Homelab, Linux, JS & ABAP (~˘▾˘)~
 

[Proxmox] Upgrade 7.4 to 8.0 – Failed to run lxc.hook.pre-start for container

After updating my Proxmox Server to PVE8.0, suddenly two lxc containers did not start anymore.

root@pve:~# pct start 192
run_buffer: 322 Script exited with status 2
lxc_init: 844 Failed to run lxc.hook.pre-start for container "192"
__lxc_start: 2027 Failed to initialize container "192"
startup for container '192' failed

I tried to view the error.log but couldn’t find any helpful information.

lxc-start -lDEBUG -o error.log -F -n 192

When googling, I stumbled across this reddit post. Although the issue was a bit different, I tried the recommended steps. The first command, directly led me to the right direction…

root@pve:~# pct mount 192
mounting container failed
directory '/mnt/nfs/data/folder' does not exist

For whatever reason, after restarting proxmox it did not mount the nfs shares properly on the host. And of course, after this hint, I noticed that both containers were trying to mount some of these folders, which were actually nfs shares from my NAS. A simple mount -a on the host fixed it immediately. Besides of this little problem, everything went well with the proxmox upgrade!

[Proxmox] Installing Home Assistant

You can install Home Assistant (HA) as LXC or VM on Proxmox. Or even put HA as docker container on top of a LXC or VM, but passing through hardware (like ConBee II) will become much more complicated. There a many installation guides i.e.
https://community.home-assistant.io/t/installing-home-assistant-using-proxmox/201835
https://www.x33u.org/docs/server/home-assistant_proxmox-vm/
https://www.juanmtech.com/install-proxmox-and-virtualize-home-assistant/
and there are few scripts which automate the installing process. Unfortunately some of them doesn’t work anymore for PVE 7 i.e.
https://github.com/whiskerz007/proxmox_hassio_lxc
https://github.com/whiskerz007/proxmox_hassos_install/

The only script that is working (while writing this) is this one https://github.com/tteck/proxmox_haos_vm which is possibly a fork from the previous script from whiskerz007.

[Proxmox] Unprivileged Container: Using local directory bind mount points

https://pve.proxmox.com/wiki/Unprivileged_LXC_containers
https://www.reddit.com/r/Proxmox/comments/jz5ugx/lxc_user_mapping_help/

I had to map my lxc user nocin (uid=1000(nocin) gid=1000(nocin)) to user nocin (uid=1000(nocin) gid=1000(nocin)) on the host. So they have the same uid and gid on the host and inside the container and I had to map 1000 to 1000.

$ nano /etc/pve/lxc/114.conf

# had to append these lines
lxc.idmap: u 0 100000 1000
lxc.idmap: g 0 100000 1000
lxc.idmap: u 1000 1000 1
lxc.idmap: g 1000 1000 1
lxc.idmap: u 1001 101001 64535
lxc.idmap: g 1001 101001 64535

Also append the following line to /etc/subuid and /etc/subgid.

root:1000:1

Now all mount points are fully accessible and not owned by “Nobody/NoGroup” anymore.

If you are not able to access your home directory inside your container after the user mapping, you can change the permissions for it directly from the host. Find your lxc directory on your host and update the permissions to your current uid and gid.

$ cd /rpool/data/subvol-114-disk-0/home/
$ chown 1000:1000 -R nocin/
$ ls -l
drwxr-x---+ 5 nocin nocin 9 Mai 16 11:22 nocin

[Proxmox] Installing Cockpit with ZFS Manager extension

The Cockpit ZFS Manager requires Cockpit version 201 or above. In the Debian Buster repository there’s only cockpit version 188, so you have to use the buster backports repository, which contains cockpit version 223.

# install cockpit
echo "deb http://deb.debian.org/debian buster-backports main" > /etc/apt/sources.list.d/buster-backport.list
apt update
apt-get -t buster-backports install cockpit
# add ZFS manager
git clone https://github.com/optimans/cockpit-zfs-manager.git
cp -r cockpit-zfs-manager/zfs /usr/share/cockpit
# start cockpit
systemctl start cockpit.service
systemctl enable cockpit.service
systemctl status cockpit.service

Now browse to https://ip-address-of-machine:9090 and login.

[ZFS] Replace failed disk on my Proxmox Host


Yesterday evening I got an email that on my Proxmox server a disk had failed. In my ZFS Raidz1 I have 4 different drives of two manufactures: 2x HGST and 2x Seagate.
In the last 7 years I also used some Western Digitals. The only faulty hard drives I had in this years were from Seagate. This was the third… So this morning I bought a new hard disk, this time a Western Digital Red, and replaced the failed disk.

