WbrJr

joined 11 months ago
[–] [email protected] 5 points 1 week ago

Adding to the interesting lists here: As a sport for me I found bouldering and climbing. I don't like sport but bouldering is not about sport but about getting up that stupid wall, and it feels amazing.

I have multiple hobbies, some require my brain (programming, electronics, engineering and stuff like that) Others not so much (music production/playing live sets, building dioramas, woodworking, metalworking, working on my motorcycle or cooking) And I can highly recommend to get hobbies that both require some concentration and creativity so you can have some balance :) Good luck!

[–] [email protected] 2 points 1 week ago

I feel you. There is this little bit oft hope, that all my effort actually achieves something. But its like hoping for thr existance of god it feels like

[–] [email protected] 1 points 2 weeks ago* (last edited 2 weeks ago) (1 children)

Wow, thanks!! That actually solved it apparently! Why does the wireguard config change if i can ping outside the docker container though? Is it because the wireguard client inside the container opens up ip adresses or something? :) Thanks again! Itried to find a solution for many hours yesterday :D

Oh and is the ',' in the allowed ips meant as an "and" or rather an "or"?

 

Hi! I am trying to set up a wireguard client in docker. I use the linuxserver image, I it running in server mode on a different machine (exactly the same ubuntu version) and i can login with my laptop to the wireguard server, but the docker wg-client has problems, i hope someone has an idea :)

The client docker container has trouble starting and throws this error: [___](modprobe: FATAL: Module ip6_tables not found in directory /lib/modules/6.8.0-47-generic ip6tables-restore v1.8.10 (legacy): ip6tables-restore: unable to initialize table 'raw' Error occurred at line: 1 Try 'ip6tables-restore -h' or 'ip6tables-restore --help' for more information. )

I copied the config to the server with the wg server running, it has the same problem with the client. I can ping google.com from inside the server container, but not from inside the client container. Here is the output of the 'route' cmd from the client:Kernel IP routing table Destination Gateway Genmask Flags Metric Ref Use Iface 172.18.0.0 * 255.255.0.0 U 0 0 0 eth0

I searched for a solution quite a bit, but cant seem to find something that works. changed the .yml compose file according to some suggestions but without success.

I tried to install the missing module but could not get it working.

Its a completely clean install of ubuntu 24.04.1 LTS, Kernel: Linux 6.8.0-47-generic.

here is the compose file, in case its needed, it should be exact same one as provided by linux-server in their github:

compose file:

services:
  wireguard:
    image: lscr.io/linuxserver/wireguard:latest
    container_name: wireguard-client
    cap_add:
      - NET_ADMIN
      - SYS_MODULE #optional
    environment:
      - PUID=1000
      - PGID=1000
      - TZ=Europe/Berlin
#      - SERVERURL=wireguard.domain.com #optional
#      - SERVERPORT=51820 #optional
#      - PEERS=1 #optional
#      - PEERDNS=auto #optional
#      - INTERNAL_SUBNET=10.13.13.0 #optional
#      - ALLOWEDIPS=0.0.0.0/0 #optional
#      - PERSISTENTKEEPALIVE_PEERS= #optional
#      - LOG_CONFS=true #optional
    volumes:
      - /srv/wireguard/config:/config
#      - /lib/modules:/lib/modules #optional
    ports:
      - 51820:51820/udp
    sysctls:
      - net.ipv4.conf.all.src_valid_mark=1
    restart: unless-stopped

here is the complete error log from the wg-client docker:

error

[migrations] started
[migrations] no migrations found
usermod: no changes
───────────────────────────────────────

      ██╗     ███████╗██╗ ██████╗
      ██║     ██╔════╝██║██╔═══██╗
      ██║     ███████╗██║██║   ██║
      ██║     ╚════██║██║██║   ██║
      ███████╗███████║██║╚██████╔╝
      ╚══════╝╚══════╝╚═╝ ╚═════╝

   Brought to you by linuxserver.io
───────────────────────────────────────

To support the app dev(s) visit:
WireGuard: https://www.wireguard.com/donations/

To support LSIO projects visit:
https://www.linuxserver.io/donate/

───────────────────────────────────────
GID/UID
───────────────────────────────────────

User UID:    1000
User GID:    1000
───────────────────────────────────────
Linuxserver.io version: 1.0.20210914-r4-ls55
Build-date: 2024-10-10T11:23:38+00:00
───────────────────────────────────────
    
