as the doc hinted, putting proxmox itself aside, install/run weewx in LXC
unprivileged container is the same as running it outside a container, with the
benefit of it not being able to trample on rest of host
the tricky parts are where the container walls are visible, the two principal
cases being
* direct access to a device file
* mapping uid/gid inside container to outside
i run a number of unprivileged containers on proxmox server ballina, each with
their own IP addresses, including ns1 running dnsmasq, broker running mosquitto
and wx running weewx.
wx runs several instances (stations) of weewx, all sharing same venv. the weewx
station vantage is, you guessed it, a vp2 running off usb/serial port, so we
have a device file. the host device file has to be mapped into the container as
a device file.
(note that i use usual weewx pattern - user weewx in group dialout, device file
group-owned by dialout)
some proxmox magic i should mention for the config below to make sense: a
uid/gid of nnn inside a container appears as 100,000+nnn on host outside
container
graham@ballina:~$ cat /etc/udev/rules.d/99-usb-serial.rules
#99-usb-serial.rules####################################################
########################################################################
# two serial ports on one USB FTDI adapter.
# owned by 'wx' container wherein:
# * wx.dialout is gid 100020
########################################################################
SUBSYSTEM=="tty", ATTRS{idVendor}=="0403", ATTRS{idProduct}=="6010",
GROUP="100020", MODE="0660"
#not required to distinguish ports######################################
graham@ballina:~$ sudo cat /etc/pve/lxc/105.conf
#weewx server
#
#| mappings | host view | container view |
#| %3A--- | %3A--- | %3A--- |
#| tty | /dev/ttyUSB0 660 - (100020) | /dev/aqua 660 - dialout(20) |
#| tty | /dev/ttyUSB1 660 - (100020) | /dev/vp2 660 - dialout(20) |
arch: amd64
cores: 1
features: nesting=1
hostname: wx
memory: 512
net0:
name=eth0,bridge=vmbr0,firewall=1,hwaddr=b2:8d:88:67:d1:bf,ip=dhcp,type=veth
onboot: 1
ostype: debian
rootfs: local-lvm:vm-105-disk-0,size=8G
swap: 512
unprivileged: 1
lxc.cgroup2.devices.allow: c 188:* rwm
lxc.mount.entry: /dev/ttyUSB0 dev/aqua none bind,optional,create=file
lxc.mount.entry: /dev/ttyUSB1 dev/vp2 none bind,optional,create=file
the last few lines of the container config file are too advanced for the
helpful proxmox GUI so need to be added by hand.
user weewx in container wx sees device /dev/vp2
proxmox is excellent for partitioning a host into many servers and minimising
“breakouts”. containers are extremely resource efficient (e.g. share host’s
kernel image). virtual machines are also supported but they are resource
monsters.
last time i checked, proxmox on RPi is unstable - do not use RPi as the metal.
i am using an apple mac mini from 2012, no hardware add-ons.
cheers
⊣GE⊢
> On 8 May 2024, at 10:25 AM, G7LTT <enico...@gmail.com> wrote:
>
> A start to finish writeup for building a LXC setup would be a nice thing if
> you have time
--
You received this message because you are subscribed to the Google Groups
"weewx-user" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to weewx-user+unsubscr...@googlegroups.com.
To view this discussion on the web visit
https://groups.google.com/d/msgid/weewx-user/43C9238F-7909-473C-B29A-3B4E735316D3%40geddy.au.
