Posts by elonesna

I am going to give you as an example the backup script that I have used for a long time without any problem, modify it to your liking, naturally it is 100% compatible with the LibreELEC restore.

#!/bin/sh

# full backup

cd /media/5TB-HDD/.Backups/le-backup/ && tar -cvf $(date +%Y%m%d%H%M%S).tar \

--exclude=Thumbnails --exclude=.thumbnails --exclude=.acestream_cache \

/storage/.kodi /storage/.cache /storage/.config /storage/.fluxbox /storage/.ssh

find /media/5TB-HDD/.Backups/le-backup -name "*.tar" -type f -mtime +7 -exec rm -f {} \;

I have been using docker for a year and a half with LibreELEC and services like tvheadend, syncthing, and many others created by expert programmers. I have never seen any issues with my backups running automatically every three days at four in the morning.

I think that any professional programmer takes into account the protection of their software against power, hardware or any other type of failure, validating the tasks only when they have been completed without failure and in a single CPU clock cycle.

First of all prepare an access to your shared files within the home network. I'm going to assume an IP address of 192.168.1.136 for the RPi server (change this to the actual IP address). This should work fine with client and server devices connected to your home network but will not work away from home.

After running ZeroTier on the client and server devices, the shared files are accessible from anywhere in the world at the server IP address 10.10.10.1 (change this to the IP address assigned to RPi in the ZeroTier VPN network) and also from within the home connected to the home network.

Quote from dimo777

I wish I could make a simple ftp connection, but I will try your method. I will write later what happened. Thank you.

Security recommendation: Do not open any ports on your router and, if you have to do this, use only VPN ports (encryption and validation with certificates).

Also, opening an FTP port to internet is always a very bad idea.

The easiest way to access a device from outside the home is by installing a VPN server service, LibreELEC natively supports two of them: OpenVPN and WireGuard. Neither of them are easy to implement. Another way to do this that for me is the easiest is through a ZeroTier network. It is about creating a private and secure network on the internet (zerotier.com), for example, creating the domain 10.10.10.0/24 and connecting to this domain the devices that we want, for example, our RPi LibreELEC device with address 10.10.10.1 and our mobile device with address 10.10.10.2. To use any service (FTP, SAMBA, SSH/SFTP, ...) of RPi on our mobile device we only have to point to the IP address 10.10.10.1 from anywhere in the world, and it works with almost any type of internet subscription without the need to make adjustments to any router.

How ZeroTier is installed: In Android it is very easy, you just have to search for the application in the Play Store but in LibreELEC it is somewhat more complicated, a possible method could be the following:

1.- Install the 'docker' addon

2.- Access through SSH to your RPi device and execute the command:

docker run -d \

--name 9993-zerotier-one \

--device=/dev/net/tun\

--net=host \

--cap-add=NET_ADMIN \

--cap-add=SYS_ADMIN \

--cap-add=SYS_RAWIO \

-v /storage/.config/dockers/zerotier-one:/var/lib/zerotier-one \

--restart unless-stopped \

--privileged\

zyclonite/zerotier

3.- Run the command docker exec 9993-zerotier-one zerotier-cli status to check the operation of the ZeroTier service

4.- Go to the ZeroTier website, create your private network and take note of the ID identifier, create your private domain 10.10.10.0/24 within this network.

5.- On RPi run the SSH command docker exec 9993-zerotier-one zerotier-cli join <your-id-identifier-zerotier-network>

6.- On the ZeroTier website, validate and authorize your RPi device and assign the IP address 10.10.10.1. From now on, your RPi device is connected to your VPN virtual private network.

7.- Do the same with the remote device and assign the IP address 10.10.10.2.

Sorry, if this seems difficult to you, I don't know of an easier method.

