diff --git a/README.md b/README.md index 2ef8d220..3ec4f3a6 100755 --- a/README.md +++ b/README.md @@ -42,12 +42,12 @@ Start NetAlertX in seconds with Docker: ```bash docker run -d --rm --network=host \ - -v local_path/config:/data/config \ - -v local_path/db:/data/db \ + -v /local_data_dir/config:/data/config \ + -v /local_data_dir/db:/data/db \ + -v /etc/localtime:/etc/localtime \ --mount type=tmpfs,target=/tmp/api \ - -e PUID=200 -e PGID=300 \ - -e TZ=Europe/Berlin \ -e PORT=20211 \ + -e APP_CONF_OVERRIDE={"GRAPHQL_PORT":"20214"} \ ghcr.io/jokob-sk/netalertx:latest ``` diff --git a/docs/API_OLD.md b/docs/API_OLD.md index 558cbbb8..2575f261 100755 --- a/docs/API_OLD.md +++ b/docs/API_OLD.md @@ -52,7 +52,7 @@ query GetDevices($options: PageQueryOptionsInput) { } ``` -See also: [Debugging GraphQL issues](./DEBUG_GRAPHQL.md) +See also: [Debugging GraphQL issues](./DEBUG_API_SERVER.md) ### `curl` Command diff --git a/docs/COMMON_ISSUES.md b/docs/COMMON_ISSUES.md index ac1c7b39..d97e9954 100755 --- a/docs/COMMON_ISSUES.md +++ b/docs/COMMON_ISSUES.md @@ -2,6 +2,15 @@ Often if the application is misconfigured the `Loading...` dialog is continuously displayed. This is most likely caused by the backed failing to start. The **Maintenance -> Logs** section should give you more details on what's happening. If there is no exception, check the Portainer log, or start the container in the foreground (without the `-d` parameter) to observe any exceptions. It's advisable to enable `trace` or `debug`. Check the [Debug tips](./DEBUG_TIPS.md) on detailed instructions. +The issue might be related to the backend server, so please check [Debugging GraphQL issues](./DEBUG_API_SERVER.md). + +Please also check the browser logs (usually accessible by pressing `F12`): + +1. Switch to the Console tab and refresh the page +2. Switch to teh Network tab and refresh the page + +If you are not sure how to resolve the errors yourself, please post screenshots of the above into the issue, or discord discussion, where your problem is being solved. + ### Incorrect SCAN_SUBNETS One of the most common issues is not configuring `SCAN_SUBNETS` correctly. If this setting is misconfigured you will only see one or two devices in your devices list after a scan. Please read the [subnets docs](./SUBNETS.md) carefully to resolve this. diff --git a/docs/DEBUG_GRAPHQL.md b/docs/DEBUG_API_SERVER.md old mode 100755 new mode 100644 similarity index 83% rename from docs/DEBUG_GRAPHQL.md rename to docs/DEBUG_API_SERVER.md index c6d90c38..7a8fc361 --- a/docs/DEBUG_GRAPHQL.md +++ b/docs/DEBUG_API_SERVER.md @@ -12,7 +12,7 @@ As a first troubleshooting step try changing the default `GRAPHQL_PORT` setting. Ideally use the Settings UI to update the setting under General -> Core -> GraphQL port: -![GrapQL settings](./img/DEBUG_GRAPHQL/graphql_settings_port_token.png) +![GrapQL settings](./img/DEBUG_API_SERVER/graphql_settings_port_token.png) You might need to temporarily stop other applications or NetAlertX instances causing conflicts to update the setting. The `API_TOKEN` is used to authenticate any API calls, including GraphQL requests. @@ -20,7 +20,7 @@ You might need to temporarily stop other applications or NetAlertX instances cau If the UI is not accessible, you can directly edit the `app.conf` file in your `/config` folder: -![Editing app.conf](./img/DEBUG_GRAPHQL/app_conf_graphql_port.png) +![Editing