From what i know about netbird(which is not a lot). Buy its a beast to setup. I could never even get their standard docker compose file to work.
That being said I’m rocking headscale and love it, super easy to setup and tons of documentation. I’ll need to give netbird a other try when I get time though.
Jenny should do a grammar check for your and you’re
Yeah I would say so. You still having issues?
Did you go here and look at the supported codecs for encoding and decoding?
Ah OK what GPU are you using? are you using the integrated graphics of your CPU?
This is most likely because of encoding. Did you change any settings in jellyfin for hardware acceleration? Have you passed theough your GPU? You will need to find out what codecs your GPU supports and enable those in the jellyfin hardware encoding spot.
I run jellyfin on an LXC, so first get jellyfin installed personally I would separate jellyfin and your other docker containers, I have a separate VM for my podman containers. I need jellyfin up 100% of the time so that’s why its separate.
Work on the first problem, getting jellydin installed I wouldn’t use docker, just follow the steps for installing it on Ubuntu directly.
Second, to get the unprivileged lxc to work with your nas share follow this forum post: https://forum.proxmox.com/threads/tutorial-unprivileged-lxcs-mount-cifs-shares.101795/
Thirdly, read through the jellyfin docs for hardware acceleration. Its always best practice to not just run scripts blindly on your machine.
Lastly take a break if you can’t figure it out, when I’m stuck I always need to take a day and just think stuff over and I usually figure out why its not working by just doing that.
If you need any help let me know!
^^have you tried this? I needed to enable for my banking app to work.
I’m going down this rabbit hole right now and porting all my docker containers to quadlets on rocky Linux 10 as well. Haven’t done arr stack yet but everything else has been a pretty smooth transition.
Don’t give up its worth it to be able to run rootless!
Proxmox does say docker isn’t officially supported in LXC. That being said I’m running 10 docker containers with no issues on an LXC. I have recently had some weird database not connecting issues and other strange new docker containers not working in an LXC for some reason. If you can I would try the same setup but in a VM and see what happens.
I recently was trying to get authentik setup via docker and it just wouldn’t work. I gave up and spun up a VM, ran the same docker compose file and it worked right away.
Hopefully this helps?
Sorry I’d this has been answered but are you running this in docker on a VM or LXC?
I’ve just setup headscale in docker and it worked right away. It’s even faster than when I was using tailscale. It was very easy to setup and I’ve been using it for about a month with no issues. Doesn’t really help but I haven’t used gluetun myself.
I’m using sunshine on my main Linux gaming rig with my own head scale instance running and use moonlight on my client PC and its very nice and smooth. I use it to access my main LAN gaming rig from another remote network. Not sure if that’s your use case but I’ve also used sunshine and moonlight within my lan so I can remotely play on my bedroom TV.
I’ve also tried to run the docker compose file with not changes from the Zitadel documentation, https://zitadel.com/docs/self-hosting/deploy/compose
This is what shows:
[+] Running 3/3
✔ Network root_zitadel Created 0.0s
✘ Container root-db-1 Error 60.8s
✔ Container root-zitadel-1 Created 0.0s
dependency failed to start: container root-db-1 is unhealthy
docker ps -a then shows the root-zitadel-1 container created but not started, I can’t get any logs to show on the root-db-1 container even though it shows as running…
I start the root-zitadel-1 container and restart the root-db-1 container and this is what I get in the logs:
time="2025-07-24T13:41:45Z" level=info msg="initialization started" caller="/home/runner/work/zitadel/zitadel/cmd/initialise/init.go:70"
