to the container (the container can see it but not mount or even access it.

 

I never tried to pass a device directly to a container but it should you should do it like follows:
Go into the template and add another path and set the container and host path to: '/dev/bus/usb' (also it is possible that you must enable Privileged, but I recommend you to try it out first without Privileged).

 

A Docker Container is an isolated image, it might see the device but can't actually connect to it only after you configured it right.

Also the 'Container' is not the same as 'your Computer'.

Link to comment
55 minutes ago, ich777 said:

Can you provide a link to the new container? I'm not really familar with Zabbix since i'm not using it, I only created the templates and tested if everything is working...

Zabbix Agent 2 Documentation:

https://www.zabbix.com/documentation/current/manual/concepts/agent2

 

Zabbix Agent2 Docker:

https://registry.hub.docker.com/r/zabbix/zabbix-agent2

Agent2 is officially released so no need to use trunk tag latest tag is perfect.

 

Something more to read about zabbix agent2

https://blog.zabbix.com/magic-of-new-zabbix-agent/8460/

 

If it was you who created those templates in "CA App Store in Unraid" then I WOULD LOVE YOU TO HIGH HEAVENS if you could make templates for zabbix server and web interface using postgres database as well. Zabbix has put a lot of time to postgres as its better than mysql due to constant writing to database. (its better for zabbix is what i mean).

 

Here are my codes i used to create dockers on centos machine (should be same on unraid too). And these has been running in real production for month so it should

***zabbix postgres server***
docker create \
--name zabbix-server \
--net mybridge \
--ip 5.0.10.20 \
--restart unless-stopped \
-e DB_SERVER_HOST="5.0.10.25" \
-e DB_SERVER_PORT="5432" \
-e POSTGRES_DATABASE="zabbix" \
-e POSTGRES_USER="zabbix" \
-e POSTGRES_PASSWORD="Clare3633" \
-e TZ="Europe/London" \
-v /etc/localtime:/etc/localtime:ro \
-v /etc/timezone:/etc/timezone:ro \
-p 10051:10051 \
zabbix/zabbix-server-pgsql:centos-trunk

 

***zabbix web server***
docker create \
--name zabbix-web \
--net mybridge \
--ip 5.0.10.21 \
--restart unless-stopped \
-p 8686:8080 \
-e DB_SERVER_HOST="5.0.10.25" \
-e POSTGRES_USER="zabbix" \
-e POSTGRES_PASSWORD="Clare3633" \
-e ZBX_SERVER_HOST="5.0.10.20" \
-e PHP_TZ="Europe/London" \
-v /etc/localtime:/etc/localtime:ro \
-v /etc/timezone:/etc/timezone:ro \
zabbix/zabbix-web-nginx-pgsql:centos-trunk

 

***zabbix-agent2***
docker create \
--name zabbix-agent \
--net mybridge \
--privileged \
--ip 5.0.10.22 \
--restart unless-stopped \
-e /etc/localtime:/etc/localtime:ro \
-e /etc/timezone:/etc/timezone:ro \
-e ZBX_HOSTNAME="Centos server" \
-e ZBX_SERVER_HOST="5.0.10.20" \
-e ZBX_ACTIVE_ALLOW="false" \
-e TZ=Europe/Dublin \
-v /var/run/docker.sock:/var/run/docker.sock \
-v /usr/bin/docker:/usr/bin/docker \
-v /mnt/appdata/zabbix-agent/config:/etc/zabbix/zabbix_agentd.d \
zabbix/zabbix-agent2:alpine-trunk

 

Bare in mind that zabbix agent and zabbix agent2 are two products so please do not replace your agent template which is there already. Also if i could recoomend to mount conf.d folder for both agents so people are able to add user parameters easily.

Here are the allowed volumes inside container:

/etc/zabbix/zabbix_agentd.d

/var/lib/zabbix/modules

/var/lib/zabbix/enc

 

all 3 with read/write permission and they all can be under one config folder with subfolders such as

/mnt/user/appdata/zabbix-agent/conf.d

/mnt/user/appdata/zabbix-agent/modules

/mnt/user/appdata/zabbix-agent/enc

 

In agent template you have variables for encryption, but in order for that to work properly there has to be two more thinks PSK Identity and PSK.key file.