app.conf](./img/DEBUG_API_SERVER/app_conf_graphql_port.png) ### Using a docker variable @@ -29,7 +29,6 @@ All application settings can also be initialized via the `APP_CONF_OVERRIDE` doc ```yaml ... environment: - - TZ=Europe/Berlin - PORT=20213 - APP_CONF_OVERRIDE={"GRAPHQL_PORT":"20214"} ... @@ -43,22 +42,22 @@ There are several ways to check if the GraphQL server is running. You can navigate to Maintenance -> Init Check to see if `isGraphQLServerRunning` is ticked: -![Init Check](./img/DEBUG_GRAPHQL/Init_check.png) +![Init Check](./img/DEBUG_API_SERVER/Init_check.png) ### Checking the Logs You can navigate to Maintenance -> Logs and search for `graphql` to see if it started correctly and serving requests: -![GraphQL Logs](./img/DEBUG_GRAPHQL/graphql_running_logs.png) +![GraphQL Logs](./img/DEBUG_API_SERVER/graphql_running_logs.png) ### Inspecting the Browser console In your browser open the dev console (usually F12) and navigate to the Network tab where you can filter GraphQL requests (e.g., reload the Devices page). -![Browser Network Tab](./img/DEBUG_GRAPHQL/network_graphql.png) +![Browser Network Tab](./img/DEBUG_API_SERVER/network_graphql.png) You can then inspect any of the POST requests by opening them in a new tab. -![Browser GraphQL Json](./img/DEBUG_GRAPHQL/dev_console_graphql_json.png) +![Browser GraphQL Json](./img/DEBUG_API_SERVER/dev_console_graphql_json.png) diff --git a/docs/DEBUG_TIPS.md b/docs/DEBUG_TIPS.md index 9094e705..a5c63fbd 100755 --- a/docs/DEBUG_TIPS.md +++ b/docs/DEBUG_TIPS.md @@ -14,9 +14,9 @@ Start the container via the **terminal** with a command similar to this one: ```bash docker run --rm --network=host \ - -v local/path/netalertx/config:/data/config \ - -v local/path/netalertx/db:/data/db \ - -e TZ=Europe/Berlin \ + -v /local_data_dir/netalertx/config:/data/config \ + -v /local_data_dir/netalertx/db:/data/db \ + -v /etc/localtime:/etc/localtime \ -e PORT=20211 \ ghcr.io/jokob-sk/netalertx:latest diff --git a/docs/DEV_ENV_SETUP.md b/docs/DEV_ENV_SETUP.md index d466e794..26bbee4d 100755 --- a/docs/DEV_ENV_SETUP.md +++ b/docs/DEV_ENV_SETUP.md @@ -55,7 +55,6 @@ The file content should be following, with your custom values. #-------------------------------- #NETALERTX #-------------------------------- -TZ=Europe/Berlin PORT=22222 # make sure this port is unique on your whole network DEV_LOCATION=/development/NetAlertX APP_DATA_LOCATION=/volume/docker_appdata diff --git a/docs/DOCKER_COMPOSE.md b/docs/DOCKER_COMPOSE.md index 6783a89f..ad5c8e1a 100755 --- a/docs/DOCKER_COMPOSE.md +++ b/docs/DOCKER_COMPOSE.md @@ -45,7 +45,7 @@ services: # - /home/user/netalertx_data:/data:rw - type: bind # Bind mount for timezone consistency - source: /etc/localtime # Alternatively add environment TZ: America/New York + source: /etc/localtime target: /etc/localtime read_only: true @@ -131,9 +131,9 @@ However, if you prefer to have direct, file-level access to your configuration f **How to make the change:** -1. Choose a location on your computer. For example, `/home/adam/netalertx-files`. +1. Choose a location on your computer. For example, `/local_data_dir`. -2. Create the subfolders: `mkdir -p /home/adam/netalertx-files/config` and `mkdir -p /home/adam/netalertx-files/db`. +2. Create the subfolders: `mkdir -p /local_data_dir/config` and `mkdir -p /local_data_dir/db`. 