From 1399e3881a6ef3e019496f1dc8594b9a579be919 Mon Sep 17 00:00:00 2001
From: Ingo Ratsdorf <ingo@envirology.co.nz>
Date: Wed, 10 Sep 2025 08:21:50 +1200
Subject: [PATCH 1/9] Ubuntu installer

Adds bare metal installer for ubuntu. Tested with version 24.04. You may want to or have to change the PHPVERSION variable in the start script for other versions
---
 install/ubuntu/install.ubuntu.sh     |  86 +++++++++++
 install/ubuntu/netalertx.ubuntu.conf |  20 +++
 install/ubuntu/start.ubuntu.sh       | 216 +++++++++++++++++++++++++++
 3 files changed, 322 insertions(+)
 create mode 100644 install/ubuntu/install.ubuntu.sh
 create mode 100644 install/ubuntu/netalertx.ubuntu.conf
 create mode 100644 install/ubuntu/start.ubuntu.sh

diff --git a/install/ubuntu/install.ubuntu.sh b/install/ubuntu/install.ubuntu.sh
new file mode 100644
index 00000000..5d1ecb2b
--- /dev/null
+++ b/install/ubuntu/install.ubuntu.sh
@@ -0,0 +1,86 @@
+#!/usr/bin/env bash
+
+# 🛑 Important: This is only used for the bare-metal install 🛑 
+# Update /install/start.ubuntu.sh in most cases is preferred 
+
+echo "---------------------------------------------------------"
+echo "[INSTALL] Starting NetAlertX installation for Ubuntu"
+echo "---------------------------------------------------------"
+echo
+echo "This script will install NetAlertX on your Ubuntu system."
+echo "It will clone the repository, set up necessary files, and start the application."
+echo "Please ensure you have a stable internet connection."
+echo "---------------------------------------------------------"
+
+# Set environment variables
+INSTALL_DIR=/app  # Specify the installation directory here
+
+# Check if script is run as root
+if [[ $EUID -ne 0 ]]; then
+    echo "This script must be run as root. Please use 'sudo'." 
+    exit 1
+fi
+
+# Prepare the environment
+echo "Updating packages"
+echo "-----------------"
+apt-get update
+echo "Making sure sudo is installed"
+apt-get install sudo -y
+
+# Install Git
+echo "Installing Git"
+apt-get install -y git
+
+# Clean the directory, ask for confirmation
+if [ -d "$INSTALL_DIR" ]; then
+  echo "The installation directory exists. Removing it to ensure a clean install."
+  echo "Are you sure you want to continue? This will delete all existing files in $INSTALL_DIR."
+  echo "Type:"
+  echo " - 'install' to continue"
+  echo " - 'update' to just update from GIT"
+  echo " - 'start' to do nothing, leave install as-is"
+  if [ "$1" == "install" ] || [ "$1" == "update" ] || [ "$1" == "start" ]; then
+    confirmation=$1
+  else
+    read -p "Enter your choice: " confirmation
+  fi
+  if [ "$confirmation" == "install" ]; then
+    if [ -n "$INSTALL_DIR" ] && [ "$INSTALL_DIR" != "" ]; then
+      echo "Removing existing installation..."
+      service nginx stop 2>/dev/null
+      pkill -f "python /app/server" 2>/dev/null
+      umount  "$INSTALL_DIR/api" 2>/dev/null
+      umount  "$INSTALL_DIR/front" 2>/dev/null
+      rm -rf "$INSTALL_DIR/"
+      git clone https://github.com/jokob-sk/NetAlertX "$INSTALL_DIR/"
+    else
+      echo "INSTALL_DIR is not set or is root. Aborting for safety."
+      exit 1
+    fi
+  elif [ "$confirmation" == "update" ]; then
+    echo "Updating the existing installation..."
+    service nginx stop 2>/dev/null
+    pkill -f "python /app/server" 2>/dev/null
+    cd "$INSTALL_DIR" || { echo "Failed to change directory to $INSTALL_DIR"; exit 1; }
+    git pull
+  elif [ "$confirmation" == "start" ]; then
+    echo "Continuing without changes."
+  else
+    echo "Installation aborted."
+    exit 1
+  fi
+else
+  git clone https://github.com/jokob-sk/NetAlertX "$INSTALL_DIR/"
+fi
+
+# Check for buildtimestamp.txt existence, otherwise create it
+if [ ! -f "$INSTALL_DIR/front/buildtimestamp.txt" ]; then
+  date +%s > "$INSTALL_DIR/front/buildtimestamp.txt"
+fi
+
+# Start NetAlertX
+
+# This is where we setup the virtual environment and install dependencies
+cd "$INSTALL_DIR/install/ubuntu" || { echo "Failed to change directory to $INSTALL_DIR/install/ubuntu"; exit 1; }
+"$INSTALL_DIR/install/ubuntu/start.ubuntu.sh"
diff --git a/install/ubuntu/netalertx.ubuntu.conf b/install/ubuntu/netalertx.ubuntu.conf
new file mode 100644
index 00000000..e5d1e642
--- /dev/null
+++ b/install/ubuntu/netalertx.ubuntu.conf
@@ -0,0 +1,20 @@
+server {
+    listen 20211 default_server;
