I'm noticing a few issues with the current images:
The "Desktop Interceptor Raspberry Pi CM4 OS Image" released 23.10.09 appears to also be an OMV version
Both the Desktop and the "OMV Interceptor Raspberry Pi CM4 OS Image" are built with NFS support, but don't include the kernel module (Relevant kernel config & modprobe below)
On both, the kernel seems to be built without support for software raids CONFIG_MD_RAID1 and therefore it's not possible to set up a software raid. (Raid config below).
The OMV Photoprism plugin fails because it can't find iptables (iptables-nft specifically)
I've included a fair bit of detail below. I don't think I'm missing something obvious, but maybe I am. Either way suggestions would be helpful. My preference would be to get the OMV distro working.
Alternatively, does it work to install vanilla raspian or ubuntu on the device and then patch with the linux patch? I haven't looked through the linux patch for what it impacts yet. I imagine I could install on the EMMC and there might be some hardware things that don't work perfectly until I patch and update the kernel. Is that correct?
NFS Config and Modprobe
root@interceptor:/# zcat /proc/config.gz | grep NFS
CONFIG_KERNFS=y
CONFIG_NFS_FS=y
CONFIG_NFS_V2=y
CONFIG_NFS_V3=y
# CONFIG_NFS_V3_ACL is not set
CONFIG_NFS_V4=y
# CONFIG_NFS_SWAP is not set
CONFIG_NFS_V4_1=y
CONFIG_NFS_V4_2=y
CONFIG_PNFS_FILE_LAYOUT=y
CONFIG_PNFS_BLOCK=m
CONFIG_PNFS_FLEXFILE_LAYOUT=y
CONFIG_NFS_V4_1_IMPLEMENTATION_ID_DOMAIN="kernel.org"
# CONFIG_NFS_V4_1_MIGRATION is not set
CONFIG_NFS_V4_SECURITY_LABEL=y
CONFIG_ROOT_NFS=y
# CONFIG_NFS_USE_LEGACY_DNS is not set
CONFIG_NFS_USE_KERNEL_DNS=y
CONFIG_NFS_DISABLE_UDP_SUPPORT=y
# CONFIG_NFS_V4_2_READ_PLUS is not set
# CONFIG_NFSD is not set
CONFIG_NFS_COMMON=y
CONFIG_NFS_V4_2_SSC_HELPER=y
root@interceptor:/# modprobe nfsd
modprobe: FATAL: Module nfsd not found in directory /lib/modules/6.5.6
It looks like nfs.ko is missing from the directory. Also interesting is that it looks like "build" and "source" are symlinks to a non-existant /builds/axzez/dev/interceptor-gen-2/debian folder
root@interceptor:/lib/modules/6.5.6# ls -l /mnt/msd2/lib/modules/6.5.6/
total 885
lrwxrwxrwx 1 root root 62 Oct 10 03:34 build -> /builds/axzez/dev/interceptor-gen-2/debian/bcm2711/build/linux
drwxr-xr-x 11 root root 126 Oct 10 17:38 extra
drwxr-xr-x 9 root root 125 Oct 10 17:38 kernel
...
root@interceptor:/lib/modules/6.5.6# cat modules.builtin | grep nfs
kernel/fs/nfs_common/grace.ko
kernel/fs/nfs/nfs.ko
kernel/fs/nfs/nfsv2.ko
kernel/fs/nfs/nfsv3.ko
kernel/fs/nfs/nfsv4.ko
...
root@interceptor:/lib/modules/6.5.6# ls -l kernel/fs/nfs/
total 4
drwxr-xr-x 2 root root 4096 Oct 10 17:38 blocklayout
root@interceptor:/lib/modules/6.5.6#
Raid Config:
root@interceptor:/# zcat /proc/config.gz | grep CONFIG_MD_RAID
# CONFIG_MD_RAID0 is not set
# CONFIG_MD_RAID1 is not set
# CONFIG_MD_RAID10 is not set
# CONFIG_MD_RAID456 is not set
PhotoPrism can't find IP Tables
root@interceptor:/# journalctl -xe
...
Jan 28 22:51:51 interceptor podman[35558]: time="2024-01-28T22:51:51Z" level=error msg="Error adding network: failed to locate iptables: could not get iptables version: exit status 1"
Jan 28 22:51:51 interceptor podman[35558]: time="2024-01-28T22:51:51Z" level=error msg="Error while adding pod to CNI network \"podman\": failed to locate iptables: could not get iptables version: exit sta>
root@interceptor:/# iptables
iptables/1.8.7 Failed to initialize nft: Protocol not supported
That's interesting because in theory this build is based on Debian 11 Bullseye and "NOTE: iptables was replaced by nftables starting in Debian 10 Buster"
I'm less familiar with iptables-nft. It looks like I could probably switch back to legacy ip tables, but that feels a bit like a hack. Any suggestions on this one?
We're looking into what happened with the images. They download at different sizes, but you are correct that the OMV image is clearly not the OMV image (should be bullseye, not bookworm).
The NFS client is built-in to the kernel, so no modules. NFSD is built as a module with our newest image, but we havent released it yet. Coming this week, but we'll verify the OMV issue is fixed in this new image.
We can add this to our build.
We can add iptables to the build, but we will need to verify this doesn't break docker. I think it should be fine, though.