I don't know what you are looking for:

1.- I don't use RPi, I use x86_64

2.- b4tman/squid for ARM seems popular and reliable to me, just look at the dockerfile on github, it does not have any type of deception:

FROM alpine:3.15.4 as build

ENV SQUID_VER 5.5

RUN set -x && \

apk add --no-cache \

gcc \

g++ \

libc-dev \

curl \

gnupg \

libressl-dev \

perl-dev \

autoconf \

automake \

make \

pkgconfig \

heimdal-dev \

libtool \

libcap-dev \

linux-headers

RUN set -x && \

mkdir -p /tmp/build && \

cd /tmp/build && \

curl -SsL http://www.squid-cache.org/Versions/v${SQUID_VER%%.*}/squid-${SQUID_VER}.tar.gz -o squid-${SQUID_VER}.tar.gz && \

curl -SsL http://www.squid-cache.org/Versions/v${SQUID_VER%%.*}/squid-${SQUID_VER}.tar.gz.asc -o squid-${SQUID_VER}.tar.gz.asc

COPY squid-keys.asc /tmp

RUN set -x && \

cd /tmp/build && \

export GNUPGHOME="$(mktemp -d)" && \

gpg --import /tmp/squid-keys.asc && \

gpg --batch --verify squid-${SQUID_VER}.tar.gz.asc squid-${SQUID_VER}.tar.gz && \

rm -rf "$GNUPGHOME"

RUN set -x && \

cd /tmp/build && \

tar --strip 1 -xzf squid-${SQUID_VER}.tar.gz && \

\

CFLAGS="-g0 -O2" \

CXXFLAGS="-g0 -O2" \

LDFLAGS="-s" \

\

./configure \

--build="$(uname -m)" \

--host="$(uname -m)" \

--prefix=/usr \

--datadir=/usr/share/squid \

--sysconfdir=/etc/squid \

--libexecdir=/usr/lib/squid \

--localstatedir=/var \

--with-logdir=/var/log/squid \

--disable-strict-error-checking \

--disable-arch-native \

--enable-removal-policies="lru,heap" \

--enable-auth-digest \

--enable-auth-basic="getpwnam,NCSA,DB" \

--enable-basic-auth-helpers="DB" \

--enable-epoll \

--enable-external-acl-helpers="file_userip,unix_group,wbinfo_group" \

--enable-auth-ntlm="fake" \

--enable-auth-negotiate="kerberos,wrapper" \

--enable-silent-rules \

--disable-mit \

--enable-heimdal \

--enable-delay-pools \

--enable-arp-acl \

--enable-openssl \

--enable-ssl-crtd \

--enable-security-cert-generators="file" \

--enable-ident-lookups \

--enable-useragent-log \

--enable-cache-digests \

--enable-referer-log \

--enable-async-io \

--enable-truncate \

--enable-arp-acl \

--enable-htcp \

--enable-carp \

--enable-epoll \

--enable-follow-x-forwarded-for \

--enable-storeio="diskd rock" \

--enable-ipv6 \

--enable-translation \

--disable-snmp \

--disable-dependency-tracking \

--with-large-files \

--with-default-user=squid \

--with-openssl \

--with-pidfile=/var/run/squid/squid.pid

# fix build

RUN set -x && \

mkdir -p /tmp/build/tools/squidclient/tests && \

mkdir -p /tmp/build/tools/tests

RUN set -x && \

cd /tmp/build && \

nproc=$(n=$(nproc) ; max_n=6 ; [ $n -le $max_n ] && echo $n echo $max_n) && \

make -j $nproc && \

make install && \

cd tools/squidclient && make && make install-strip

RUN sed -i '1s;^;include /etc/squid/conf.d/*.conf\n;' /etc/squid/squid.conf

RUN echo 'include /etc/squid/conf.d.tail/*.conf' >> /etc/squid/squid.conf

FROM alpine:3.15.4

ENV SQUID_CONFIG_FILE /etc/squid/squid.conf

ENV TZ Europe/Moscow

RUN set -x && \

deluser squid 2>/dev/null; delgroup squid 2>/dev/null; \

addgroup -S squid -g 3128 && adduser -S -u 3128 -G squid -g squid -H -D -s /bin/false -h /var/cache/squid squid

