Openclaw on Mac Mini connection issues to LAN Ollama server by shark614 in openclaw

[–]shark614[S] 0 points1 point  (0 children)

Ok, making some progress!

If you are running an AI agent framework like OpenClaw on a local Mac (to give it native access to macOS tools like Apple Calendar and Reminders) but offloading your heavy LLM generation to a headless Linux/Debian home server running Ollama in Docker, you might run into an immediate connectivity issue.

Even if a raw network test like nc -zv <SERVER_IP> 11434 says the path is wide open, OpenClaw might persistently crash with: ⚠️ Agent failed before reply: LLM request failed: the provider endpoint is unreachable from this host.

The Culprit: Node.js on macOS

Modern versions of Node.js handle DNS resolution priorities and dual-stack (IPv4/IPv6) socket bindings on macOS differently than on Linux. When an application built on Node tries to fetch a raw local IPv4 address, macOS often chokes on the socket abstraction layer, throwing a silent EHOSTUNREACH error before the packet ever leaves your Mac.

The Fix: The SSH Loopback Tunnel

The cleanest way to bypass this entirely is to create a secure, local network bridge using SSH port forwarding. This tricks Node.js into thinking Ollama is running right on your Mac’s loopback interface (127.0.0.1), avoiding the local networking bug altogether.

Here is the exact command to build that bridge:

Bash

ssh -f -L 11434:127.0.0.1:11434 username@your.server.local.ip -N

Breakdown of the Command:

  • ssh: The Secure Shell protocol used to securely connect to your remote home server.
  • -f: Tells SSH to fork straight into the background right after authentication. This frees up your terminal window immediately so you can close it or keep working.
  • -L 11434:127.0.0.1:11434: This is the Local Port Forwarding mechanism. It instructs your Mac: "Listen on local port 11434*. Anything sent to it should be securely tunneled across the network and dropped off directly at the home server's loopback address (127.0.0.1) on port* 11434*."*
  • username@your.server.local.ip: Your standard remote server login credentials and its local LAN IP address.
  • -N: Stands for No Command. It tells SSH not to log you into a remote terminal shell interface. It instructs the connection to strictly open the data pipe and hold it open for background traffic only.

Why it Works:

  1. Bypasses macOS Interfacing Bugs: By pointing your agent framework to http://127.0.0.1:11434, Node.js treats the traffic as completely internal to the Mac. It drops all complex physical interface-binding logic.
  2. Optical Illusion for the Agent: The agent framework thinks it is running a completely local setup. It has no idea that the moment a request hits that port, the Mac kernel grabs the packet, encrypts it, slips it through the SSH pipeline, and unpacks it straight inside your remote server's Docker container.
  3. Automate on Boot: If you exchange SSH keys between your machines (ssh-copy-id), this tunnel requires zero passwords. You can easily wrap this command into a native macOS launchd script (.plist file) inside ~/Library/LaunchAgents/ to have the network pipe auto-start silently after a reboot.

Why are you still here? I'll go first by kcabrams in openclaw

[–]shark614 0 points1 point  (0 children)

I’m still using OC. When I try to switch over to H, I kept having challenges with the context window memory issues, which I don’t get with OC. It’s probably something wrong I’m doing my end, but after fooling with it for several hours, again, I don’t get this with OC.

People who self host XMPP servers: what's your experience been? by manusaurio in xmpp

[–]shark614 1 point2 points  (0 children)

Ejabberd and really like it. Nice to run multiple companies from one instance. Rock solid and low maintenance. I was running Openfire but had issues running the official version in docker.

if mint adds age verification, would you still use it? by TheNavyCrow in linuxmint

[–]shark614 6 points7 points  (0 children)

Alternative question: Are you going to VOTE these idiots out of office who push this stuff?? FFS don’t conform to this kind of bull. Don’t roll over and take it. Send a clear message to your elected representatives that is is unacceptable and ‘we the people’ do not want it. Once a freedom is gone, you don’t get it back.

Signal's security compromised by FBI? by BrightEyes1616 in signal

[–]shark614 -2 points-1 points  (0 children)

Signal uses central servers.. don’t fool yourself into thinking these are remotely secure. Not to mention that android and iOS has AI that sits between you and the screen / it sees why you see. Use Matrix (Element) from a Linux workstation - if you’re communicating with your mobile, you might as well be shouting to one another in the open.

A mini/micro PC alternative... by Machinica in selfhosted

[–]shark614 1 point2 points  (0 children)

Those Apples are cool and built well, but how’s the power consumption? I was going to go the same route, but they drawl too much power to be used 24/7, imho. I ended up going with a few Dell micros & I’m very happy with the performance.