+    root /var/www/html/netalertx;
+    index index.php;
+    #rewrite /app/(.*) / permanent;
+    add_header X-Forwarded-Prefix "/netalertx" always;
+    proxy_set_header X-Forwarded-Prefix "/netalertx";
+
+  location ~* \.php$ {
+    # Set Cache-Control header to prevent caching on the first load
+    add_header Cache-Control "no-store";
+    fastcgi_pass unix:/run/php/php8.3-fpm.sock;
+    include         fastcgi_params;
+    fastcgi_param   SCRIPT_FILENAME    $document_root$fastcgi_script_name;
+    fastcgi_param   SCRIPT_NAME        $fastcgi_script_name;
+    fastcgi_connect_timeout 75;
+          fastcgi_send_timeout 600;
+          fastcgi_read_timeout 600;
+  }
+}
diff --git a/install/ubuntu/start.ubuntu.sh b/install/ubuntu/start.ubuntu.sh
new file mode 100644
index 00000000..627a5dff
--- /dev/null
+++ b/install/ubuntu/start.ubuntu.sh
@@ -0,0 +1,216 @@
+#!/usr/bin/env bash
+
+echo "---------------------------------------------------------"
+echo "[INSTALL]"
+echo "---------------------------------------------------------"
+echo
+echo "This script will set up and start NetAlertX on your Ubuntu system."
+
+# Specify the installation directory here
+INSTALL_DIR=/app
+
+# DO NOT CHANGE ANYTHING BELOW THIS LINE!
+CONF_FILE=app.conf
+DB_FILE=app.db
+NGINX_CONF_FILE=netalertx.ubuntu.conf
+WEB_UI_DIR=/var/www/html/netalertx
+NGINX_CONFIG_FILE=/etc/nginx/conf.d/$NGINX_CONF_FILE
+OUI_FILE="/usr/share/arp-scan/ieee-oui.txt" # Define the path to ieee-oui.txt and ieee-iab.txt
+INSTALL_PATH=$INSTALL_DIR
+FILEDB=$INSTALL_PATH/db/$DB_FILE
+PHPVERSION="8.3"
+# DO NOT CHANGE ANYTHING ABOVE THIS LINE!
+
+# if custom variables not set we do not need to do anything
+if [ -n "${TZ}" ]; then    
+  FILECONF=$INSTALL_PATH/config/$CONF_FILE 
+  if [ -f "$FILECONF" ]; then
+    sed -ie "s|Europe/Berlin|${TZ}|g" $INSTALL_PATH/config/$CONF_FILE 
+  else 
+    sed -ie "s|Europe/Berlin|${TZ}|g" $INSTALL_PATH/back/$CONF_FILE.bak 
+  fi
+fi
+
+
+# Check if script is run as root
+if [[ $EUID -ne 0 ]]; then
+    echo "This script must be run as root. Please use 'sudo'." 
+    exit 1
+fi
+
+
+
+echo "---------------------------------------------------------"
+echo "[INSTALL] Installing depemdecies"
+echo "---------------------------------------------------------"
+echo
+
+
+# Install dependencies
+sudo apt-get install -y \
+    tini snmp ca-certificates curl libwww-perl arp-scan perl apt-utils cron sudo \
+    nginx-light php php-cgi php-fpm php-sqlite3 php-curl sqlite3 dnsutils net-tools \
+    python3 python3-dev iproute2 nmap python3-pip zip usbutils traceroute nbtscan avahi-daemon avahi-utils build-essential
+
+# alternate dependencies
+sudo apt-get install nginx nginx-core mtr php-fpm php${PHPVERSION}-fpm php-cli php${PHPVERSION} php${PHPVERSION}-sqlite3 -y
+sudo phpenmod -v ${PHPVERSION} sqlite3
+
+sudo update-alternatives --install /usr/bin/python python /usr/bin/python3 10
+
+cd $INSTALL_DIR/install/ubuntu || { echo "Failed to change directory to $INSTALL_DIR/install/ubuntu"; exit 1; }
+
+# setup virtual python environment so we can use pip3 to install packages
+sudo apt-get install python3-venv -y
+python3 -m venv myenv
+source myenv/bin/activate
+
+#  install packages thru pip3
+pip3 install openwrt-luci-rpc asusrouter asyncio aiohttp graphene flask flask-cors unifi-sm-api tplink-omada-client wakeonlan pycryptodome requests paho-mqtt scapy cron-converter pytz json2table dhcp-leases pyunifi speedtest-cli chardet python-nmap dnspython librouteros yattag git+https://github.com/foreign-sub/aiofreepybox.git 
+
+
+
+
+echo "---------------------------------------------------------"
+echo "[INSTALL] Installing NGINX and setting up the web server"
+echo "---------------------------------------------------------"
+echo
+echo "[INSTALL] Stopping anyNGINX web server"
+
+service nginx stop 2>/dev/null
+pkill -f "python /app/server" 2>/dev/null
+
+echo "[INSTALL] Updating the existing installation..."
+
+# Remove default NGINX site if it is symlinked, or backup it otherwise
+if [ -L /etc/nginx/sites-enabled/default ] ; then
+  echo "[INSTALL] Disabling default NGINX site, removing sym-link in /etc/nginx/sites-enabled"
+  sudo rm /etc/nginx/sites-enabled/default
+elif [ -f /etc/nginx/sites-enabled/default ]; then
+  echo "[INSTALL] Disabling default NGINX site, moving config to /etc/nginx/sites-available"