3. Edit your `docker-compose.yml` and find the `volumes:` section (the one *inside* the `netalertx:` service). @@ -152,19 +152,19 @@ However, if you prefer to have direct, file-level access to your configuration f ``` **After (Using a Local Folder / Bind Mount):** -Make sure to replace `/home/adam/netalertx-files` with your actual path. The format is `::`. +Make sure to replace `/local_data_dir` with your actual path. The format is `::`. ```yaml ... volumes: # - netalertx_config:/data/config:rw # - netalertx_db:/data/db:rw - - /home/adam/netalertx-files/config:/data/config:rw - - /home/adam/netalertx-files/db:/data/db:rw + - /local_data_dir/config:/data/config:rw + - /local_data_dir/db:/data/db:rw ... ``` -Now, any files created by NetAlertX in `/data/config` will appear in your `/home/adam/netalertx-files/config` folder. +Now, any files created by NetAlertX in `/data/config` will appear in your `/local_data_dir/config` folder. This same method works for mounting other things, like custom plugins or enterprise NGINX files, as shown in the commented-out examples in the baseline file. @@ -183,8 +183,8 @@ This method is useful for keeping your paths and other settings separate from yo services: netalertx: environment: - - TZ=${TZ} - PORT=${PORT} + - GRAPHQL_PORT=${GRAPHQL_PORT} ... ``` @@ -192,11 +192,9 @@ services: **`.env` file contents:** ```sh -TZ=Europe/Paris PORT=20211 NETALERTX_NETWORK_MODE=host LISTEN_ADDR=0.0.0.0 -PORT=20211 GRAPHQL_PORT=20212 ``` diff --git a/docs/DOCKER_INSTALLATION.md b/docs/DOCKER_INSTALLATION.md index 4d54db81..2acdb571 100644 --- a/docs/DOCKER_INSTALLATION.md +++ b/docs/DOCKER_INSTALLATION.md @@ -23,28 +23,32 @@ Head to [https://netalertx.com/](https://netalertx.com/) for more gifs and scree > [!WARNING] > You will have to run the container on the `host` network and specify `SCAN_SUBNETS` unless you use other [plugin scanners](https://github.com/jokob-sk/NetAlertX/blob/main/docs/PLUGINS.md). The initial scan can take a few minutes, so please wait 5-10 minutes for the initial discovery to finish. -```yaml +```bash docker run -d --rm --network=host \ - -v local_path/config:/data/config \ - -v local_path/db:/data/db \ + -v /local_data_dir/config:/data/config \ + -v /local_data_dir/db:/data/db \ + -v /etc/localtime:/etc/localtime \ --mount type=tmpfs,target=/tmp/api \ - -e PUID=200 -e PGID=300 \ - -e TZ=Europe/Berlin \ -e PORT=20211 \ + -e APP_CONF_OVERRIDE={"GRAPHQL_PORT":"20214"} \ ghcr.io/jokob-sk/netalertx:latest ``` See alternative [docked-compose examples](https://github.com/jokob-sk/NetAlertX/blob/main/docs/DOCKER_COMPOSE.md). +### Default ports + +| Default | Description | How to override | +| :------------- |:-------------------------------| ----------------------------------------------------------------------------------:| +| `20211` |Port of the web interface | `-e PORT=20222` | +| `20212` |Port of the backend API server | `-e APP_CONF_OVERRIDE={"GRAPHQL_PORT":"20214"}` or via the `GRAPHQL_PORT` Setting | + ### Docker environment variables | Variable | Description | Example Value | | :------------- |:------------------------| -----:| | `PORT` |Port of the web interface | `20211` | -| `PUID` |Application User UID | `102` | -| `PGID` |Application User GID | `82` | | `LISTEN_ADDR` |Set the specific IP Address for the listener address for the nginx webserver (web interface). This could be useful when using multiple subnets to hide the web interface from all untrusted networks. | `0.0.0.0` | -|`TZ` |Time zone to display stats correctly. Find your time