This is mainly a docker-compose file to set up some home automation stuff. The docker-compose.yml is for x86 machines and the docker-compose-rpi.yml is for the ARM architecture.
Migrating Apps between volumes https://veducate.co.uk/synology-moving-a-package-between-volumes/
Also need to update the sym links sudo rm /var/services/homes sudo ln -s /volume1/homes /var/services/homes sudo rm /var/services/music sudo ln -s /volume1/music /var/services/music sudo rm /var/services/pgsql sudo ln -s /volume1/@database/pgsql /var/services/pgsql sudo rm /var/services/photo sudo ln -s /volume1/photo /var/services/photo
May need to restart this service: sudo systemctl restart pgsql-adapter
Run a
diff /volume2 /volume1 | grep -i "Only in /volume2"
Then start copying folders over with permissions:
sudo cp -rp /volume2/@ActiveBackup /volume1/@ActiveBackup
sudo cp -rp /volume2/@ActiveBackup-GSuite /volume1/@ActiveBackup-GSuite
sudo cp -rp /volume2/@autoupdate /volume1/@autoupdate
sudo cp -rp /volume2/@cloudsync /volume1/@cloudsync
sudo cp -rp /volume2/@deleted_subvol /volume1/@deleted_subvol
Make sure to replace the below under the duckdns section with your own parameters:
TOKEN: your own token
SUBDOMAINS: your own subdomains
Make sure to replace the below under the duckdns section with your own parameters:
TOKEN: your own token
DOMAIN: your own full domain including the .duckdns.org
You can also just use the following docker run command instead of docker-compose:
docker run -d --name=duckdns -e TZ=America/Toronto -e DOMAIN=yousry.duckdns.org -e TOKEN=e11e2bb7-a87b-4e65-b1c9-ca5c1c503828 --restart=always tekanaid/duckdns-rpi:110
Make sure to replace the ens160 in the docker-compose file with the proper interface that you get an IP on for the server INTERFACE: ens160
Setting up the application
The admin interface is available at https://:943/admin with a default user/password of admin/password
During first login, make sure that the "Authentication" in the webui is set to "Local" instead of "PAM". Then set up the user accounts with their passwords (user accounts created under PAM do not survive container update or recreation).
The "admin" account is a system (PAM) account and after container update or recreation, its password reverts back to the default. It is highly recommended to block this user's access for security reasons. In my experience, doing 3) below is sufficient and I couldn't delete the admin user from the gui.
- Set another user as an admin,
- Delete the "admin" user in the gui,
- Modify the as.conf file under config/etc and replace the line boot_pam_users.0=admin with #boot_pam_users.0=admin (this only has to be done once and will survive container recreation)
You can find more information here: https://hub.docker.com/r/linuxserver/openvpn-as/
OVPN_DATA="ovpn-data"
docker volume create --name $OVPN_DATA docker run -v $OVPN_DATA:/etc/openvpn --rm evolvedm/openvpn-rpi ovpn_genconfig -u udp://VPN.SERVERNAME.COM docker run -v $OVPN_DATA:/etc/openvpn --rm -it evolvedm/openvpn-rpi ovpn_initpki
docker run -v $OVPN_DATA:/etc/openvpn -d -p 1194:1194/udp --cap-add=NET_ADMIN --restart=always --name openvpn_server evolvedm/openvpn-rpi
docker run -v $OVPN_DATA:/etc/openvpn --rm -it evolvedm/openvpn-rpi easyrsa build-client-full CLIENTNAME nopass
docker run -v $OVPN_DATA:/etc/openvpn --rm evolvedm/openvpn-rpi ovpn_getclient CLIENTNAME > CLIENTNAME.ovpn
This was taken from the following links: https://github.com/kylemanna/docker-openvpn https://hub.docker.com/r/evolvedm/openvpn-rpi
Download the image from here: https://www.armbian.com/orange-pi-zero/
Get balena etcher to flash the sd card from here: https://www.balena.io/etcher/
Normally as you usually do it. I used Ubuntu installation because Debian at the time didn't have the repo for 22.04 Jammy.
Use the docker-compose-rpi.yml
file.
To see the peer QR code to use with the Android wireguard app:
docker exec -it wireguard /app/show-peer 1
or
docker exec -it wireguard /app/show-peer samMobile
This is a good guide: https://www.addictedtotech.net/home-vpn-using-wireguard-docker-on-a-raspberry-pi-4/
Add static ip and DNS to the OrangePI
sudo cat /etc/netplan/armbian-default.yaml
network:
ethernets:
eth0:
dhcp4: false
addresses: [192.168.1.99/24]
routes:
- to: default
via: 192.168.1.254
nameservers:
addresses: [192.168.1.80]
version: 2
renderer: NetworkManager
Then run:
sudo netplan apply
and check with:
ip a