time="2025-07-24T13:41:45Z" level=fatal msg="unable to initialize the database" caller="/home/runner/work/zitadel/zitadel/cmd/initialise/init.go:63" error="failed to connect to `user=postgres database=postgres`: 172.18.0.2:5432 (db): dial error: dial tcp 172.18.0.2:5432: connect: connection refused"
time="2025-07-24T13:41:45Z" level=info msg="initialization started" caller="/home/runner/work/zitadel/zitadel/cmd/initialise/init.go:70"
time="2025-07-24T13:41:45Z" level=fatal msg="unable to initialize the database" caller="/home/runner/work/zitadel/zitadel/cmd/initialise/init.go:63" error="failed to connect to `user=postgres database=postgres`: 172.18.0.2:5432 (db): dial error: dial tcp 172.18.0.2:5432: connect: connection refused"
time="2025-07-24T13:41:46Z" level=info msg="initialization started" caller="/home/runner/work/zitadel/zitadel/cmd/initialise/init.go:70"
time="2025-07-24T13:41:46Z" level=fatal msg="unable to initialize the database" caller="/home/runner/work/zitadel/zitadel/cmd/initialise/init.go:63" error="failed to connect to `user=postgres database=postgres`: 172.18.0.2:5432 (db): dial error: dial tcp 172.18.0.2:5432: connect: connection refused"
time="2025-07-24T13:41:47Z" level=info msg="initialization started" caller="/home/runner/work/zitadel/zitadel/cmd/initialise/init.go:70"
time="2025-07-24T13:41:47Z" level=fatal msg="unable to initialize the database" caller="/home/runner/work/zitadel/zitadel/cmd/initialise/init.go:63" error="failed to connect to `user=postgres database=postgres`: 172.18.0.2:5432 (db): dial error: dial tcp 172.18.0.2:5432: connect: connection refused"
time="2025-07-24T13:41:48Z" level=info msg="initialization started" caller="/home/runner/work/zitadel/zitadel/cmd/initialise/init.go:70"
time="2025-07-24T13:41:48Z" level=fatal msg="unable to initialize the database" caller="/home/runner/work/zitadel/zitadel/cmd/initialise/init.go:63" error="failed to connect to `user=postgres database=postgres`: 172.18.0.2:5432 (db): dial error: dial tcp 172.18.0.2:5432: connect: connection refused"
Here is the compose file I’m using:
services:
postgresql:
image: postgres:16-alpine
container_name: postgresql
restart: unless-stopped
networks:
- authentik
healthcheck:
test: ["CMD-SHELL", "pg_isready -d authentik -U postgres"]
start_period: 20s
interval: 30s
retries: 5
timeout: 5s
volumes:
- ./database:/var/lib/postgresql/data
ports:
- 5432:5432
environment:
POSTGRES_PASSWORD: JKSHDFUHWEUEIORUhdsjhfglsdhuifghert
POSTGRES_USER: postgres
POSTGRES_DB: authentik
redis:
image: redis:alpine
container_name: redis
command: --save 60 1 --loglevel warning
restart: unless-stopped
healthcheck:
test: ["CMD-SHELL", "redis-cli ping | grep PONG"]
start_period: 20s
interval: 30s
retries: 5
timeout: 3s
volumes:
- ./redis:/data
networks:
- authentik
server:
image: ghcr.io/goauthentik/server:2025.6.4
container_name: authentik-server
restart: unless-stopped
command: server
environment:
AUTHENTIK_SECRET_KEY: 0rIgYE/fgWwkkhKXob6jQQ8M8Wp6tJzDc658GGb0C5r0QZOt
AUTHENTIK_REDIS__HOST: redis
AUTHENTIK_POSTGRESQL__HOST: postgresql
AUTHENTIK_POSTGRESQL__USER: postgres
AUTHENTIK_POSTGRESQL__NAME: authentik
AUTHENTIK_POSTGRESQL__PASSWORD: JKSHDFUHWEUEIORUhdsjhfglsdhuifghert
volumes:
- ./media:/media
- ./custom-templates:/templates
ports:
- 9000:9000
- 9443:9443
networks:
- authentik
depends_on:
postgresql:
condition: service_healthy
redis:
condition: service_healthy
worker:
image: ghcr.io/goauthentik/server:2025.6.4
container_name: authentik-worker
restart: unless-stopped
command: worker
networks:
- authentik
environment:
AUTHENTIK_SECRET_KEY: 0rIgYE/fgWwkkhKXob6jQQ8M8Wp6tJzDc658GGb0C5r0QZOt
AUTHENTIK_REDIS__HOST: redis
AUTHENTIK_POSTGRESQL__HOST: postgresql
AUTHENTIK_POSTGRESQL__USER: postgres
AUTHENTIK_POSTGRESQL__NAME: authentik
AUTHENTIK_POSTGRESQL__PASSWORD: JKSHDFUHWEUEIORUhdsjhfglsdhuifghert
user: root
volumes:
- /var/run/docker.sock:/var/run/docker.sock
- ./media:/media
- ./certs:/certs
- ./custom-templates:/templates
depends_on:
postgresql:
condition: service_healthy
redis:
condition: service_healthy
networks:
authentik:
Here are the logs when starting up Authentik docker compose:
authentik-worker | {"event": "Starting authentik bootstrap", "level": "info", "logger": "authentik.lib.config", "timestamp": 1753364156.1238139}