RUN apk add --no-cache \

libstdc++ \

heimdal-libs \

libcap \

libressl3.4-libcrypto \

libressl3.4-libssl \

libltdl

COPY --from=build /etc/squid/ /etc/squid/

COPY --from=build /usr/lib/squid/ /usr/lib/squid/

COPY --from=build /usr/share/squid/ /usr/share/squid/

COPY --from=build /usr/sbin/squid /usr/sbin/squid

COPY --from=build /usr/bin/squidclient /usr/bin/squidclient

RUN install -d -o squid -g squid \

/var/cache/squid \

/var/log/squid \

/var/run/squid && \

chmod +x /usr/lib/squid/*

RUN install -d -m 755 -o squid -g squid \

/etc/squid/conf.d \

/etc/squid/conf.d.tail

RUN touch /etc/squid/conf.d/placeholder.conf

COPY squid-log.conf /etc/squid/conf.d.tail/

RUN set -x && \

apk add --no-cache --virtual .tz alpine-conf tzdata && \

/sbin/setup-timezone -z $TZ && \

apk del .tz

VOLUME ["/var/cache/squid"]

EXPOSE 3128/tcp

USER squid

CMD ["sh", "-c", "/usr/sbin/squid -f ${SQUID_CONFIG_FILE} --foreground -z && exec /usr/sbin/squid -f ${SQUID_CONFIG_FILE} --foreground -YCd 1"]

Quote from sunny

Keen to know who is running Squid in a Docker container on their Pi 4 via LE 10 and, if so, which particular flavour / release from which repository.

So far, all the trusted container images I've found are based on Ubuntu or similar Linux for arm64, so I can't use them.

Thanks

If you want to find a squid docker container that works on ARM devices try this link https://hub.docker.com/search?q=squid…rchitecture=arm

Quote from Tarloth

... I not ask for a multiuser linux, but a multiuser samba ...

Perhaps the drakkan/sftpgo docker container will solve your problem, it allows you to create the number of clients you want with the permissions you want and with an elegant interface, but it doesn't work with samba but with SFTP, FTP, and WebDAV, I don't know if it works on ARM devices.

The installation SSH command I use is:

docker run \

--name 8080-servers-go \

--restart unless-stopped \

--user 0:0 \

-p 8080:8080 \

-p 2022:2022 \

-p 2121:2121 \

-p 10080:10080 \

-p 59000-59100:59000-59100 \

-e PUID=0 \

-e PGID=0 \

-e TZ=Europe/Paris \

-e SFTPGO_FTPD__BINDINGS__0__PORT=2121 \

-e SFTPGO_FTPD__BINDINGS__0__FORCE_PASSIVE_IP=127.0.0.1 \

-e SFTPGO_FTPD__PASSIVE_PORT_RANGE__START=59000 \

-e SFTPGO_FTPD__PASSIVE_PORT_RANGE__END=59100 \

-e SFTPGO_WEBDAVD__BINDINGS__0__PORT=10080 \

-v /storage/.config/dockers/servers-go/data:/srv/sftpgo \

-v /storage/.config/dockers/servers-go/config:/var/lib/sftpgo \

-v /storage:/storage \

-v /media:/media \

-d drakkan/sftpgo:alpine

The best applications to use this storage service are cyberduck for windows and x-plore for android, on linux and kodi it can be used directly.

I think one of the best arm processors for video decoding is the amlogic s922xj and the closest development board based on this is the odroid n2plus. I also see that it has problems decoding 8k video, that is, a better one will appear soon. In the meantime you can continue investigating the best passive cooling alternatives or whatever you want.

Sorry, I can't test the adguard/adguardhome container because it uses too many ports that I already have occupied with other services. I don't know why this doesn't work for you but basically you have to start the adguard service and then configure the DNS of the devices you want to the IP address of your adguard server (DNS services use port 53 automatically), I do this on the router (and instead of adguard I use pihole) and on the VPN clients. I would never open port 53 on the router to the internet, I only open VPN ports.

Sorry, I don't know what you're talking about, I've had 18 docker services running for a long time on LE 9.2.6-x86_64 as a 24/7 server, and I never (*) had the problem you describe. Check your containers.

