sync: auto-sync from GURU-5070 at 2026-06-27 04:42:51
Author: Mike Swanson Machine: GURU-5070 Timestamp: 2026-06-27 04:42:51
This commit is contained in:
@@ -2,11 +2,12 @@
|
||||
type: system
|
||||
name: jupiter
|
||||
display_name: Jupiter
|
||||
last_compiled: 2026-05-24
|
||||
compiled_by: DESKTOP-0O8A1RL/claude-main
|
||||
last_compiled: 2026-06-26
|
||||
compiled_by: GURU-5070/claude-main
|
||||
sources:
|
||||
- credentials.md
|
||||
- .claude/memory/infra_office_network.md
|
||||
- 2026-06-26 plexrequest Overseerr->Seerr migration (mike)
|
||||
backlinks:
|
||||
- systems/gururmm-build
|
||||
- systems/pluto
|
||||
@@ -36,6 +37,8 @@ Not documented. iDRAC available at 172.16.1.73 (DHCP) for OOB management.
|
||||
| `npm` | 1880 (HTTP), 18443 (HTTPS), 7818 (admin) | Nginx Proxy Manager — handles all external reverse proxying |
|
||||
| `gitea` | 3000 (HTTP), 2222 (SSH) | Internal Gitea git server; http://172.16.3.20:3000 |
|
||||
| `seafile` + mysql + elasticsearch + memcached | 8082 | Seafile Pro file sync stack |
|
||||
| `dns-relay` | br0 `172.16.3.50`:53 | **DNS relay** — dnsmasq (`4km3/dnsmasq`) forwarding all queries to the gateway `172.16.0.1` (pfSense unbound). Stood up 2026-06-26 to revive the dead `172.16.3.50` resolver IP so every device/config hardcoded to `.50` works without being touched. `--no-resolv --no-hosts --server=172.16.0.1 --cache-size=1000`, `--restart unless-stopped`, **first in the autostart list** (DNS up before other containers). dnsmasq's default `local-service` limits answers to the `172.16.0.0/22` LAN (not an open resolver). No Unraid template (created via `docker run`). |
|
||||
| `Seerr` | br0 `172.16.3.31`:5055 | Plex request manager (Overseerr successor). Runs on br0 with a static IP + `--init --user 99:100`, `--restart unless-stopped`. Image `ghcr.io/seerr-team/seerr:latest`, appdata `/mnt/user/appdata/seerr`. Template `my-Seerr.xml` fixed to br0/.31 on 2026-06-26 (was `bridge` — a UI re-apply in bridge mode would break the NPM `.31` target). **Not yet in Unraid autostart list** — toggle on in the Docker tab so it survives an array stop/start. |
|
||||
|
||||
**NPM → 443 routing:** iptables PREROUTING rule on Jupiter: `dpt:443 → 172.17.0.2:443` (NPM Docker bridge IP). Persisted in `/boot/config/go` so it survives reboots.
|
||||
|
||||
@@ -72,7 +75,7 @@ Not documented. iDRAC available at 172.16.1.73 (DHCP) for OOB management.
|
||||
| rmm-api.azcomputerguru.com | 172.16.3.20:3001 | **STALE** — actual GuruRMM API is on 172.16.3.30:3001; update this in NPM admin |
|
||||
| unifi.azcomputerguru.com | 172.16.3.29:11443 | **UOS Server** (UniFi OS). Verified from NPM API 2026-06-15 — earlier `.28:8443` was stale. The real HTTPS port is **11443** (8443/443 are closed). See [[uos-server]]. |
|
||||
| sync.azcomputerguru.com | 172.16.3.20:8082 | Seafile Pro |
|
||||
| plexrequest.azcomputerguru.com | 172.16.3.31:5055 | Plex request manager |
|
||||
| plexrequest.azcomputerguru.com | 172.16.3.31:5055 | **Seerr** (Plex request manager) — `Seerr` Docker container on **br0 `172.16.3.31`**, appdata `/mnt/user/appdata/seerr`. **Migrated Overseerr -> Seerr 3.2.0 on 2026-06-26** (Overseerr is being abandoned; Seerr is its successor). Cloudflare-fronted, so bare `curl` returns 403 — test with a browser UA. See Known Issues for the outage that prompted the migration. |
|
||||
|
||||
**[ACTION REQUIRED]** Update `rmm-api.azcomputerguru.com` proxy target from `172.16.3.20:3001` → `172.16.3.30:3001` in NPM admin (http://172.16.3.20:7818).
|
||||
|
||||
@@ -85,11 +88,13 @@ Not documented. iDRAC available at 172.16.1.73 (DHCP) for OOB management.
