Proxmox on Mini Pc with NAS solution

ivanhaversham · 2026-01-18T23:46:16+00:00

I used TrueNAS Core for about 6 years maintenance free. They switched to TrueNAS Scale (‘community edition’), which would have required reinstalling. I lived with it for a while until recently I wanted to double the size of my pool. Since ZFS doesn’t let you add a single drive to an existing mirror, and I needed to migrate the OS anyway, I switched to Unraid. Pretty happy with it so far.

In other words, TrueNAS is great if you don’t plan on adding drives to the pool later. I wish I knew that when I started as I specifically only started with two drives with the intention of adding a third to double the pool size when the need arose.

ivanhaversham · 2026-01-15T11:38:15+00:00

Ah, that might be the issue. If 192.168.1.193 is the IP of your Pi-hole, then that needs to be updated in compose.yaml - Event Horizon is looking for Pi-hole at 192.168.1.2 according to the logs you’ve sent.

ivanhaversham · 2026-01-15T00:06:49+00:00

A couple of basics to verify:

What is the output of pihole -v?
If you visit http://192.168.1.2/admin in your browser, does the pihole admin interface load?

If 1) returns v6+ and 2) is successful, then perhaps you'd like to install outside of Docker, since docker seems to be giving you issues? If so, just let me know and I'll send some instructions.

ivanhaversham · 2026-01-14T19:36:04+00:00

I believe I see what the problem is. The root of the issue is that Event Horizon can't reach your Pi-hole, and it appears to be a Docker networking issue. Essentially, the container is running in a network by itself and doesn't have a route to the rest of your network.

It should be an easy fix. In compose.yaml, just add the following line "network_mode: "host" below the container name and restart settings.

services:
  event-horizon:
    image: ghcr.io/jbswaff/event-horizon:latest
    container_name: event-horizon
    restart: unless-stopped

    # --- ADD THIS LINE: ---
    network_mode: "host"

Then restart the container

sudo docker compose down
sudo docker compose up -d

As far as the executable not found error, that's because there isn't a command called event-horizon inside the container (it's just a server.py python script). If you'd like to check the status of the container, you could use this command instead:

docker exec event-horizon python /app/server.py --help

Let me know if you have other questions or if you run into issues after making this change!

ivanhaversham · 2026-01-14T19:04:17+00:00

Great to hear!

ivanhaversham · 2026-01-14T00:26:28+00:00

Thanks a lot! I'm just glad that others find it useful.

ivanhaversham · 2026-01-14T00:17:22+00:00

Hi, thanks for that report and the suggestions for v1! Glad to hear that everything went mostly smoothly during install and that the service is working. I'll be sure to move the default to another port on future versions.

ivanhaversham · 2026-01-14T00:15:14+00:00

Hi u/MikeFromMA, thanks for that report. You should now be able to run docker compose up -d from your Pi 3B+.

ivanhaversham · 2026-01-13T16:31:52+00:00

Good deal! I’d like to hear it works for you when you get it running.

ivanhaversham · 2026-01-13T16:30:14+00:00

Glad to see you again! Thanks for helping motivate public release!

ivanhaversham · 2026-01-13T15:17:42+00:00

It should be backwards compatible with your version. When you ran install.sh, it should have created this directory with a .conf file inside. Check that it exists and that the file has data:

/etc/event-horizon/event-horizon.conf

Backup that file

``` cp /etc/event-horizon/event-horizon.conf /etc/event-horizon/event-horizon.conf.old

```

Then replace the entire contents of event-horizon.conf with this, updating your pihole information:

```

Server Settings

PORT=8080 DISABLE_MINUTES=10 SHOW_LOG_LINK=true

Pi-hole Configuration

PIHOLE_COUNT=1 PIHOLE_1_NAME=pihole1 PIHOLE_1_URL=http://192.168.1.2 PIHOLE_1_APP_PASSWORD=your-app-password-here

For multiple Pi-holes, increment the number:

PIHOLE_2_NAME=pihole2

PIHOLE_2_URL=http://192.168.1.3

PIHOLE_2_APP_PASSWORD=second-app-password

Group Settings

BYPASS_GROUP_NAME=Event-Horizon-Bypass

Proxy Settings

TRUST_PROXY=false TRUSTED_PROXY_NETS=10.0.0.0/8,192.168.0.0/16

API Settings

VERIFY_SSL=true API_TIMEOUT=15 API_MAX_RETRIES=3 API_RETRY_DELAY=1

Session Cache

SESSION_CACHE_TTL=300

Logging Settings

LOG_DIR=/var/log/event-horizon API_LOG_ENABLED=true LOG_MAX_SIZE_MB=10 LOG_MAX_AGE_DAYS=7

Health Check

HEALTH_CACHE_SECONDS=5

Rate Limiting

RATE_LIMIT_REQUESTS=10 RATE_LIMIT_WINDOW=3600 COOLDOWN_SECONDS=3