zone [here](https://en.wikipedia.org/wiki/List_of_tz_database_time_zones) | `Europe/Berlin` | |`LOADED_PLUGINS` | Default [plugins](https://github.com/jokob-sk/NetAlertX/blob/main/docs/PLUGINS.md) to load. Plugins cannot be loaded with `APP_CONF_OVERRIDE`, you need to use this variable instead and then specify the plugins settings with `APP_CONF_OVERRIDE`. | `["PIHOLE","ASUSWRT"]` | |`APP_CONF_OVERRIDE` | JSON override for settings (except `LOADED_PLUGINS`). | `{"SCAN_SUBNETS":"['192.168.1.0/24 --interface=eth1']","GRAPHQL_PORT":"20212"}` | |`ALWAYS_FRESH_INSTALL` | ⚠ If `true` will delete the content of the `/db` & `/config` folders. For testing purposes. Can be coupled with [watchtower](https://github.com/containrrr/watchtower) to have an always freshly installed `netalertx`/`netalertx-dev` image. | `true` | @@ -60,8 +64,9 @@ See alternative [docked-compose examples](https://github.com/jokob-sk/NetAlertX/ | :------------- | :------------- | :-------------| | ✅ | `:/data/config` | Folder which will contain the `app.conf` & `devices.csv` ([read about devices.csv](https://github.com/jokob-sk/NetAlertX/blob/main/docs/DEVICES_BULK_EDITING.md)) files | | ✅ | `:/data/db` | Folder which will contain the `app.db` database file | +| ✅ | `/etc/localtime:/etc/localtime:ro` | Ensuring the timezone is teh same as on teh server. | | | `:/tmp/log` | Logs folder useful for debugging if you have issues setting up the container | -| | `:/tmp/api` | A simple [API endpoint](https://github.com/jokob-sk/NetAlertX/blob/main/docs/API.md) containing static (but regularly updated) json and other files. Path configurable via `NETALERTX_API` environment variable. | +| | `:/tmp/api` | The [API endpoint](https://github.com/jokob-sk/NetAlertX/blob/main/docs/API.md) containing static (but regularly updated) json and other files. Path configurable via `NETALERTX_API` environment variable. | | | `:/app/front/plugins//ignore_plugin` | Map a file `ignore_plugin` to ignore a plugin. Plugins can be soft-disabled via settings. More in the [Plugin docs](https://github.com/jokob-sk/NetAlertX/blob/main/docs/PLUGINS.md). | | | `:/etc/resolv.conf` | Use a custom `resolv.conf` file for [better name resolution](https://github.com/jokob-sk/NetAlertX/blob/main/docs/REVERSE_DNS.md). | diff --git a/docs/DOCKER_PORTAINER.md b/docs/DOCKER_PORTAINER.md index 3bedf264..ba97dcd6 100755 --- a/docs/DOCKER_PORTAINER.md +++ b/docs/DOCKER_PORTAINER.md @@ -8,12 +8,12 @@ This guide shows you how to set up **NetAlertX** using Portainer’s **Stacks** ## 1. Prepare Your Host -Before deploying, make sure you have a folder on your Docker host for NetAlertX data. Replace `APP_FOLDER` with your preferred location, for example `/opt` here: +Before deploying, make sure you have a folder on your Docker host for NetAlertX data. Replace `APP_FOLDER` with your preferred location, for example `/local_data_dir` here: ```bash -mkdir -p /opt/netalertx/config -mkdir -p /opt/netalertx/db -mkdir -p /opt/netalertx/log +mkdir -p /local_data_dir/netalertx/config +mkdir -p /local_data_dir/netalertx/db +mkdir -p /local_data_dir/netalertx/log ``` --- @@ -59,7 +59,6 @@ services: # - ${APP_FOLDER}/netalertx/api:/tmp/api environment: - - TZ=${TZ} - PORT=${PORT} - APP_CONF_OVERRIDE=${APP_CONF_OVERRIDE} ``` @@ -70,14 +69,25 @@ services: In the **Environment variables** section of Portainer, add the following: -* `APP_FOLDER=/opt` (or wherever you created the