|
||||
|
||||
## Known Issues & Quirks
|
||||
|
||||
- **[HOST-WIDE] Primary DNS `172.16.3.50` is DEAD but still Jupiter's first resolver (found 2026-06-26):** `/etc/resolv.conf` (generated by `rc.inet1` from Unraid network settings) lists `nameserver 172.16.3.50` first, then `8.8.8.8`, `1.1.1.1`. `172.16.3.50` is **down** (100% ping loss, host-unreachable, `:53` times out ~5s). Result: **every cache-miss DNS lookup on the host AND in every container that forwards to the host eats a ~5s timeout** before falling back to 8.8.8.8 — slows all DNS-heavy containers (Seerr was the worst-hit). Per-container workaround applied to Seerr (`--dns 1.1.1.1 8.8.8.8`). **FIXED 2026-06-26 via a DNS relay:** stood up the `dns-relay` container (dnsmasq on br0 `172.16.3.50`, see Docker table) forwarding to `172.16.0.1` — `.50` now answers again (0.3s cold / 0.04s cached, verified from a LAN client), so every device/config hardcoded to `.50` works without being repointed. **Caveat — Jupiter's OWN host DNS:** the host's `/etc/resolv.conf` still lists `.50` first, but **ipvlan blocks a host from reaching its own br0 container**, so the host itself can't use the relay and still eats the ~5s fallback for its own lookups. To fix the host specifically, set its DNS1 to `172.16.0.1` directly in Unraid **Settings -> Network Settings** (`/boot/config/network.cfg` `DNS_SERVER1`). LAN clients and other-host devices are unaffected by this caveat — only Jupiter-the-host.
|
||||
- **iptables PREROUTING for port 443** persists via `/boot/config/go` — if NPM routing breaks after a reboot, check this file first.
|
||||
- **iDRAC IP is DHCP** (172.16.1.73) — may drift. Verify before relying on it for OOB access.
|
||||
- **guruRMM API proxy stale** — see NPM table above. Fix before it causes a routing incident.
|
||||
- **Post-power-failure recovery order matters** — see `.claude/POWER_FAILURE_RUNBOOK.md` for the full recovery sequence (Tailscale routes, libvirt/VMs, Seafile, NPM/DNS in order).
|
||||
- **VM "Windows Server 2016" (`ACG-DWP-X-BB`) — no LAN (2026-06-07):** guest stuck on APIPA `169.254.157.152`, no DHCP lease. Host side is healthy (vnet8 bridged to br0, forwarding, receiving LAN broadcast); fault is guest-side — single e1000 NIC set to DHCP, pfSense (172.16.0.1) not leasing it. Diagnose via `virsh domifaddr 9 --source agent` and qemu guest-exec `ipconfig /all`. Fix path: `ipconfig /renew` in-guest (stuck-client case) or assign a static IP if that is the intended config. PAUSED pending Mike's DHCP-vs-static decision.
|
||||
- **plexrequest (Seerr) outage + Overseerr->Seerr migration (2026-06-26):** Reported down. Root cause: the `Seerr` container (NPM target `172.16.3.31:5055`) had been **removed entirely** (gone from `docker ps -a`; everything else came back after a Docker restart, Seerr didn't) — it was a half-finished May-27 migration left `initialized:false`. The old working instance was `binhex-overseerr` (also stopped). Fix: recreated the `Seerr` container on br0 `.31`, then **migrated the real Overseerr data into it** (copied `/mnt/user/appdata/binhex-overseerr/overseerr` -> `/mnt/user/appdata/seerr`, chown `99:100`, started Seerr -> auto-migration "Overseerr to Seerr migration completed successfully"). Verified initialized, Plex/Radarr/Sonarr config + 191 requests + users preserved, public 200. Backups: old source untouched + `/mnt/user/appdata/_migbackup_20260626/overseerr-source.tgz`; pre-migration empty config at `/mnt/user/appdata/seerr.empty.preMig`. **Autostart:** added `Seerr` to `/var/lib/docker/unraid-autostart` (replaced the stale `binhex-overseerr`). **"Really slow" -> DNS:** Seerr felt very slow because every external lookup (TMDB metadata/posters) took ~4s — the container forwarded DNS to the host, whose **primary resolver `172.16.3.50` is DEAD** (see separate entry). Fixed by recreating Seerr with `--dns 1.1.1.1 --dns 8.8.8.8` (bypasses `.50`) and `LOG_LEVEL=info` (the template default `debug` dumped a full Radarr JSON per title — heavy log IO). In-container lookups went 4s -> ~0s. **Follow-up:** the `[Plex Scan]` job errors post-migration (`Cannot read properties of undefined (reading 'some')`) — re-select Plex libraries in Seerr settings to clear it.
|
||||
|
||||
## Backlinks
|
||||
|
||||
|
||||
Reference in New Issue
Block a user