This has bothered me for ages, but today I worked it out.
I am using a docker image for samba (dperson/samba) and that works fine after a bit of work, but it always bothered me that I could not see the computer in the home network. I know it is more secure not to, but sometimes convenience wins.
I found an undocumented, wsdd docker image image with 500k downloads in docker hub but no documentation at all. This yaml was enough to allow me to call it what I wanted rather than it’s rather prosaic name and it came up INSTANTLY:
I have solved this before but forgot how. Maybe typing something will help me remember the next time.
I use Caddy in a docker container to reverse proxy around my docker box and other computers in my network. Something like this:
# test subdomain
test.mydomain.net {
reverse_proxy http://10.10.10.15:8010
tls internal
}
It always gives SEC_ERROR_UNKNOWN_ISSUER error and I can just accept this, which works for a while. Ideally you want it to just work, especially if you are setting up a site your 83 year old mum might access.
I had forgotten that if you want it to work, you need to add the subdomain to your DNS as an A record – and then remove TLS internal. Job done.
This does mean that anyone can hit that domain – which is fine in some cases and not fine in others. So I updated the internal only domains to this:
I had Text-To-Speech (TTW) working really well with squeezelite and Home Assistant on a Raspberry Pi 3B with max2play (which now looks sadly defunct). I thought I would pep things up a bit and use a RPi4 elsewhere as a Speaker for HA so my music was not constantly destroyed.
Getting squeezelite to work was easy but could I get TTS to work? The mp3 file was created but squeezelite looped when trying to play it. Sad times.
I worked out that it played fine when the sample speed was increased and in all my searching hit upon the concept of “Upsampling”. Hmmm. Since I had originally used “apt get install sqeezelite -y” and found it hard to find any settings at all and had not yet really understood docker I took this opportunity to move to a docker setup. Happily one of the settings allowed the magic “Eq” that got things rolling along.
You need MACVLAN network to fake an external IP for the DNS/DHCP server or it does not work (the requests don’t come through docker). But if you make a macvlan IP address, by design the host cannot see that IP address! You have to make a bridge.
If that bridge is local to the docker compose file, then only that stack can see it. For all stacks to see it you need to make a new macvlan and bridge network globally (I did this in portainer).
Steps to create:
1. Make a macvlan configuration
name: pihole-macvlan-configInterface: eth0IPV4 Subnet -192.168.0.0/24 IPV4 Gateway -192.168.0.1IPV4 IP Range -192.168.0.8/29
2. Make the macvlan using that configuration (just select the configuration and give it a name)
5. Use nmtui to change the host “dockerbox” DNS to 10.123.0.2 and give it a fixed IP address. All the containers will look for that for the DNS but need pihole-bridge network to see it.
sudo nmtui
6. In each container that needs pihole you add the network pihole-bridge