this post was submitted on 19 Jan 2024
16 points (86.4% liked)

Linux

48008 readers
871 users here now

From Wikipedia, the free encyclopedia

Linux is a family of open source Unix-like operating systems based on the Linux kernel, an operating system kernel first released on September 17, 1991 by Linus Torvalds. Linux is typically packaged in a Linux distribution (or distro for short).

Distributions include the Linux kernel and supporting system software and libraries, many of which are provided by the GNU Project. Many Linux distributions use the word "Linux" in their name, but the Free Software Foundation uses the name GNU/Linux to emphasize the importance of GNU software, causing some controversy.

Rules

Related Communities

Community icon by Alpár-Etele Méder, licensed under CC BY 3.0

founded 5 years ago
MODERATORS
 

Hello! Thanks to everyone who helped me yesterday, but I could not solve the issue. I however identified the problem. I opened a new thread to better focus on the real problem.

I just set up a debian server, installed docker from the official repo and then immich using docker compose. When I run docker compose up -d (after a few seconds) my server loses internet connectivity: it can access local addresses (I can ssh into it) but cannot access the internet: ping linux.org fails.

if I put down immich (docker compose down) it starts working again. the issue is probably that docker is creating a network bridge that conflicts with the host.

After searching the web, I tried to create /etc/docker/daemon.json like this:

{
  "bip": "172.18.0.1/24",
  "default-address-pools": [
    {"base": "172.19.0.0/16", "size": 24}
  ]
}

after the changes systemctl restart docker, then wait 10 seconds for everything to restart correctly.
I tried different configurations of addresses here (every stackoverflow answer gave different values, so I tried all of them), but none of them worked. I don't know how to get which values to put here (if this is actually the solution)

a strange behavior I observed is that running ip route flush 0/0 temporary solves the problem, until the restart of docker, and Immich works normally (at least the "normal" behavior, I don't know if this affects some functionalities)

Any tips? This is my really first experience in self hosting and I have to admit it, I thought it would have been easier :P

In case you'll need it, here's the output of ip addr show:

0.0.0.0 dev veth4c84e92 scope link
0.0.0.0 dev veth1f88dcc scope link
0.0.0.0 dev vethda721de scope link
0.0.0.0 dev vethd123481 scope link
0.0.0.0 dev veth23a05f6 scope link
default dev veth4c84e92 scope link # this line and the line below disappear after the flush
default dev veth1f88dcc scope link # (this one)
default via 192.168.1.1 dev enp1s0
169.254.0.0/16 dev veth23a05f6 proto kernel scope link src 169.254.6.247
169.254.0.0/16 dev vethd123481 proto kernel scope link src 169.254.226.60
169.254.0.0/16 dev vethda721de proto kernel scope link src 169.254.248.163
169.254.0.0/16 dev veth1f88dcc proto kernel scope link src 169.254.136.146
169.254.0.0/16 dev veth4c84e92 proto kernel scope link src 169.254.29.133
169.254.0.0/16 dev enp1s0 scope link metric 1000
172.16.0.0/20 dev br-237d14e56e71 proto kernel scope link src 172.16.0.1
172.18.0.0/24 dev docker0 proto kernel scope link src 172.18.0.1 linkdown
192.168.1.0/24 dev enp1s0 proto kernel scope link src 192.168.1.4
192.168.1.1 dev enp1s0 scope link

EDIT: I gave up. I removed debian and installed fedora, and now it all works like a charm

you are viewing a single comment's thread
view the rest of the comments
[–] [email protected] 3 points 9 months ago (3 children)

What firewall are you using? Docker doesn't like non-iptables firewalls and it has been more than once that I changed my nftables config and really the whole networking stack to figure that out. I have a ubuntu server vm which had some iptables save-restore unit activated which was messing with my rules, that was fun to debug.

[–] [email protected] 1 points 9 months ago* (last edited 9 months ago) (1 children)

I haven't set up a firewall yet, I wanted first to make sure that everything works before installing one (I was thinking of ufw)

I have a clean Debian install, I don't know if there are some rules OOTB that can interfere...

[–] [email protected] 1 points 9 months ago* (last edited 9 months ago)

Better check, you definitely already have a firewall running since docker needs it for NAT. A fresh debian has, as far as I know nftables and iptables-nft installed.

load more comments (1 replies)