Uname info: Linux ec3813b50277 6.8.0-47-generic #47-Ubuntu SMP PREEMPT_DYNAMIC Fri Sep 27 21:40:26 UTC 2024 x86_64 GNU/Linux
**** It seems the wireguard module is already active. Skipping kernel header install and module compilation. ****
**** Client mode selected. ****
[custom-init] No custom files found, skipping...
**** Disabling CoreDNS ****
**** Found WG conf /config/wg_confs/peer1.conf, adding to list ****
**** Activating tunnel /config/wg_confs/peer1.conf ****
[#] ip link add peer1 type wireguard
[#] wg setconf peer1 /dev/fd/63
[#] ip -4 address add 10.13.13.2 dev peer1
[#] ip link set mtu 1420 up dev peer1
[#] resolvconf -a peer1 -m 0 -x
s6-rc: fatal: unable to take locks: Resource busy
[#] wg set peer1 fwmark 51820
[#] ip -6 route add ::/0 dev peer1 table 51820
[#] ip -6 rule add not fwmark 51820 table 51820
[#] ip -6 rule add table main suppress_prefixlength 0
[#] ip6tables-restore -n
modprobe: FATAL: Module ip6_tables not found in directory /lib/modules/6.8.0-47-generic
ip6tables-restore v1.8.10 (legacy): ip6tables-restore: unable to initialize table 'raw'
Error occurred at line: 1
Try `ip6tables-restore -h' or 'ip6tables-restore --help' for more information.
[#] resolvconf -d peer1 -f
s6-rc: fatal: unable to take locks: Resource busy
[#] ip -6 rule delete table 51820
[#] ip -6 rule delete table main suppress_prefixlength 0
[#] ip link delete dev peer1
**** Tunnel /config/wg_confs/peer1.conf failed, will stop all others! ****
**** All tunnels are now down. Please fix the tunnel config /config/wg_confs/peer1.conf and restart the container ****
[ls.io-init] done.

Thanks a lot. I appreciate every input!

[–] [email protected] 1 points 3 weeks ago

How would one do that for real? Propably not write and push code that is not ready for production? And do reviews and Tests?

[–] [email protected] 1 points 1 month ago (1 children)

When I am on the server, it can even ping the domain. On my laptop, it can only resolve the domain to the correct ip

[–] [email protected] 1 points 1 month ago (1 children)

Changing the domain does not change the problem sadly. I thought .local is a safe one to use

[–] [email protected] 2 points 1 month ago (3 children)

So in the dnsmasq.config file is this entry: 'address=/server.local/192.168.178.10' and using nslookup it resolves it correctly

 

So I am working on my home server. I installed docker and use a dnsmasq container as my dns server to resolve local ip adresses.

Laptop and server are both linux (ubuntu LTS 24.4)

What works:

  • 'resolvectl status' shows the ip of my dns server
  • i can ping the ip of the dns server (that will run other stuff like nextcloud soon as well)
  • i can use nslookup to resovle server.local to the correct ip address (even after changing the entry, so its not the cache in my laptop)

what does not work:

  • i can not ping server.local (- for testing i have to stop the systemd-resolved.service to run the dnsmasq server, or else there are port collisions, but that should not be the problem i guess. I am happy to hear your solution :))
  • i can also not use ssh to log in to server.local, ip address works

What am i missing?

Thanks a lot already! BTW: ZFS is crazy nice :D

[–] [email protected] 3 points 3 months ago
[–] [email protected] 4 points 3 months ago (1 children)

It feels like its always the same with big companies trying to please their stakeholders. They just manoeuvered themselves into a very bad corner by planning super short term and trying to milk each product to their limits. All of this because they were super dominant for a long time. But as soon as they experience pressure by amd, apple m1 series or qualcom, to actually perform, they crumble under their own short term planning. It feels like their existence ist onley based on their reputation from several years back and the lack of research done by the customers

[–] [email protected] 8 points 3 months ago (1 children)

Haha thats just how capitalism treated every technological evolution. Society develops a new thing that could ease the work of thousands and enable more spare time. But instead this time is used to create even more tasks. Only difference, that ai does not really speed up things that much right now

[–] [email protected] 6 points 3 months ago (1 children)

To be honest i offen feel the same, just helpless and too insignificant to change it in my own. But thats the point, we are not allone! I just try to show them undenieble facts, the already very present effect of climate crisis or just statistics of how the money is distributed in our country. The thing I struggle most with them is their bad feith in people. For example many welfare programs or in the extreme the concept of unconditional income by the state gets always used to argue that people are lazy and it would not work because no one would get a job anymore, which i disagree with

[–] [email protected] 5 points 3 months ago

Depends in how much you dont want to die

 

Hi! I know this is a kind of dangerous topic to ask :D And I am sorry this got so long.

