Category Archives: docker

WSL2, Docker Desktop and Shared Drives

docker, Geekiness

A pain in the bum but I got there.

I was trying to share a NFS share with an immich docker container to have a play with importing videos. The Debian could see it but the Image could not. I am not sure if it is to do with the limit on the omv NFS IP address range or something but I knew if my Windows machine could see it then the damn WSL2 should be able to see it too, natively!

In PowerShell wsl --list --verbose lists which WSL are in use, and confusingly it gives two but the * suggested that this was the one to work with. 

  NAME              STATE           VERSION
* Debian            Running         2
  docker-desktop    Running         2

I tried and tried to mount the NFS share there, but though the Debian could see it, the Docker image could not. I share the same folder using SMB so was able to get that in to WSL using:

wsl -d Debian
sudo mkdir /mnt/p
sudo mount -t drvfs P: /mnt/p

This makes the p: drive appear on /mnt/p which I could then get working in the yaml with:

    volumes:
      - /mnt/p:/mnt/p_drive

This worked so nicely that I couldn’t think why the NFS share worked so went back and tried it all over again. It immediately worked!

Argh.

samba machine visible on Windows Network

docker, Geekiness, samba, ,

This has bothered me for ages, but today I worked it out.

I am using a docker image for samba (dperson/samba) and that works fine after a bit of work, but it always bothered me that I could not see the computer in the home network. I know it is more secure not to, but sometimes convenience wins.

I finally found the answer, and it is wsdd

I found an undocumented, wsdd docker image image with 500k downloads in docker hub but no documentation at all. This yaml was enough to allow me to call it what I wanted rather than it’s rather prosaic name and it came up INSTANTLY:

  wsdd:
    image: viniciusleterio/wsdd
    container_name: wsdd
    network_mode: host
    restart: always
    command: >
      -i eth0
      -n MyServerName

Caddy, SEC_ERROR_UNKNOWN_ISSUER and TLS Internal

caddy, docker

I have solved this before but forgot how. Maybe typing something will help me remember the next time.

I use Caddy in a docker container to reverse proxy around my docker box and other computers in my network. Something like this:

# test subdomain
test.mydomain.net {

        reverse_proxy http://10.10.10.15:8010
        tls internal
}

It always gives SEC_ERROR_UNKNOWN_ISSUER error and I can just accept this, which works for a while. Ideally you want it to just work, especially if you are setting up a site your 83 year old mum might access.

I had forgotten that if you want it to work, you need to add the subdomain to your DNS as an A record – and then remove TLS internal. Job done.

This does mean that anyone can hit that domain – which is fine in some cases and not fine in others. So I updated the internal only domains to this:

fileserver.mydomain.net {

        @denied not client_ip 10.10.10.0/16 172.26.0.0/12

        handle @denied {
                 abort
        }

        reverse_proxy http://10.10.10.15:8081
}

The 172.26 address comes from docker and I think it fails without it from memory.

Upsampling with squeezelite

docker, Home Assistant, Logitech Media Server LMS, Raspberry Pi

I had Text-To-Speech (TTW) working really well with squeezelite and Home Assistant on a Raspberry Pi 3B with max2play (which now looks sadly defunct). I thought I would pep things up a bit and use a RPi4 elsewhere as a Speaker for HA so my music was not constantly destroyed.

Getting squeezelite to work was easy but could I get TTS to work? The mp3 file was created but squeezelite looped when trying to play it. Sad times.

I worked out that it played fine when the sample speed was increased and in all my searching hit upon the concept of “Upsampling”. Hmmm. Since I had originally used “apt get install sqeezelite -y” and found it hard to find any settings at all and had not yet really understood docker I took this opportunity to move to a docker setup. Happily one of the settings allowed the magic “Eq” that got things rolling along.

version: "3"

services:
  squeezelite-my-usb-dac:
    image: giof71/squeezelite:latest
    container_name: squeezelite
    devices:
      - /dev/snd:/dev/snd
    environment:
      - SQUEEZELITE_AUDIO_DEVICE="hdmi:CARD=vc4hdmi1,DEV=0"
      - SQUEEZELITE_NAME="Kitchen Panel"
      - SQUEEZELITE_SERVER_PORT=192.168.0.60
      - SQUEEZELITE_LOG_CATEGORY_ALL
      - SQUEEZELITE_MAC_ADDRESS="45:07:31:83:01:40"
      - DISPLAY_PRESETS=Y
      - SQUEEZELITE_PARAMS="80:4::"
      - SQUEEZELITE_UPSAMPLING="Eq"
    restart: unless-stopped

macvlan with docker and pihole

docker, Home Assistant

This web page (Set up a PiHole using Docker MacVlan Networks) is great and got me there, but here are notes on how I fixed it globally. I use many stacks.

You need MACVLAN network to fake an external IP for the DNS/DHCP server or it does not work (the requests don’t come through docker). But if you make a macvlan IP address, by design the host cannot see that IP address! You have to make a bridge.

If that bridge is local to the docker compose file, then only that stack can see it. For all stacks to see it you need to make a new macvlan and bridge network globally (I did this in portainer).

Steps to create:

1. Make a macvlan configuration

name: pihole-macvlan-config
Interface: eth0
IPV4 Subnet - 192.168.0.0/24	IPV4 Gateway - 192.168.0.1
IPV4 IP Range - 192.168.0.8/29

2. Make the macvlan using that configuration (just select the configuration and give it a name)

name: pihole-macvlan
driver: macvlan

3. Set up the bridge

name: pihole-bridge
IPV4 Subnet - 10.123.0.0/24

4. In pihole set up the brige ip address.

    networks:
      pihole-macvlan:
        ipv4_address: 192.168.0.10
      pihole-bridge:
        ipv4_address: 10.123.0.2

5. Use nmtui to change the host “dockerbox” DNS to 10.123.0.2 and give it a fixed IP address. All the containers will look for that for the DNS but need pihole-bridge network to see it.

sudo nmtui

6. In each container that needs pihole you add the network pihole-bridge

e.g.

  tasmoadmin:
    container_name: tasmoadmin
    image: ghcr.io/tasmoadmin/tasmoadmin:latest
    volumes:
      - ./tasmoadmin-data:/data 
    ports:
      - 9541:80
    restart: unless-stopped
    depends_on:
      - homeassistant
    networks:
      - mqtt
      - pihole-bridge