Dustin
670c1f7561
We're going to use *nginx* as the reverse proxy in front of Home Assistant, as well as the web consoles for Zigbee2MQTT and ZWaveJS2MQTT. It will provide TLS termination for all of these applications. Since *nginx* will not start without a certificate and private key file for HTTPS, the *gen-nginx-cert.service* systemd unit generates a self-signed certificate if one does not already exist. This ensures that *nginx* can start by default, but still allows the administrator to replace the certificate with a trusted one later. The *nginx* container image has symlinks at `/var/log/nginx/error.log` and `/var/log/nginx/access.log`, pointing to `/dev/stderr` and `/dev/stdout`, respectively. The intent here is to send all log messages to the container runtime. Unfortunately, when the the container is managed by Podman from a systemd unit, the standard output and standard error streams are connected to the systemd journal via a UNIX socket. As a result, the `/dev/stdout` and `/dev/stderr` pseudo-files cannot be "opened" like normal files or pipes. Thus, to forward nginx's logs to the systemd journal correctly, we have to do a bit of trickery. For the error log at least, setting `error_log stderr` works well; nginx simply writes messages to the existing file descriptor. Unfortunately, the access log has no such mechanism. For that, we use nginx's syslog capabilities. The `/dev/log` socket is bind-mounted into the container, and nginx is configured to connect to it. |
||
|---|---|---|
| overlay | ||
| patches/ebuilds | ||
| repos | ||
| yellow | ||
| .gitignore | ||
| .gitmodules | ||
| Makefile | ||
| README.md | ||
| build-grub.sh | ||
| build-host-tools.sh | ||
| build-kernel.sh | ||
| build-rootfs.sh | ||
| build-squashfs.sh | ||
| build-update.sh | ||
| build.packages | ||
| build.sh | ||
| genimage.cfg | ||
| genimage.sh | ||
| grub.cfg | ||
| host-tools.packages | ||
| install-update.sh | ||
| install.packages | ||
| ocivm.sh | ||
| podman-build.sh | ||
| post-build.sh | ||
| prepare.sh | ||
| rebuild-pkg.sh | ||
| semanage.mods | ||
| setup-local-repo.sh | ||
| squashfs.exclude | ||
| start-container.sh | ||
| vm-build.sh | ||
README.md
Errors
SWIOTLB Buffer
OF: reserved mem: failed to allocate memory for node … Can not allocate SWIOTLB buffer earlier and can't now provide you with the DMA bounce buffer
Ensure start_x=1 is in config.txt and start_file/fixup_file are not
specified.
U-Boot: Overwrite Reserved Memory
** Reading file would overwrite reserved memory **
Set CONFIG_LMB_MAX_REGIONS=16 in u-boot/.config