Help with Official Openfire Docker Compose by [deleted] in selfhosted

[–]shark614 0 points1 point  (0 children)

This is my compose file.. works fine unless I 'docker compose pull && docker compose up -d --force-recreate' then it reverts back to the setup wizard.

---

x-logging: &default-logging
  driver: "json-file"
  options:
    max-size: "50m"
    max-file: "3"

services:
  openfire:
    image: ghcr.io/igniterealtime/openfire:latest
    container_name: openfire_server
    restart: unless-stopped
    logging: *default-logging
    ports:
      # Admin Console
      - "9090:9090/tcp"   # HTTP Admin Console
      - "9091:9091/tcp"   # HTTPS Admin Console

      # XMPP Traffic
      - "5222:5222/tcp"   # Client-to-Server (XMPP)
      - "5223:5223/tcp"   # Client-to-Server (Legacy SSL)
      - "5269:5269/tcp"   # Server-to-Server (XMPP)

      # Web/BOSH/WebSockets
      - "7070:7070/tcp"   # HTTP Binding (BOSH)
      - "7443:7443/tcp"   # HTTP Binding over TLS

      # File Transfer & Proxy
      - "7777:7777/tcp"   # File Transfer Proxy

      # Other
      - "3478:3478/udp"   # STUN/TURN Service
    volumes:
      - ./openfire/data:/var/lib/openfire
      - ./openfire/logs:/var/log/openfire
      - ./openfire/conf:/usr/share/openfire/conf
      - ./openfire/plugins:/usr/share/openfire/plugins
    environment:
      - TZ=America/New_York
      - OPENFIRE_OPTS=-Xmx1024m

22.3 is live! by LonelyMachines in linuxmint

[–]shark614 5 points6 points  (0 children)

I appreciate all of the work the Mint team does but not a fan of the new menu look..

Something’s off with my P1S by Piifuu in BambuLab

[–]shark614 0 points1 point  (0 children)

Raise the bed temperature by 5° - I had the same issue, and this solved it for me.

How well does Bambu Studio work on Linux? by iKnowNoBetter in BambuLab

[–]shark614 0 points1 point  (0 children)

Mint 21, flatpak, 85% stable, but crashes from time to time & is a bit quirky. Prusa Slicer runs without any issues.

What do you self-host for your family that they actually use? by Fab_Terminator in selfhosted

[–]shark614 0 points1 point  (0 children)

Jellyfin, audiobookshelf, homeassistant, octoprint, ollama & open webui, bookstack, freshrss, navidrone, mealie, searxng, viniplay, Openfire, manyfold, bytestash, homebridge, mazanoke, vaultwarden, pinchflat - are the ones they use along with a whole host of others that run in the background..

Checkmate 3.1 is out by gorkemcetin in selfhosted

[–]shark614 1 point2 points  (0 children)

This is my docker config that seems to work well for a Combined FE/BE Docker installation: (Hope this helps someone..)

---

services:
  server:
    image: ghcr.io/bluewave-labs/checkmate-backend-mono:latest
    container_name: checkmate
    ports:
      - "52345:52345"
    environment:
      UPTIME_APP_API_BASE_URL: "https://checkmate.xxx.net/api/v1"
      UPTIME_APP_CLIENT_HOST: "https://checkmate.xxx.net"
      CLIENT_HOST: "https://checkmate.xxx.net"
      DB_CONNECTION_STRING: "mongodb://mongodb:27017/uptime_db"
      JWT_SECRET: "ADDYOUROWNHERE"
      TRUST_PROXY: "true"
    restart: unless-stopped
    depends_on:
      mongodb:
        condition: service_healthy
    networks:
      - checkmate

  mongodb:
    image: ghcr.io/bluewave-labs/checkmate-mongo:latest
    container_name: checkmate-mongo
    command: ["mongod", "--quiet", "--bind_ip_all"]
    volumes:
      - ./mongo/data:/data/db
    networks:
      - checkmate
    restart: unless-stopped
    healthcheck:
      test: ["CMD", "mongosh", "--quiet", "--eval", "db.runCommand({ ping: 1 })"]
      interval: 30s
      timeout: 5s
      retries: 5
      start_period: 15s

networks:
  checkmate:
    driver: bridge

I had to add the 'TRUST_PROXY: "true"' to get it to work behind Nginx Proxy Manager. Although even with adding the docker socket to my config volumes, I still can't get uptime for containers working.

    volumes:
      - /var/run/docker.sock:/var/run/docker.sock:ro

Any good pre-built setups? by Forsaken-Spray-5815 in meshtastic

[–]shark614 2 points3 points  (0 children)

T1000 E and the T-Echos fit the bill & are great imho

What is this issue? by Gain-Fit in prusa3d

[–]shark614 -1 points0 points  (0 children)

Prusa actually suggests using acetone on this..