This has bothered me for ages, but today I worked it out.
I am using a docker image for samba (dperson/samba) and that works fine after a bit of work, but it always bothered me that I could not see the computer in the home network. I know it is more secure not to, but sometimes convenience wins.
I found an undocumented, wsdd docker image image with 500k downloads in docker hub but no documentation at all. This yaml was enough to allow me to call it what I wanted rather than it’s rather prosaic name and it came up INSTANTLY:
This nearly killed me, I thought I had nuked everything but in the end it was way easier and simpler than I had feared.
Assuming you used one of the default .yaml and .env files from the paperless-ngx github you first need to add a database. I use portainer so went to the db shell and then did this to log in, list them, create a new one, check it is there and quit:
The .yaml file needs one new section – I copied the webserver one and only changed these lines (the first instance is on 8010). The /1 on the end of the PAPERLESS_REDIS means use a second database and you need all new volumes or things go awry (I found this out the hard way).
You need to tweak the original webserver changing just this one line with the /0.
webserver:PAPERLESS_REDIS:redis://broker:6379/0
Then yougo to the folder with the yaml in console, stop all the instances, pull a new one and create a superuser as per the usual, but with a minor difference (the new webserver name):
docker compose down
docker compose pull
docker compose run --rm webserver-newone createsuperuser
docker compose up -d
I have solved this before but forgot how. Maybe typing something will help me remember the next time.
I use Caddy in a docker container to reverse proxy around my docker box and other computers in my network. Something like this:
# test subdomain
test.mydomain.net {
reverse_proxy http://10.10.10.15:8010
tls internal
}
It always gives SEC_ERROR_UNKNOWN_ISSUER error and I can just accept this, which works for a while. Ideally you want it to just work, especially if you are setting up a site your 83 year old mum might access.
I had forgotten that if you want it to work, you need to add the subdomain to your DNS as an A record – and then remove TLS internal. Job done.
This does mean that anyone can hit that domain – which is fine in some cases and not fine in others. So I updated the internal only domains to this:
I had Text-To-Speech (TTW) working really well with squeezelite and Home Assistant on a Raspberry Pi 3B with max2play (which now looks sadly defunct). I thought I would pep things up a bit and use a RPi4 elsewhere as a Speaker for HA so my music was not constantly destroyed.
Getting squeezelite to work was easy but could I get TTS to work? The mp3 file was created but squeezelite looped when trying to play it. Sad times.
I worked out that it played fine when the sample speed was increased and in all my searching hit upon the concept of “Upsampling”. Hmmm. Since I had originally used “apt get install sqeezelite -y” and found it hard to find any settings at all and had not yet really understood docker I took this opportunity to move to a docker setup. Happily one of the settings allowed the magic “Eq” that got things rolling along.
You need MACVLAN network to fake an external IP for the DNS/DHCP server or it does not work (the requests don’t come through docker). But if you make a macvlan IP address, by design the host cannot see that IP address! You have to make a bridge.
If that bridge is local to the docker compose file, then only that stack can see it. For all stacks to see it you need to make a new macvlan and bridge network globally (I did this in portainer).
Steps to create:
1. Make a macvlan configuration
name: pihole-macvlan-configInterface: eth0IPV4 Subnet -192.168.0.0/24 IPV4 Gateway -192.168.0.1IPV4 IP Range -192.168.0.8/29
2. Make the macvlan using that configuration (just select the configuration and give it a name)
5. Use nmtui to change the host “dockerbox” DNS to 10.123.0.2 and give it a fixed IP address. All the containers will look for that for the DNS but need pihole-bridge network to see it.
sudo nmtui
6. In each container that needs pihole you add the network pihole-bridge