directories in step 1) -* `TZ=Europe/Berlin` (replace with your timezone) +* `APP_FOLDER=/local_data_dir` (or wherever you created the directories in step 1) * `PORT=22022` (or another port if needed) -* `APP_CONF_OVERRIDE={"GRAPHQL_PORT":"22023"}` (optional advanced settings) +* `APP_CONF_OVERRIDE={"GRAPHQL_PORT":"22023"}` (optional advanced settings, otherwise the backend API server PORT defaults to `20212`) --- -## 5. Deploy the Stack +## 5. Ensure permissions + +> [!TIP] +> If you are facing permissions issues run the following commands on your server. This will change the owner and assure sufficient access to the database and config files that are stored in the `/local_data_dir/db` and `/local_data_dir/config` folders (replace `local_data_dir` with the location where your `/db` and `/config` folders are located). +> ```bash +> sudo chown -R 20211:20211 /local_data_dir +> sudo chmod -R a+rwx /local_data_dir +> ``` + + +--- + +## 6. Deploy the Stack 1. Scroll down and click **Deploy the stack**. 2. Portainer will pull the image and start NetAlertX. @@ -89,7 +99,7 @@ http://:22022 --- -## 6. Verify and Troubleshoot +## 7. Verify and Troubleshoot * Check logs via Portainer → **Containers** → `netalertx` → **Logs**. * Logs are stored under `${APP_FOLDER}/netalertx/log` if you enabled that volume. diff --git a/docs/DOCKER_SWARM.md b/docs/DOCKER_SWARM.md index e3413138..89ab6381 100755 --- a/docs/DOCKER_SWARM.md +++ b/docs/DOCKER_SWARM.md @@ -47,8 +47,8 @@ services: - /mnt/YOUR_SERVER/netalertx/config:/data/config:rw - /mnt/YOUR_SERVER/netalertx/db:/netalertx/data/db:rw - /mnt/YOUR_SERVER/netalertx/logs:/netalertx/tmp/log:rw + - /etc/localtime:/etc/localtime:ro environment: - - TZ=Europe/London - PORT=20211 networks: swarm-ipvlan: diff --git a/docs/FILE_PERMISSIONS.md b/docs/FILE_PERMISSIONS.md index cd51a0b2..7e0e9984 100755 --- a/docs/FILE_PERMISSIONS.md +++ b/docs/FILE_PERMISSIONS.md @@ -35,8 +35,8 @@ Sometimes, permission issues arise if your existing host directories were create ```bash docker run -it --rm --name netalertx --user "0" \ - -v local/path/config:/data/config \ - -v local/path/db:/data/db \ + -v /local_data_dir/config:/data/config \ + -v /local_data_dir/db:/data/db \ ghcr.io/jokob-sk/netalertx:latest ``` @@ -46,6 +46,13 @@ docker run -it --rm --name netalertx --user "0" \ > The container startup script detects `root` and runs `chown -R 20211:20211` on all volumes, fixing ownership for the secure `netalertx` user. +> [!TIP] +> If you are facing permissions issues run the following commands on your server. This will change the owner and assure sufficient access to the database and config files that are stored in the `/local_data_dir/db` and `/local_data_dir/config` folders (replace `local_data_dir` with the location where your `/db` and `/config` folders are located). +> ```bash +> sudo chown -R 20211:20211 /local_data_dir +> sudo chmod -R a+rwx /local_data_dir +> ``` + --- ## Example: docker-compose.yml with `tmpfs` @@ -55,17 +62,19 @@ services: netalertx: container_name: netalertx image: "ghcr.io/jokob-sk/netalertx" - network_mode: "host" - cap_add: - - NET_RAW - - NET_ADMIN - - NET_BIND_SERVICE + network_mode: "host" + cap_drop: # Drop all capabilities for enhanced security + - ALL + cap_add: # Add only the necessary capabilities + - NET_ADMIN # Required for ARP scanning + - NET_RAW # Required for raw socket operations + - NET_BIND_SERVICE # Required to bind to