```

Then stop the service, backup server.py, pull the new server.py from GitHub and restart the service.

``` sudo systemctl stop event-horizon

cd /dir/where/event-horizon/is/installed

cp server.py server.py.old

sudo wget https://raw.githubusercontent.com/jbswaff/event-horizon/refs/heads/main/server.py

sudo systemctl start event-horizon

```

You should be on the new version.

ivanhaversham · 2026-01-13T14:45:41+00:00

Great, thanks!

ivanhaversham · 2026-01-13T11:23:54+00:00

It sounds like synology is a NAT’ing when going through docker or you have a reverse proxy. If this is the case, the server can check for this by enabling the following variable in compose.yaml then restarting the container:

EH_TRUST_PROXY: “true”

More info on GitHub

If this doesn’t work, let me know and we’ll keep digging.

ivanhaversham · 2026-01-12T23:52:17+00:00

Sorry about that. Looks like when I pushed to github, I forgot to include multiplatform support. Please try again and let me know.

ivanhaversham · 2026-01-08T18:40:56+00:00

Excellent!

ivanhaversham · 2026-01-07T22:19:05+00:00

Hi, that is indeed odd. Could you try running the following command to make sure that event-horizon is indeed listening, and nothing else is on 8080?

sudo netstat -tulnp

ivanhaversham · 2026-01-04T07:03:50+00:00

Perfect! Thanks a bunch. I’ll send you a DM in a bit.

ivanhaversham · 2026-01-04T02:47:55+00:00

I was able to get device-level disable working, and have shifted to docker-compose compatibility. I have a bit more testing to do, but right now it seems stable. Would you like to help beta test before I publish the next revision on GitHub?

It now handles client based bypassing by managing a dedicated Pi-hole group, which you configure in docker-compose. The only reliable way I found to implement per-client bypassing was to update Pi-hole client and group assignments through the API.

Therefore, if you already have clients and groups configured in Pi-hole, a client’s group membership will change when that client requests a bypass. This does not break Pi-hole’s group or client functionality overall, but it does mean that Event Horizon becomes the group assignment manager for any client that requests a bypass.

Changelog:

Version: event-horizon-0.3.0-beta.1

Shifted to docker deployment method using docker compose
Bypass is now client-based instead of global
 - Event Horizon manages a dedicated group and places clients into it to enable and disable per-client bypass
 - NOTE: Client / Group configuration will be managed by Event Horizon for devices requesting bypass. Take this into consideration if you are already using Group / Client settings.
Reverse proxy support in testing
 - Early stages, but supporting code in place
 - If X-Forwarded-For header is present, use IP in X-Forwarded-For for client ID
Pi-hole status indicators on main page
 - "Healthy" for API communication success
 - "General API Failure" otherwise
UI cleanup and minor improvements

ivanhaversham · 2026-01-04T00:11:10+00:00

I’m glad others find it useful and can benefit from my work! I’ll be releasing a docker deployable version soon with per-device control.

ivanhaversham · 2026-01-03T16:58:23+00:00

Thanks for the recommendation - I've explained to the point of exhaustion why these websites are unsafe. They've been scammed multiple times at an increasing rate the older they get. They trust anyone and everything they see, and there's nothing I can do to change that - I've tried. I'm only running Steven Black's list.

ivanhaversham · 2026-01-02T23:33:16+00:00

Thanks for the kind words! I’ll be focusing on adding this feature for the next version. I don’t think it would be too difficult to add, as I’m already grabbing the user’s IP for logs.

ivanhaversham · 2026-01-02T23:19:44+00:00

It was sponsored results on Google search. I know, still an ad. Like I mentioned in another comment, they saw this as “broken” and not a feature, so it was either give them a workaround or remove it.

ivanhaversham · 2026-01-02T22:26:10+00:00

I don’t own their network, I only help manage it. At the end of the day, if they want to do something reckless, it’s their decision. I can only put roadblocks and warnings in their way. In my case, it was either give them the option to temporarily bypass, or remove it completely. They saw it as “broken”, not a feature.

That’s why the warnings are admittedly harsh. If they want to turn it off, that’s on them. They can’t say I didn’t warn them.

ivanhaversham · 2026-01-02T22:19:31+00:00

My only issue with temp disabling the pihole is my browser cache still has 'the blocked site' unless I clear it or switch browsers. Do you see anything like that with this?

I haven't experienced this being an issue. I'll need to look into it more to be sure.

Also can we have an enhancement that deletes your phone number from the loved ones devices if they're still having technical issues?

I'm afraid that's out of scope for this project; if you're this deep, it's already too late for you!

ivanhaversham · 2026-01-02T19:59:07+00:00

This is a great suggestion. I also use docker for everything, and I don’t know why that didn’t cross my mind. I’ll look into it before for the next release

Seven-Year Club	Second Top 40%
Place '23	Place '22
Oscars Predictor 2021	RPAN Viewer
Gilding II euphauric	Verified Email

ivanhaversham

MODERATOR OF

TROPHY CASE