@bobslaede

bobslaede@feddit.dk · 1 month ago

Awesome! I’m glad that it worked. It took me a while to figure out, when it happened to me. Glad that I could make your life easier :)

bobslaede@feddit.dk · edit-2 1 month ago

I’ve fixed the same issue for me.
Originally I had this in my Local DNS settings in my Pi-Hole:

- service1.domain	10.0.0.4
- service2.domain	10.0.0.4
- service3.domain	10.0.0.5

I changed that to this:

- host1.domain		10.0.0.4
- host2.domain		10.0.0.4

And then I added CNAME Records to the services like this:

- service1.domain	host1.domain
- service2.domain	host1.domain
- service3.domain	host2.domain

This fixed the whole thing for me :)

Edit: Gonna add some more info

The trick that makes this work, and probably will for you too, and allow you to keep your HTTPS queries, is that Pi Hole will just not ask upstream, if it has the DNS name in the CNAME records. Those CNAME records will have to point to a domain, that Cloudflare doesn’t know about. That way there is no other records upstream that will confuse the DNS server and your browser.
The hostname you have in your local DNS records that your CNAME points to, will be something only known locally for you.

bobslaede@feddit.dk · 1 month ago

You should change to use cname in pihole. I will write up on my computer later for you.

bobslaede@feddit.dk · edit-2 1 month ago

Try with nslookup and see if you’re resolving the domain to both your local ipv4 address, and the Cloudflare ipv6 at the same time. I am using pihole for my local DNS, and it would give me both my local address, and also the Cloudflare ipv6 address.

Edit
My pihole will ask upstream even if the domain was listed locally. It doesn’t ask Upstream for cname.

bobslaede@feddit.dk · 1 month ago

Any chance you are both accessing your services locally with a local DNS, and publicly with something like Cloudflare?

bobslaede@feddit.dk · 1 month ago

Hmm. I would think so. But I haven’t actually checked. That was my thought.

bobslaede@feddit.dk · 1 month ago

Temp files for transcoding. No need to hit the disk.

bobslaede@feddit.dk · 1 month ago

This is how mine works, with a Nvidia GPU

services:
  jellyfin:
    volumes:
      - jellyfin_config:/config
      - jellyfin_cache:/cache
      - type: tmpfs
        target: /cache/transcodes
        tmpfs:
          size: 8G
      - media:/media
    image: jellyfin/jellyfin:latest
    restart: unless-stopped
    deploy:
      resources:
        reservations:
          devices:
            - driver: nvidia
              device_ids:
                - "0"
              capabilities:
                - gpu

bobslaede@feddit.dk · 2 months ago

No. You can leave that out. That was just me showing you that it runs on my machine, with that setup. Just bind the port instead.

bobslaede@feddit.dk · 2 months ago

Your passwords for the database does not match.
But the error is about it not being able to reach the database on the hostname.
I can run it with this compose file:

services:
  jellystat-db:
    image: postgres:16-alpine
    container_name: jellystat-db
    restart: unless-stopped
    environment:
      POSTGRES_USER: ${POSTGRES_USER}
      POSTGRES_PASSWORD: ${POSTGRES_PASSWORD}
    volumes:
      - postgres-data:/var/lib/postgresql/data
    networks:
      - jellystat
  jellystat:
    image: cyfershepard/jellystat:latest
    container_name: jellystat
    restart: unless-stopped
    environment:
      POSTGRES_USER: ${POSTGRES_USER}
      POSTGRES_PASSWORD: ${POSTGRES_PASSWORD}
      POSTGRES_IP: jellystat-db
      POSTGRES_PORT: 5432
      JWT_SECRET: ${JWT_SECRET}
      TZ: Europe/Paris # timezone (ex: Europe/Paris)
      JS_BASE_URL: /
    volumes:
      - jellystat-backup-data:/app/backend/backup-data
    depends_on:
      - jellystat-db
    networks:
      - traefik
      - jellystat
    labels:
      - traefik.enable=true
      - traefik.docker.network=traefik
      - traefik.http.routers.jellystat.entrypoints=https
      - traefik.http.routers.jellystat.rule=Host(`${HOSTNAME}`)
      - traefik.http.routers.jellystat.tls.certresolver=http
      - traefik.http.routers.jellystat.service=jellystat
      - traefik.http.services.jellystat.loadbalancer.server.port=3000
      - traefik.http.services.jellystat.loadbalancer.server.scheme=http
networks:
  jellystat: {}
  traefik:
    external: true
volumes:
  postgres-data: null
  jellystat-backup-data: null

bobslaede@feddit.dk · 2 months ago

In the same place as you run your docker compose up command you just type docker compose logs

bobslaede@feddit.dk · 2 months ago

There will probably be something in the logs that tells you what is going wrong. Maybe it can’t connect to the db, or maybe it’s starting on a wrong port or something.

bobslaede@feddit.dk · 2 months ago

They have a docker-compose.yml file in the repo. It looks like it has everything all ready for you.

bobslaede@feddit.dk · 7 months ago

I am running OCIS on a Raspberry Pi at home. I like it. The Android app is not the best, but you dont need that.

bobslaede@feddit.dk · 8 months ago

I was very interested in this. Installed it, and set it up to use my preferred auth server (also selfhosted). It worked just great!
But! Then I wanted to install the add-on in my firefox browser. And it doesn’t work when using only and oauth server :(
Will probably not use this much without the extension