Common

Two new recipes for the owntone and paperless-ngx apps have been released to the openmediavault-k8s-recipes GitHub repository. You can get them after updating the recipes list in your openmediavault-k8s plugin.

The following list of applications is now available:

• filebrowser
• immich
• jellyfin
• minio
• owntone
• paperless-ngx
• photoprism
• plex-media-server
• wetty

Contributions from the community are welcome to increase the number of recipes.

The recipe editor of the openmediavault-k8s has a DSL (Domain Specific Language) that supports the user in getting specific information from their openmediavault host system in Kubernetes manifests.

The following functions are currently available:

• hostname() – Get the hostname of the host.
• domain() – Get the domain name of the host.
• fqdn() – Get the FQDN of the host.
• ipaddr(name=NULL) – Get the IPv4 address of the specified network interface. If not set, the IPv4 address of the interface of the first default route is used.
• ipaddr6(name=NULL) – Get the IPv6 address of the specified network interface. If not set, the IPv6 address of the interface of the first default route is used.
• uid(name) – Get the UID of the specified user.
• gid(name) – Get the GID of the specified group.
• sharedfolder_path(name) – Get the full path of the specified shared folder.
• conf_get(id, uuid=NULL) – Get the specified database configuration object.
• tz() – Get the time zone of the host.

The following filters are currently available:

• get(key, default=NULL) – Get the specified key, e.g. foo.bar.baz from a dictionary.

For the built-in features of the used template engine please have a look here:

• Basic knowledge
• Filters and functions

Here are several examples that make use of the DSL:

apiVersion: apps/v1
kind: Deployment
metadata:
  labels:
    app.kubernetes.io/instance: wetty
    app.kubernetes.io/name: wetty
  name: wetty
  namespace: wetty-app
spec:
  ...
  template:
    ...
    spec:
      containers:
        - image: docker.io/wettyoss/wetty:latest
          imagePullPolicy: IfNotPresent
          name: wetty
          ports:
            - containerPort: 3000
          securityContext:
            runAsNonRoot: true
            runAsUser: {{ uid('nobody') }}
            runAsGroup: {{ gid('nogroup') }}
          args:
            - "--port=3000"
            - "--base=/"
            - "--force-ssh"
            - "--ssh-port={{ conf_get('conf.service.ssh') | get('port') }}"
            - "--ssh-host={{ hostname() }}"
      restartPolicy: Always

...
persistence:
    import:
        enabled: true
        type: hostPath
        readOnly: true
        mountPath: /srv/import
        hostPath: {{ sharedfolder_path('images') }}
        hostPathType: Directory

apiVersion: v1
kind: PersistentVolume
metadata:
  name: config-dir
  labels:
    app.kubernetes.io/instance: plex-media-server
    app.kubernetes.io/name: plex-media-server
spec:
  storageClassName: shared-folder
  capacity:
    storage: 2Gi
  hostPath:
    path: {{ sharedfolder_path('media') }}
    type: Directory
  accessModes:
    - ReadWriteMany

apiVersion: traefik.containo.us/v1alpha1
kind: IngressRoute
metadata:
  name: immich-websecure
  namespace: immich-app
  ...
spec:
  entryPoints:
    - websecure
  routes:
    - match: Host(`immich.{{ ipaddr() }}.sslip.io`)
      kind: Rule
      services:
        - name: immich-server
          port: 3001

A few days ago I received another email which made me wonder what is going on with some Open-Source-Software (OSS) users.

… Try fresh install as I described to you and do your job and fix this ridiculous bug.

First of all, the writer here has quite the wrong tone. Secondly, I have already done my job by extensively testing the functionality before publishing. Of course, it always happens that things run differently at the user than in the development or test environment.

What always saddens me is the fact that some users think they can make demands on software that is created by developers in their spare time and then provided to them for free. How can you make claims on a software and its developers that is free? With paid software I can understand that, but with OSS? In my opinion, many users do not see the difference between commercially driven OSS and those created by volunteers in their spare time. Projects like Linux, Kubernetes, Ceph or OpenOffice, to name a few, are supported by vendors who have a commercial interest and have paid developers working on these projects for this purpose. Such projects have naturally set the bar pretty high for users. It is clear that many users then apply this bar to other OSS projects. However, users should not forget how open source works and where it comes from. In most cases, OSS is driven by enthusiastic developers in their spare time and made available to the community for free.

After a long development phase i am happy to announce the release of openmediavault 6 (Shaitan).

A big thank you goes to all translators, forum moderators and bug reporters for their contributions and support.

The main new features of openmediavault 6:

• Based on Debian 11 (Bullseye).
• Completely new user interface written from scratch.
• Add some new plugins that are based on containers. These are e.g. S3, OwnTone, PhotoPrism, WeTTY, FileBrowser, Onedrive. Please note that not all platforms are supported because the upstream base containers are only available for specific CPU architectures.
• Enhanced ISO installer. Ensure that /media is unmounted to allow installation to USB devices. This will allow the installation from USB to USB device.
• /dev/disk/by-label filesystem device files are not supported anymore because they are not unique and predictable.
• The file system page will only show file systems configured by openmediavault from now on. This is the standard behavior of the user interface that all other pages use.
• openmediavault can’t be installed side-by-side with graphical environments anymore.
• Replace pam_tally2 by pam_faillock.
• Replace CLI tool omv-update by omv-upgrade.
• Use systemd watchdog instead of separate daemon.
• Add option to FTP settings to display the home directory of the user in the browse list.
• Enhance the SMART temperature monitoring configuration. Global settings can be overwritten per device. Please check your settings whether the migration was correct or reconfigure them if necessary.
• Remove ability to cleanup system logs. This is no longer possible because the data is now fetched from the systemd journal, which cannot be cleaned per unit.
• Support ed25519 SSH public keys in the user settings dialog.
• Add recycle bin support for SMB home directories.
• Add the ability to copy and apply the permissions of a shared folder to its ACL page.
• Disable the ‘Access control list’ button on the shared folder page if the selected entry is located on a non-POSIX compliant file system.
• Enhance the configuration of times of scheduled jobs.
• Disable SMB NetBIOS support by default. You can enable it via the OMV_SAMBA_NMBD_ENABLE environment variable.
• Statically DNS servers will take precedence over the DNS servers received from the DHCP server.
• Force avahi-daemon to only use ethernet, bond and wifi network interfaces that are configured via the UI.
• …

The whole changelog for openmediavault 6 can be viewed here.

More information about the omv-extras.org plugins can be found here.

WARNING … Upgrading from openmediavault 5 might cause problems on systems that are using USB hardware based on JMicron controllers. Have a look here and here for more information.

WARNING … Side-by-side installation with graphical environments will be prevented technically.

The ISO image can be downloaded here. You can also install openmediavault 6 on every Debian 11 based distribution, e.g. using the Netinst ISO images, Raspbian or … if your platform is not supported. You will find a guide here how you can do that.

Existing openmediavault 5 installations can be migrated by running the omv-release-upgrade command in the CLI.

If you have any questions, feel free to post them in the forum or have a look into our troubleshooting section.