For the identity you can just do this:

-e ZBX_TLSPSKIDENTITY="whatever you want to call it for example PSK1"

and

-e ZBX_TLSPSKFILE="this can be stored in conf.d folder" -- Please be aware people need to create file such as for example key.psk using nano editor in paste their key string there.

simple command "openssl rand --hex 32" will generate the key string.

 

Hope i wrote everything. Please contact me if you wish for further info.

Link to comment
Just now, Korshakov said:

Zabbix Agent 2 Documentation:

https://www.zabbix.com/documentation/current/manual/concepts/agent2

 

Zabbix Agent2 Docker:

https://registry.hub.docker.com/r/zabbix/zabbix-agent2

Agent2 is officially released so no need to use trunk tag latest tag is perfect.

 

Something more to read about zabbix agent2

https://blog.zabbix.com/magic-of-new-zabbix-agent/8460/

 

If it was you who created those templates in "CA App Store in Unraid" then I WOULD LOVE YOU TO HIGH HEAVENS if you could make templates for zabbix server and web interface using postgres database as well. Zabbix has put a lot of time to postgres as its better than mysql due to constant writing to database. (its better for zabbix is what i mean).

 

Hope i wrote everything. Please contact me if you wish for further info.

I created 2 of the 3 templates in the CA App (I think the Zabbix Agent is created by another user).

 

I will look into this but please keep in mind that it could take a bit since my spare time is at the time really, really, really limited... :(

First of all i will look into Agent2 and then i have to dig into postgres because i'm not really into it and i try everything before i release it... so this will take longer.

Link to comment
1 minute ago, ich777 said:

I created 2 of the 3 templates in the CA App (I think the Zabbix Agent is created by another user).

 

I will look into this but please keep in mind that it could take a bit since my spare time is at the time really, really, really limited... :(

First of all i will look into Agent2 and then i have to dig into postgres because i'm not really into it and i try everything before i release it... so this will take longer.

No problem at all, thank you VERY much in advance.

Link to comment
4 hours ago, ich777 said:

And there is the problem, the container can't simply access the device itself, you have to physicaly mount it somehow to the container (the container can see it but not mount or even access it.

 

I never tried to pass a device directly to a container but it should you should do it like follows:
Go into the template and add another path and set the container and host path to: '/dev/bus/usb' (also it is possible that you must enable Privileged, but I recommend you to try it out first without Privileged).

 

A Docker Container is an isolated image, it might see the device but can't actually connect to it only after you configured it right.

Also the 'Container' is not the same as 'your Computer'.

 

In unRaid Tools > System Devices > USB Devices my camera is present as

Bus 001 Device 009:ID 04b0:0428 Nikon Corp. D7000

Unfornatly I've tried many configuration in privilege mode, none works.

 

share path (RW) /dev/bus/usb

share path (RW) /dev/bus/usb/001

share path (RW) /dev/bus/usb/001/009

share device /dev/bus/usb

share device /dev/bus/usb/001

share device /dev/bus/usb/001/009

 

I'm out of idea :(

Link to comment
2 hours ago, alesck said:

 

In unRaid Tools > System Devices > USB Devices my camera is present as


Bus 001 Device 009:ID 04b0:0428 Nikon Corp. D7000

Unfornatly I've tried many configuration in privilege mode, none works.

 

share path (RW) /dev/bus/usb

share path (RW) /dev/bus/usb/001

share path (RW) /dev/bus/usb/001/009

share device /dev/bus/usb

share device /dev/bus/usb/001

share device /dev/bus/usb/001/009

 

I'm out of idea :(

I will try that as soon is i got time with a usb stick or something else (eventually my mobile phone).

 

What you can do is to import your folder on your unraid and then import it in RapidPhotoDownloader.

Or if you want to automate that process you can use the Unassigned Devices Plugin with auto mount and a copy script.

Link to comment
2 hours ago, ich777 said:

I will try that as soon is i got time with a usb stick or something else (eventually my mobile phone).

 

What you can do is to import your folder on your unraid and then import it in RapidPhotoDownloader.

Or if you want to automate that process you can use the Unassigned Devices Plugin with auto mount and a copy script.

I don't think we can mount PTP or MTP devices without abstraction like lib-gphoto2, in fact that's the purpose of RapidPhotoDownloader.

Link to comment
8 hours ago, alesck said:

I don't think we can mount PTP or MTP devices without abstraction like lib-gphoto2, in fact that's the purpose of RapidPhotoDownloader.

Doese it show up in the Unassigned Devices on the Dashboard?