SSH into my server and checked the zpool data. Because I already removed the failed disk, it’s marked as unavailable.

failed disk: wwn-0x5000c5009c14365b

Now I had to find the Id of my new disk. With fdisk -l, I found my new disk as /dev/sde, but there was no id listed.

sudo fdisk -l

To be sure I checked again with:

sudo lsblk -f

With disk by-id I now got the Id.

ls /dev/disk/by-id/ -l | grep sde

new disk: ata-WDC_WD40EFRX-68N32N0_WD-WCC7K1CSDLRT
and again the failed disk: wwn-0x5000c5009c14365b

Before replacing the disks, I did a short SMART test.

sudo smartctl -a /dev/sde
sudo smartctl -t short /dev/sde
sudo smartctl -a /dev/sde

The new disk had no errors. And because it is a new disk, I don’t had to wipe any file systems from it.

So first I took the failed disk offline. Not sure if that was necessary, because I already had removed the disk.

sudo zpool offline data 2664887927330352988

Next run the replace command.

sudo zpool replace data /dev/disk/by-id/wwn-0x5000c5009c14365b-part2
/dev/disk/by-id/ata-WDC_WD40EFRX-68N32N0_WD-WCC7K1CSDLRT

The resilver process for the 3TB disk took about 10 hours.

[HTPC] Using Proxmox Host as HTPC

In February this year I built a tiny second Proxmox Host using an ASRock DeskMini A300 and the following parts. I chose an AMD Ryzen 5 3400G (with integrated APU) CPU.
As HTPC I always used a RaspberryPi 3 running LibreElec (Kodi) with the Jellyfin for Kodi Plugin to access my media. But the Raspberry reached its limits when it comes to 4k content or 10bit Audio lines. So why not use the DeskMini A300 as Proxmox Host and also as HTPC? It has enough power to play all types of media and even some steam games would run on it.
So a few things had to be done.

  1. Install a Desktop Environment & Login Manager on the Host
  2. Add a user
  3. Install some basic software (Firefox, VLC, JUK…)
  4. Set up YouTube Leanback
  5. Consuming Jellyfin media
  6. Set up Plasma Activities for each service
  7. Controlling media with KDE Connect

Of course it’s not recommended to install more than necessary on the host itself, so this shouldn’t be done on a productive Proxmox-System.
Proxmox Wiki says: “Installing additional packages could lead to a hardly upgradeable system and is not supported from the Proxmox support team and therefore only for expert use.”
Because I’m using my Proxmox Host just for my Homelab (pi-hole, nextcloud, reverseproxy etc.) I’ll take the risk.
When using a host with a dedicated graphics card, you could also create a VM and pass it through, so you don’t have to mess around on the host like I have to do.

1. Install a Desktop Environment & Login Manager

There is a Proxmox Wiki describing it: https://pve.proxmox.com/wiki/Developer_Workstations_with_Proxmox_VE_and_X11
As DE I took KDE Plasma, but just the plain desktop. See here for all three options: https://wiki.debian.org/KDE

KDE (Full release of workspace, applications and framework)kde-full packageThe standard/upstream release
KDE (A common set of packages for a smaller, more flexible KDE environment compared to kde-full)kde-standard packageDebian’s selection of common KDE packages
KDE Plasma Desktopkde-plasma-desktop packageThis is a minimalist Plasma desktop
(You have to install all end-user applications later).

This was my command:

apt-get update && apt-get dist-upgrade
apt-get install kde-plasma-desktop lightdm

2. Add a user

As simple as always. Edit the visudo for root permissions and

adduser newusername
visudo

add the following line to the end

newusername ALL=(ALL:ALL) ALL

Afterwards you have to start the login manager

systemctl start lightdm

Now you’re ready to login.

3. Install software

As I took the plain KDE Plasma Desktop, there is nearly no other software besides the necessary programs for the DE.
I installed just a few things on top:

apt install konsole vlc firefox-esr tldr neofetch gwenview juk kcalc ncmpcpp kodi

4. Set up YouTube Leanback

In September 2019 YouTube announced to end YouTube Leanback TV (a web interface which could simply be opened in any browser via youtube.com/tv).
But it still exists and can be used with a quick workaround I found on reddit. Simple install the Firefox Addon User Agent Switcher and add the following line in userAgent:

Mozilla/5.0 (SMART-TV; Linux; Tizen 4.0.0.2) AppleWebkit/605.1.15 (KHTML, like Gecko)

When browsing to youtube.com/tv you should get the Leanback interface in which you can easily navigate via keyboard. Now just press F11 to go to full screen mode.

Of course you can connect the YouTube App of your Smartphone and just cast videos to it, just like with a Chromecast or the native YouTube Smart TV app. I would recommend using the Vanced App if you want to receive fewer ads.

Update 16.04.2021: Just found this addon, which makes it much easier to use YouTube for TV: https://addons.mozilla.org/en-US/firefox/addon/youtube-for-tv/

Update 19.10.2022: Since I could only get 720p60 using the YoutTube for TV addon, I’ve now gone back to the User Agent Switcher with the following userAgent:

Mozilla/5.0 (PS4; Leanback Shell) Gecko/20100101 Firefox/65.0 LeanbackShell/01.00.01.75 Sony PS4/ (PS4, , no, CH)

Update 11.09.2023: Suddenly, some ads were playing with black screen and audio before each video, despite uBlock. To get rid of them, add the following Filter to uBlock:

youtube.com##+js(json-prune, playerResponse.adPlacements playerResponse.playerAds playerResponse.adSlots adPlacements playerAds adSlots important)

5. Jellyfin

Update 21.04.2021: Jellyfin recently released the Jellyfin Media Player which I’m using from now on.