+  sudo mv /etc/nginx/sites-enabled/default /etc/nginx/sites-available/default.bkp_netalertx
+fi
+
+# Clear existing directories and files
+if [ -d $WEB_UI_DIR ]; then
+  echo "[INSTALL] Removing existing NetAlertX web-UI"
+  sudo rm -R $WEB_UI_DIR
+fi
+
+if [ -L "$NGINX_CONFIG_FILE" ]; then
+  echo "[INSTALL] Removing existing NetAlertX NGINX config"
+  sudo rm "$NGINX_CONFIG_FILE"
+fi
+
+# create symbolic link to the  install directory
+ln -s $INSTALL_PATH/front $WEB_UI_DIR
+# create symbolic link to NGINX configuration coming with NetAlertX
+sudo ln -s "${INSTALL_PATH}/install/ubuntu/$NGINX_CONF_FILE" $NGINX_CONFIG_FILE
+
+# Use user-supplied port if set
+if [ -n "${PORT}" ]; then
+  echo "[INSTALL] Setting webserver to user-supplied port ($PORT)"
+  sudo sed -i 's/listen 20211/listen '"$PORT"'/g' $NGINX_CONFIG_FILE
+fi
+
+# Change web interface address if set
+if [ -n "${LISTEN_ADDR}" ]; then
+  echo "[INSTALL] Setting webserver to user-supplied address (${LISTEN_ADDR})"
+  sed -ie 's/listen /listen '"${LISTEN_ADDR}":'/g' $NGINX_CONFIG_FILE
+fi
+
+# Change php version
+echo "[INSTALL] Setting PHP version to ${PHPVERSION}"
+sed -i 's#unix:/run/php/php8.3-fpm.sock#unix:/run/php/php'"${PHPVERSION}"'-fpm.sock#ig' $NGINX_CONFIG_FILE
+
+# Run the hardware vendors update at least once
+echo "[INSTALL] Run the hardware vendors update"
+
+# Check if ieee-oui.txt or ieee-iab.txt exist
+if [ -f "$OUI_FILE" ]; then
+  echo "[INSTALL] The file ieee-oui.txt exists. Skipping update_vendors.sh..."
+else
+  echo "[INSTALL] The file ieee-oui.txt does not exist. Running update_vendors..."
+
+  # Run the update_vendors.sh script
+  if [ -f "${INSTALL_PATH}/back/update_vendors.sh" ]; then
+    "${INSTALL_PATH}/back/update_vendors.sh"
+  else
+    echo "[INSTALL] update_vendors.sh script not found in $INSTALL_DIR."    
+  fi
+fi
+
+# create log and api mounts
+
+echo "[INSTALL] Create log and api mounts"
+sudo umount "${INSTALL_DIR}"/log
+sudo umount "${INSTALL_DIR}"/api
+sudo mount tmpfs -t tmpfs "${INSTALL_DIR}"/log
+sudo mount tmpfs -t tmpfs "${INSTALL_DIR}"/api
+
+# Create an empty log files
+
+# Create the execution_queue.log file if it doesn't exist
+touch "${INSTALL_DIR}"/log/{app.log,execution_queue.log,app_front.log,app.php_errors.log,stderr.log,stdout.log,db_is_locked.log}
+touch "${INSTALL_DIR}"/api/user_notifications.json
+# Create plugins sub-directory if it doesn't exist in case a custom log folder is used
+mkdir -p "${INSTALL_DIR}"/log/plugins
+
+# Fixing file permissions
+echo "[INSTALL] Fixing file permissions"
+chown root:www-data "${INSTALL_DIR}"/api/user_notifications.json
+
+echo "[INSTALL] Fixing WEB_UI_DIR: ${WEB_UI_DIR}"
+
+chmod -R a+rwx $WEB_UI_DIR
+
+echo "[INSTALL] Fixing INSTALL_DIR: ${INSTALL_DIR}"
+
+chmod -R a+rw $INSTALL_PATH/log
+chmod -R a+rwx $INSTALL_DIR
+
+echo "[INSTALL] Copy starter $DB_FILE and $CONF_FILE if they don't exist"
+
+
+# DANGER ZONE: ALWAYS_FRESH_INSTALL 
+if [ "$ALWAYS_FRESH_INSTALL" = true ]; then
+  echo "[INSTALL] ❗ ALERT /db and /config folders are cleared because the ALWAYS_FRESH_INSTALL is set to: ${ALWAYS_FRESH_INSTALL}❗"
+  # Delete content of "/config/"
+  rm -rf "${INSTALL_PATH}/config/"*
+  
+  # Delete content of "/db/"
+  rm -rf "${INSTALL_PATH}/db/"*
+fi
+
+
+# Copy starter $DB_FILE and $CONF_FILE if they don't exist
+cp --update=none "${INSTALL_PATH}/back/$CONF_FILE" "${INSTALL_PATH}/config/$CONF_FILE" 
+cp --update=none "${INSTALL_PATH}/back/$DB_FILE"  "$FILEDB"
+
+echo "[INSTALL] Fixing permissions after copied starter config & DB"
+
+if [ -f "$FILEDB" ]; then
+    chown -R www-data:www-data $FILEDB
+fi
+
+chmod -R a+rwx $INSTALL_DIR # second time after we copied the files
+chmod -R a+rw $INSTALL_PATH/config
+sudo chgrp -R www-data  $INSTALL_PATH
+
+# Check if buildtimestamp.txt doesn't exist
+if [ ! -f "${INSTALL_PATH}/front/buildtimestamp.txt" ]; then
+    # Create buildtimestamp.txt
+    date +%s > "${INSTALL_PATH}/front/buildtimestamp.txt"
+fi
+
+# start PHP
+/etc/init.d/php${PHPVERSION}-fpm start
+/etc/init.d/nginx start
+
+#  Activate the virtual python environment
+source myenv/bin/activate
+
+echo "[INSTALL] 🚀 Starting app - navigate to your <server IP>:${PORT}"
+
+# Start the NetAlertX python script
+python $INSTALL_PATH/server/ 2>/dev/null 1>/dev/null &