authentik-worker | {"event": "PostgreSQL connection failed, retrying... (connection failed: connection to server at \"172.18.0.3\", port 5432 failed: Connection refused\n\tIs the server running on that host and accepting TCP/IP connections?)", "level": "info", "logger": "authentik.lib.config", "timestamp": 1753364157.1261947}
authentik-worker | {"event": "PostgreSQL connection failed, retrying... (connection failed: connection to server at \"172.18.0.3\", port 5432 failed: Connection refused\n\tIs the server running on that host and accepting TCP/IP connections?)", "level": "info", "logger":
authentik-server | {"event":"Loaded config","level":"debug","path":"inbuilt-default","timestamp":"2025-07-24T13:35:48Z"}
authentik-server | {"event":"Loaded config","level":"debug","path":"/authentik/lib/default.yml","timestamp":"2025-07-24T13:35:48Z"}
authentik-server | {"event":"Loaded config from environment","level":"debug","timestamp":"2025-07-24T13:35:48Z"}
authentik-server | {"event":"Starting HTTP server","level":"info","listen":"0.0.0.0:9000","logger":"authentik.router","timestamp":"2025-07-24T13:35:49Z"}
authentik-server | {"event":"Starting Metrics server","level":"info","listen":"0.0.0.0:9300","logger":"authentik.router.metrics","timestamp":"2025-07-24T13:35:49Z"}
authentik-server | {"event":"Starting HTTPS server","level":"info","listen":"0.0.0.0:9443","logger":"authentik.router","timestamp":"2025-07-24T13:35:49Z"}
authentik-server | {"event": "Loaded config", "level": "debug", "logger": "authentik.lib.config", "timestamp": 1753364149.613906, "file": "/authentik/lib/default.yml"}
authentik-server | {"event": "Loaded environment variables", "level": "debug", "logger": "authentik.lib.config", "timestamp": 1753364149.6143358, "count": 6}
authentik-server | {"event": "Starting authentik bootstrap", "level": "info", "logger": "authentik.lib.config", "timestamp": 1753364149.953862}
authentik-server | {"event": "PostgreSQL connection failed, retrying... (connection failed: connection to server at \"172.18.0.3\", port 5432 failed: Connection refused\n\tIs the server running on that host and accepting TCP/IP connections?)", "level": "info", "logger": "authentik.lib.config", "timestamp": 1753364150.955268}
authentik-server | {"event": "PostgreSQL connection failed, retrying... (connection failed: connection to server at \"172.18.0.3\", port 5432 failed: Connection refused\n\tIs the server running on that host and accepting TCP/IP connections?)", "level": "info", "logger":
time=“2025-07-23T20:49:22Z” level=info msg=“initialization started” caller=“/home/runner/work/zitadel/zitadel/cmd/initialise/init.go:75”
time=“2025-07-23T20:49:22Z” level=fatal msg=“unable to initialize the database” caller=“/home/runner/work/zitadel/zitadel/cmd/initialise/init.go:68” error=“failed to connect to user=root database=postgres:\n\t127.0.0.1:5432 (localhost): dial error: dial tcp 127.0.0.1:5432: connect: connection refused\n\t[::1]:5432 (localhost): dial error: dial tcp [::1]:5432: connect: connection refused”
time=“2025-07-23T20:49:23Z” level=info msg=“initialization started” caller=“/home/runner/work/zitadel/zitadel/cmd/initialise/init.go:75”
When I run docker compose up it’s initializes all the containers and then the zdb container fails to load and I get the error messages above. I can’t seem to paste my docker compose file or environment files since it formats the code very weirdly and makes it hard to read.
Yeah I’ll grab some logs and post my files tonight when I get time :)
I definitely can’t connect to the container as it doesn’t start. I’ve also tried without the .env file and that doesn’t work either. I’ve even setup a new LXC and started from scratch with the same result. For reference I’m using Ubuntu server so maybe I’ll try a different distro…
I’m also looking for something. I just tried netdata but looks like there is a 5 node limit now? I’m green on netdata but seems like a lot of people are mad about it lol. I’ll give beszel a try but doesn’t look like it does logs? Any thoughts on Foss options for system logs and alerting as well?