I tried two ways of consuming media of my Jellyfin server (which is running in an LXC on the same Host) and both work fine.
First I used Kodi plus the Jellyfin for Kodi plugin. If you are already using Kodi for other stuff, integrating your Jellyfin content here is probably the best.
As second option, and what I’m using still today, is simple the Jellyfin Web Version via browser in full screen mode. Just activate the TV mode in the Jellyfin settings. There are some minor bugs when navigating via keyboard, but most of the time it runs perfect. But because Firefox is still not playing MKV files (see bug 1422891) I had to install Chromium for proper use of Jellyfin.

apt install chromium chromium-l10n

Just enter the full screen mode with F11, and it looks pretty well on your TV.

6. Plasma Activities

When using KDE Plasma you can simple create Activities (click here to see how to create an activity) for each of your full screen running application and easily switch between them. In my case I created three Acitivites, one for YouTube Leanback, one for Kodi and one for Jellyfin. A of course there is the Standard Activity, which is just my normal desktop for viewing other content like photos or playing a Steam game. This way I can switch through all my full screen applications via Super + Tab (or backwards with Super + Shift + Tab).

7. KDE Connect

If you dont wan’t to use the keyboard the whole time to control your media on your HTPC, you should try KDEConnect on your Smartphone. You’ll get the app from the F-Droid Store: KDE Connect.
Next just install the application on your host with:

apt install kdeconnect

and pair the two devices. By default whenever media is played on your HTPC the app will now present you an interface to control it (with play, pause, next etc.). Also you are able to control the mouse via touch on your Smartphone. And there are some other functions you should check out as well.

I’m really enjoying this new setup. It’s much more powerful, flexible and easier to handle than my old RaspberryPi 3. I will keep an eye on whether there will be problems with a system update in the future.

[Proxmox] NFSv4 client saves files as “nobody” and “nogroup” on ZFS Share

I’m running a Proxmox Cluster with PVE1 and PVE2. On PVE2 a VM is running Debian Buster, which is mounting an zfs nfs share from PVE1. Inside the VM a script is running as root saving a backup on this nfs share. If I create a file locally (Test1) on PVE1, the owner is of course root. But since a few weeks the script running inside the VM is creating all files as nobody (Test2).

# ls -all /mnt/nfs/data
drwxr-xr-x  2 root  root       4096 Jul  5 07:19 Test1
drwxr-xr-x  2 nobody nogroup   4096 Jul  5 07:21 Test2

This is because root users are mapped to different user id’s and group’s when changing files on an nfs share. But until now, this was no problom when enabling nfs on a dataset via

zfs set sharenfs=on zpool/data

because the no_root_squash was set by default. But it looks like this was a changed in ZFS on Linux 0.8.3 and the no_root_squash option isn’t set by default anymore. To enable it again use:

zfs set sharenfs='rw,no_root_squash' zpool/data

Another way is exporting the folder via /etc/exports and adding the no_root_squash option.

# sudo nano /etc/exports
/zpool/data/ *(rw,no_subtree_check,sync,insecure,no_root_squash)

Run sudo exportfs -a after editing the exports file to enable these changes immediately.

[Proxmox] Adding the pve-no-subscription repo

For receiving updates on Proxmox, you have add the pve-no-subscription repo.
First, find the current pve-enterprise repo:

nano /etc/apt/sources.list.d/pve-enterprise.list

Comment out the pve-enterprise repo.

root@pve:~# cat /etc/apt/sources.list.d/pve-enterprise.list
#deb https://enterprise.proxmox.com/debian/pve buster pve-enterprise

To add the pve-no-subscription repo, create a new file called pve-no-subscription.list

nano /etc/apt/sources.list.d/pve-no-subscription.list

and insert the repo:

root@pve:~# cat /etc/apt/sources.list.d/pve-no-subscription.list 
# PVE pve-no-subscription repository provided by proxmox.com,
# NOT recommended for production use
deb https://download.proxmox.com/debian/pve buster pve-no-subscription

# security updates
deb https://security.debian.org/debian-security buster/updates main contrib

[Proxmox] Scrub cronjob

Default scrub cronjob when installing Proxmox on ZFS:

nocin@pve:~$ cat /etc/cron.d/zfsutils-linux 
PATH=/usr/local/sbin:/usr/local/bin:/sbin:/bin:/usr/sbin:/usr/bin

# Scrub the second Sunday of every month.
24 0 8-14 * * root [ $(date +\%w) -eq 0 ] && [ -x /usr/lib/zfs-linux/scrub ] && /usr/lib/zfs-linux/scrub