From b0d117c3b873fb3ee278db990448b4b0ee09a2fb Mon Sep 17 00:00:00 2001
From: Ingo Ratsdorf <ingo@envirology.co.nz>
Date: Wed, 10 Sep 2025 08:49:48 +1200
Subject: [PATCH 2/9] Update install/ubuntu/install.ubuntu.sh

Co-authored-by: coderabbitai[bot] <136622811+coderabbitai[bot]@users.noreply.github.com>
---
 install/ubuntu/install.ubuntu.sh | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/install/ubuntu/install.ubuntu.sh b/install/ubuntu/install.ubuntu.sh
index 5d1ecb2b..efd14ee1 100644
--- a/install/ubuntu/install.ubuntu.sh
+++ b/install/ubuntu/install.ubuntu.sh
@@ -61,7 +61,7 @@ if [ -d "$INSTALL_DIR" ]; then
   elif [ "$confirmation" == "update" ]; then
     echo "Updating the existing installation..."
     service nginx stop 2>/dev/null
-    pkill -f "python /app/server" 2>/dev/null
+   pkill -f "python ${INSTALL_DIR}/server" 2>/dev/null
     cd "$INSTALL_DIR" || { echo "Failed to change directory to $INSTALL_DIR"; exit 1; }
     git pull
   elif [ "$confirmation" == "start" ]; then