I plan on building my own little home server. Currently I will mostly use it for nextcloud, maybe some other stuff, like git. I would like to be able to access nexcloud or git from outside my home (yes, i actually go outside sometimes.. dont know why though). I will run docker and portainer on a pi5 (i guess its enough for one person) and I have 4x4tb disks. I currently plan on creating a software raid 10 with the disks to get 8tb of storage.


I have two types of disks, a new set of ironwolf and a used set of wd 24/7 drives. How would you arrange them? Put both from one type in raid 1 or mix both types in raid 1? I just heared about LVM. Would you recommend to put that on top of the raid? I dont know If i plan to change the storage setup, but doubt it currently. Im not shure if ZFS would be a better solution for me, but it seems unneccesserry at the moment.


I dont quite know what i should search for to find a solution about accessing the services from outside. I would like to avoid a (wireguard) vpn so i can log in on a different device without setting it up, or that i can connect to the vpn at work or uni and still be able to use my nextcloud data. So dyn dns with portforwarding seems to be the only option. But I am a little afraid to open up my home network to the outside like this, without another protection like a login. I know nextcloud has that, but im not shure if that is enough or what can be seen and accessed from the outside if i use ddns and port forwarding.


For backups I plan on using dublicati and storing the backups encrypted to either pcloud (would need to by, additional cost..) or a server at a friends or my dads house. But with the second solution I am not shure how I would create a tunnel to their server, so its secure for both of us. He has a static ip, so no ddns needed. Maybe here would be a wireguard tunnel be best? My dad does not have a static ip but would create a wirequard vpn for me with MyFritz (avm ddns service). Any thoughts on that? I would create a disk image of the completed os (the sd card..) once the services are running, so i can revert if something breaks. I guess a manual image is enough after the setup, because the docker containers reset anyways on restart, right?

Thank you so much, I am greatefull for every advice!

 

Hi! I hope this is the right community to ask.

Next week I will be on the road for 5 Days for work. I have quite some spare time, so I thought I would dig up my raspberry project again and hopefully finish it.

I need it with me, because it controls some hardware, so a VPN to home does not work. So only option I could think of, is to connect the pi directly to my laptop via an ethernet cable. As far as I understood from some research is that I would need to install and run an DHCP server on my laptop, which they did not recommend. Alternatively they suggested to just take a router and plug both devices in there. I don't really have a spare router, so that's not an option either.

To be hones it confuses me a little, that there does not seem to be a standard for connecting to a device directly over a single cable and login with a user account.

Any recommendations how I can work on the pi like with ssh?

Thanks a lot!

 

Edit: thanks everyone for the suggestions. In the end I decided to buy a icy box usb3.1 4xhdd enclosure for around 100€. In the description it says it only works with mac and windows, but my Linux laptop works well with it, I guess the pi will to as well. I will print an enclosure for the power brick and the pi to screw to the drive case.

Here is why I choose this option: The pi is rather cheap compared to its power and also power consumption. I already had 4x4tb HDDs which I wanted to use, so at least 4 slots needed. The pi has 2x usb 3.0 connections which can be used simultaneously. One will be used for the 4bay, the other is free for now. I have the option to connect a second Nas case if I need more storage. Usb 3.0 is pretty fast, even if I don't get all the 5gbit/s. It's still faster than 1gbit/s ethernet.

I also thought about getting 2x 2xhdd enclosures to use the two usb3.0 at the same time. But decided against it because it would be a little more sketchy and I wanted to keep a free usb port for a second drive enclosure.

There are some enclosures that offer raid (hardware raid?) But I could not figure out if that would mean that all 4 drives will be raided, so I decided for the cheaper variant and would do the raid myself.

I plan on running 2 drives as raid1 and the other as raid 0 for secure storage and the other for movies and stuff I can download again.

Thanks again for all the comments!


It seems weirdly difficult to find a good solution to attach HDDs to my pi. Best case would be for me a enclosure with small power supply, space for my pi, and at least 2 bays for HDDs, rather 4. All that for under 100€ of cause :D

I could not really find cheap hhd enclosures that connect via usb. Any recommendations? I don't really want to use HDD toasters, they feel not permanent enough for a Nas. I could also not find sata to usb hats for the pi that are available right now

 

Almost all countries require official authentication to activate a SIM card. This seems to me as a huge privacy problem, if the country can track sim cards across cell towers and connect them to a person. It seems like a dystopian system, that we litterely can not hide from our governments without turning off our smartphones. It seems incredibly unnecessary to me and just sets up the system to be abused.

Or do I understand something wrong?

What can we do against this? There are some sim cards that can be bought second hand, but they will not be a long term solution.

view more: next ›