I cant test this since I don't have any PTP or MTP device...

 

I'm sorry but i don't know how other users been using it since on this container has at time of writing 7.7k pulls i think it should be working somehow but i can't help since i don't got such a device, eventually i look into it wich devices have this mode (my phone sadly not) and eventually i find a cheap device that i can buy to test.

Link to comment
3 hours ago, ich777 said:

Doese it show up in the Unassigned Devices on the Dashboard?

I cant test this since I don't have any PTP or MTP device...

 

I'm sorry but i don't know how other users been using it since on this container has at time of writing 7.7k pulls i think it should be working somehow but i can't help since i don't got such a device, eventually i look into it wich devices have this mode (my phone sadly not) and eventually i find a cheap device that i can buy to test.

Nop, nothing in Unassigned devices. 

 

Any android phone is PTP or MTP (selectable in parameters beside Mass storage media (maybe in hidden developper menu in some cases)), any camera with PC link over USB should also be PTP or MTP. 

 

I will try to install RPD in a graphical ubuntu VM to test USB passthrough .. maybe it will works.

Link to comment
2 hours ago, alesck said:

Nop, nothing in Unassigned devices. 

 

Any android phone is PTP or MTP (selectable in parameters beside Mass storage media (maybe in hidden developper menu in some cases)), any camera with PC link over USB should also be PTP or MTP. 

 

I will try to install RPD in a graphical ubuntu VM to test USB passthrough .. maybe it will works.

On my phone not (I'm run a custom version of Lineage OS).

 

Yes that will work but for usb hotpluging you need to passthrough a whole controller to the VM as long as i know, also a VM is a little overkill for this... :D

 

Also now that you've mentioned it is a ptp device not listed under /dev/ptpX?

Try to create a new path with /dev and hand that over to the container (eventually try also to run it with privileged mode).

 

EDIT: Is there no option on the camera to use it as a normal usb drive (then the solution with Unassigned Devices should work).

Edited by ich777
Link to comment
6 hours ago, droopie said:

does DebianBuster-Nvidia require gpu passthrough? my cpu supports virtualization but doesnt passthrough the gpu in vm's. 

No doesn't require passtrough but you need to install the Linuxserver.io Nvidia plugin and install the version of your choice.

 

What are you going to do with this container?

Link to comment
On 11/10/2019 at 5:03 AM, ich777 said:

Exactly.

 

Nope, these are standard DNS servers and they are not secured by DoH but since i don't want to get Cloudflare or Google all of my DNS querys i rotate them and i let my server also use a few friends of mine and so no one could say wich traffic from wich device came, my server at home is more or less the DNS server for all of these devices.

 

Yeah i thought of that but that's a little bit too much latency in my oppinion and there is everywhere a weak point.

I'm sick that everybody tracks everything and now i got a gateway (my Unraid DNS server that asks goolgle, cloudflare and a few other dns servers unencrypted) where everything is a little bit messed up in terms of tracking because ~10 people are using it.

Hi there,

 

Just installed the DoH-Client container today...I am confused by the above - does this mean my outbound DNS queries as intercepted by the container are NOT encrypted, and are just distributed to whatever DNS resolver you have specified in the config file?

 

Currently test setup:

  • Windows Laptop > DNS pointing to <unraid IP>:53
  • DoH-Client set to use OpenDNS resolver
  • DoH-Client set to use Google bootstrap
  • Router set to use OpenDNS primary/secondary servers

Basically, how do I confirm DNS lookups to the wider internet are encrypted?

 

Cheers,

 

Xav.

Link to comment
13 hours ago, xavierda said:

Hi there,

 

Just installed the DoH-Client container today...I am confused by the above - does this mean my outbound DNS queries as intercepted by the container are NOT encrypted, and are just distributed to whatever DNS resolver you have specified in the config file?

 

Currently test setup:

  • Windows Laptop > DNS pointing to <unraid IP>:53
  • DoH-Client set to use OpenDNS resolver
  • DoH-Client set to use Google bootstrap
  • Router set to use OpenDNS primary/secondary servers

Basically, how do I confirm DNS lookups to the wider internet are encrypted?

 

Cheers,

 

Xav.

Yes, and no they are encrypted it depends on the resolver...

You can test it at https://www.dnsleaktest.com/ and run the extended test.

Link to comment

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.

Guest
Reply to this topic...

×   Pasted as rich text.   Restore formatting

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.