(*) Only once, I installed a container that was abusing disk storage space that was not freed up, but it was a very old container that I replaced with a newer one. The problem was immediately fixed by the cleanup and removal mechanism of the LE 'docker' addon. To see this I look at the size of the automatic backups that run every three days. I also occasionally use the 'cputemp', 'gputemp' and 'sensors' commands to check that the temperature stays below 45 degrees.

You are right, considering that LE and CE are similar, the differences in % CPU usage of the kodi service seems to be due to the characteristics of the processors.

I think there are no major differences between CoreELEC and LibreELEC. CoreELEC is for Amlogic devices, and LibreELEC covers many more devices. In short, you will not notice the difference in performance.

What puzzles me about your device and I can't see is why do you use 'dotnet', what operating system do you use? In my case it is quite simple: I use coreelec including tvheadend, docker, entware, wireguard and zerotier services.

You have to check your settings, I use LE as a main server on a mini PC, but I also have another remote secondary server similar to yours, armv7 Amlogic S912 with CoreELEC so you can compare: average CPU load 2% - temperature 51ºC. This secondary server gives us TV channels from SAT Hellas, receives TV channels from SAT Astra and all the media library from the main server.

Quote from emveepee

LE doesn't have htop

Install the LE addon 'System Tools' and 'htop' is ready

Quote from emveepee

the 224% CPU seems about right for these slower SoC's. Recording 3 streams and watching one is much less CPU intensive which is probably a better use case. TVHeadend on the RPi3 might be a little lighter

I no longer know if you are talking about NextPVR or LibreELEC. 224% CPU is certainly excessive and I would say impossible for LibreELEC. If this happens with NextPVR then the thing to do is avoid any type of transcoding to recover low throughput values. Recording three streams simultaneously can be very taxing when done on USB flash drives, but not on internal system storage.

I have read above something about .deb installers that I don't quite understand, LibreELEC does not support this and installation on Linux machines can create headaches, for this reason and others I suggest the installation of tvheadend docker service.

For those who want to install the tvheadend service in a minute and ready to go, on almost any platform, including LibreELEC, I suggest this installation SSH command:

docker run -d \

--name=9981-tvheadend \

--net=host \

-e PUID=0 \

-e PGID=0 \

-e TZ=Europe/Paris \

-e RUN_OPTS="--satip_xml http://<satip1>:<port>/desc.xml --satip_xml http://<satip2>:<port>/desc.xml --satip_xml http://<satip3 >:<port>/desc.xml" \

-p 9981:9981 \

-p 9982:9982 \

-v /storage/.config/dockers/tvheadend/config:/config \

-v /storage:/storage \

-v /media:/media \

--privileged \

--restart unless-stopped \

linuxserver/tvheadend

Previous requirements:

• SSH access
• Docker service already installed

Characteristic:

• Execution 'root'
• Full access to /storage and /media in LibreELEC
• Configuration directory located at /storage/.config/dockers/tvheadend/config
• Directory for automatic running scripts on tvheadend service startup located at /storage/.config/dockers/tvheadend/config/custom-cont-init.d

What you want to do I do with the tvheadend service within LibreELEC. I have tried others like Jellyfin, NextPVR and Emby but none satisfies me as much as tvheadend for managing and organizing TV channels and EPG guides. The docker linuxserver/tvheadend version also allows easy installation and integration into LibreELEC of other video processors such as vlc and streamlink in addition to the default ffmpeg processor for piped streaming of problematic IPTV sources.

When you get to know tvheadend you'll see that it's great: it supports hardware tuners (it's not a recommended option because driver support has been less and less for a long time) and SAT>IP tuners. Other external tuners: HDHomeRun, VBox TV Gateway, and other Enigma2 tuners, can be easily integrated into the tvheadend service in the form of an IPTV m3u list.

My tvheadend service handles all kinds of TV sources, USB tuners, local and remote SAT>IP tuners, coming from another remote tvheadend server and all kinds of IPTV m3u lists from local servers, and from the internet, as well as seventeen different EPG sources.

In short, I recommend that you spend a little of your time studying tvheadend.

tokul: I don't know what you're saying, in case of problems you just need to do a factory restore, plus a backup restore, and that's it. The external storage will already be mounted as "storage". I have done this many times with no problems with CoreELEC.