privileged ports (nbtscan) restart: unless-stopped volumes: - - local/path/config:/data/config - - local/path/db:/data/db - environment: - - TZ=Europe/Berlin + - /local_data_dir/config:/data/config + - /local_data_dir/db:/data/db + - /etc/localtime:/etc/localtime + environment: - PORT=20211 tmpfs: - "/tmp:uid=20211,gid=20211,mode=1700,rw,noexec,nosuid,nodev,async,noatime,nodiratime" diff --git a/docs/MIGRATION.md b/docs/MIGRATION.md index 94f16e1b..b71c2c10 100755 --- a/docs/MIGRATION.md +++ b/docs/MIGRATION.md @@ -85,10 +85,10 @@ services: network_mode: "host" restart: unless-stopped volumes: - - /local/path/config:/home/pi/pialert/config - - /local/path/db:/home/pi/pialert/db + - /local_data_dir/config:/home/pi/pialert/config + - /local_data_dir/db:/home/pi/pialert/db # (optional) useful for debugging if you have issues setting up the container - - /local/path/logs:/home/pi/pialert/front/log + - /local_data_dir/logs:/home/pi/pialert/front/log environment: - TZ=Europe/Berlin - PORT=20211 @@ -104,10 +104,10 @@ services: network_mode: "host" restart: unless-stopped volumes: - - /local/path/config:/data/config # 🆕 This has changed - - /local/path/db:/data/db # 🆕 This has changed + - /local_data_dir/config:/data/config # 🆕 This has changed + - /local_data_dir/db:/data/db # 🆕 This has changed # (optional) useful for debugging if you have issues setting up the container - - /local/path/logs:/tmp/log # 🆕 This has changed + - /local_data_dir/logs:/tmp/log # 🆕 This has changed environment: - TZ=Europe/Berlin - PORT=20211 @@ -131,10 +131,10 @@ services: network_mode: "host" restart: unless-stopped volumes: - - /local/path/config/pialert.conf:/home/pi/pialert/config/pialert.conf - - /local/path/db/pialert.db:/home/pi/pialert/db/pialert.db + - /local_data_dir/config/pialert.conf:/home/pi/pialert/config/pialert.conf + - /local_data_dir/db/pialert.db:/home/pi/pialert/db/pialert.db # (optional) useful for debugging if you have issues setting up the container - - /local/path/logs:/home/pi/pialert/front/log + - /local_data_dir/logs:/home/pi/pialert/front/log environment: - TZ=Europe/Berlin - PORT=20211 @@ -150,10 +150,10 @@ services: network_mode: "host" restart: unless-stopped volumes: - - /local/path/config/app.conf:/data/config/app.conf # 🆕 This has changed - - /local/path/db/app.db:/data/db/app.db # 🆕 This has changed + - /local_data_dir/config/app.conf:/data/config/app.conf # 🆕 This has changed + - /local_data_dir/db/app.db:/data/db/app.db # 🆕 This has changed # (optional) useful for debugging if you have issues setting up the container - - /local/path/logs:/tmp/log # 🆕 This has changed + - /local_data_dir/logs:/tmp/log # 🆕 This has changed environment: - TZ=Europe/Berlin - PORT=20211 @@ -190,10 +190,10 @@ services: network_mode: "host" restart: unless-stopped volumes: - - /local/path/config:/data/config - - /local/path/db:/data/db + - /local_data_dir/config:/data/config + - /local_data_dir/db:/data/db # (optional) useful for debugging if you have issues setting up the container - - /local/path/logs:/tmp/log + - /local_data_dir/logs:/tmp/log environment: - TZ=Europe/Berlin - PORT=20211 @@ -207,10 +207,10 @@ services: network_mode: "host" restart: unless-stopped volumes: - - /local/path/config:/data/config - - /local/path/db:/data/db + - /local_data_dir/config:/data/config + - /local_data_dir/db:/data/db # (optional) useful for debugging if you have issues setting up the container - - /local/path/logs:/tmp/log + - /local_data_dir/logs:/tmp/log environment: - TZ=Europe/Berlin - PORT=20211 @@ -234,10 +234,10 @@ services: network_mode: "host" restart: unless-stopped volumes: - - /local/path/config:/data/config - - /local/path/db:/data/db + - /local_data_dir/config:/data/config + - /local_data_dir/db:/data/db # (optional) useful for debugging if you have issues setting up the container - - /local/path/logs:/tmp/log + - /local_data_dir/logs:/tmp/log environment: - TZ=Europe/Berlin - PORT=20211 @@ -248,22 +248,22 @@ services: 6. Perform a one-off migration to the latest `netalertx` image and `20211` user: > [!NOTE] -> The example below assumes your `/config` and `/db` folders are stored in `local/path`. +> The example below assumes your `/config` and `/db` folders are stored in `local_data_dir`. > Replace this path with your actual configuration directory. `netalertx` is the container name, which might differ from your setup. ```sh docker run -it --rm --name netalertx --user "0" \ - -v /local/path/config:/data/config \ - -v /local/path/db:/data/db \ + -v /local_data_dir/config:/data/config \ + -v /local_data_dir/db:/data/db \ ghcr.io/jokob-sk/netalertx:latest ``` ..or alternatively execute: ```bash -sudo chown -R 20211:20211 /local/path/config -sudo chown -R 20211:20211 /local/path/db -sudo chmod -R a+rwx /local/path/ +sudo chown -R 20211:20211 /local_data_dir/config +sudo chown -R 20211:20211 /local_data_dir/db +sudo chmod -R a+rwx /local_data_dir/ ``` 7. Stop the container @@ -273,20 +273,23 @@ sudo chmod -R a+rwx /local/path/ services: netalertx: container_name: netalertx - image: "ghcr.io/jokob-sk/netalertx" # 🆕 This is important - network_mode: "host" - cap_add: # 🆕 New line - - NET_RAW # 🆕 New line - - NET_ADMIN # 🆕 New line - - NET_BIND_SERVICE # 🆕 New line + image: "ghcr.io/jokob-sk/netalertx" # 🆕 This is important + network_mode: "host" + cap_drop: # 🆕 New line + - ALL # 🆕 New line + cap_add: # 🆕 New line + - NET_RAW # 🆕 New line + - NET_ADMIN # 🆕 New line + - NET_BIND_SERVICE # 🆕 New line restart: unless-stopped volumes: - - /local/path/config:/data/config - - /local/path/db:/data/db + - /local_data_dir/config:/data/config + - /local_data_dir/db:/data/db # (optional) useful for debugging if you have issues setting up the container - #- /local/path/logs:/tmp/log + #- /local_data_dir/logs:/tmp/log + # Ensuring the timezone is the same as on the server - make sure also the TIMEZONE setting is configured + - /etc/localtime:/etc/localtime:ro # 🆕 New line environment: - - TZ=Europe/Berlin - PORT=20211 # 🆕 New "tmpfs" section START 🔽 tmpfs: diff --git a/docs/PERFORMANCE.md b/docs/PERFORMANCE.md index 4c3e625c..0434bbcf 100755 --- a/docs/PERFORMANCE.md +++ b/docs/PERFORMANCE.md @@ -80,17 +80,18 @@ services: network_mode: "host" restart: unless-stopped volumes: - - local/path/config:/data/config - - local/path/db:/data/db + - /local_data_dir/config:/data/config + - /local_data_dir/db:/data/db # (Optional) Useful for debugging setup issues - - local/path/logs:/tmp/log + - /local_data_dir/logs:/tmp/log # (API: OPTION 1) Store temporary files in memory (recommended for performance) - type: tmpfs # ◀ 🔺 target: /tmp/api # ◀ 🔺 # (API: OPTION 2) Store API data on disk (useful for debugging) - # - local/path/api:/tmp/api - environment: - - TZ=Europe/Berlin + # - /local_data_dir/api:/tmp/api + # Ensuring the timezone is the same as on the server - make sure also the TIMEZONE setting is configured + - /etc/localtime:/etc/localtime:ro + environment: - PORT=20211 ``` diff --git a/docs/REVERSE_DNS.md b/docs/REVERSE_DNS.md index 62199d93..4576c18d 100755 --- a/docs/REVERSE_DNS.md +++ b/docs/REVERSE_DNS.md @@ -3,7 +3,7 @@ If you are running a DNS server, such as **AdGuard**, set up **Private reverse DNS servers** for a better name resolution on your network. Enabling this setting will enable NetAlertX to execute dig and nslookup commands to automatically resolve device names based on their IP addresses. > [!TIP] -> Before proceeding, ensure that [name resolution plugins](./NAME_RESOLUTION.md) are enabled. +> Before proceeding, ensure that [name resolution plugins](/local_data_dir/NAME_RESOLUTION.md) are enabled. > You can customize how names are cleaned using the `NEWDEV_NAME_CLEANUP_REGEX` setting. > To auto-update Fully Qualified Domain Names (FQDN), enable the `REFRESH_FQDN` setting. @@ -42,11 +42,12 @@ services: image: "ghcr.io/jokob-sk/netalertx:latest" restart: unless-stopped volumes: - - /home/netalertx/config:/data/config - - /home/netalertx/db:/data/db - - /home/netalertx/log:/tmp/log + - /local_data_dir/config:/data/config + - /local_data_dir/db:/data/db + # - /local_data_dir/log:/tmp/log + # Ensuring the timezone is the same as on the server - make sure also the TIMEZONE setting is configured + - /etc/localtime:/etc/localtime:ro environment: - - TZ=Europe/Berlin - PORT=20211 network_mode: host dns: # specifying the DNS servers used for the container @@ -68,19 +69,18 @@ services: image: "ghcr.io/jokob-sk/netalertx:latest" restart: unless-stopped volumes: - - ./config/app.conf:/data/config/app.conf - - ./db:/data/db - - ./log:/tmp/log - - ./config/resolv.conf:/etc/resolv.conf # Mapping the /resolv.conf file for better name resolution + - /local_data_dir/config/app.conf:/data/config/app.conf + - /local_data_dir/db:/data/db + - /local_data_dir/log:/tmp/log + - /local_data_dir/config/resolv.conf:/etc/resolv.conf # ⚠ Mapping the /resolv.conf file for better name resolution + # Ensuring the timezone is the same as on the server - make sure also the TIMEZONE setting is configured + - /etc/localtime:/etc/localtime:ro environment: - - TZ=Europe/Berlin - PORT=20211 - ports: - - "20211:20211" network_mode: host ``` -#### ./config/resolv.conf: +#### /local_data_dir/config/resolv.conf: The most important below is the `nameserver` entry (you can add multiple): diff --git a/docs/REVERSE_PROXY.md b/docs/REVERSE_PROXY.md index b507d9d4..4723ec93 100755 --- a/docs/REVERSE_PROXY.md +++ b/docs/REVERSE_PROXY.md @@ -501,8 +501,8 @@ docker run -d --rm --network=host \ --name=netalertx \ -v /appl/docker/netalertx/config:/data/config \ -v /appl/docker/netalertx/db:/data/db \ + -v /etc/localtime:/etc/localtime \ -v /appl/docker/netalertx/default:/etc/nginx/sites-available/default \ - -e TZ=Europe/Amsterdam \ -e PORT=20211 \ ghcr.io/jokob-sk/netalertx:latest diff --git a/docs/SYNOLOGY_GUIDE.md b/docs/SYNOLOGY_GUIDE.md index 728e99d0..8a8bdb96 100755 --- a/docs/SYNOLOGY_GUIDE.md +++ b/docs/SYNOLOGY_GUIDE.md @@ -44,8 +44,9 @@ services: - local/path/db:/data/db # (optional) useful for debugging if you have issues setting up the container - local/path/logs:/tmp/log + # Ensuring the timezone is the same as on the server - make sure also the TIMEZONE setting is configured + - /etc/localtime:/etc/localtime:ro environment: - - TZ=Europe/Berlin - PORT=20211 ```