From 7863ab3b0391e6f87b6b6408d14f858dd22c3597 Mon Sep 17 00:00:00 2001
From: Ingo Ratsdorf <ingo@envirology.co.nz>
Date: Wed, 10 Sep 2025 08:52:14 +1200
Subject: [PATCH 3/9] Update install/ubuntu/start.ubuntu.sh

Co-authored-by: coderabbitai[bot] <136622811+coderabbitai[bot]@users.noreply.github.com>
---
 install/ubuntu/start.ubuntu.sh | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/install/ubuntu/start.ubuntu.sh b/install/ubuntu/start.ubuntu.sh
index 627a5dff..1a245ea2 100644
--- a/install/ubuntu/start.ubuntu.sh
+++ b/install/ubuntu/start.ubuntu.sh
@@ -25,9 +25,9 @@ PHPVERSION="8.3"
 if [ -n "${TZ}" ]; then    
   FILECONF=$INSTALL_PATH/config/$CONF_FILE 
   if [ -f "$FILECONF" ]; then
-    sed -ie "s|Europe/Berlin|${TZ}|g" $INSTALL_PATH/config/$CONF_FILE 
+    sed -i -e "s|Europe/Berlin|${TZ}|g" "$INSTALL_PATH/config/$CONF_FILE"
   else 
-    sed -ie "s|Europe/Berlin|${TZ}|g" $INSTALL_PATH/back/$CONF_FILE.bak 
+    sed -i -e "s|Europe/Berlin|${TZ}|g" "$INSTALL_PATH/back/$CONF_FILE.bak"
   fi
 fi
 

From 2482289ad69037221f2b889f711df1a785fec86e Mon Sep 17 00:00:00 2001
From: Ingo Ratsdorf <ingo@envirology.co.nz>
Date: Wed, 10 Sep 2025 08:57:08 +1200
Subject: [PATCH 4/9] Update install/ubuntu/start.ubuntu.sh

Co-authored-by: coderabbitai[bot] <136622811+coderabbitai[bot]@users.noreply.github.com>
---
 install/ubuntu/start.ubuntu.sh | 10 +++++-----
 1 file changed, 5 insertions(+), 5 deletions(-)

diff --git a/install/ubuntu/start.ubuntu.sh b/install/ubuntu/start.ubuntu.sh
index 1a245ea2..78c986b2 100644
--- a/install/ubuntu/start.ubuntu.sh
+++ b/install/ubuntu/start.ubuntu.sh
@@ -143,11 +143,11 @@ fi
 # create log and api mounts
 
 echo "[INSTALL] Create log and api mounts"
-sudo umount "${INSTALL_DIR}"/log
-sudo umount "${INSTALL_DIR}"/api
-sudo mount tmpfs -t tmpfs "${INSTALL_DIR}"/log
-sudo mount tmpfs -t tmpfs "${INSTALL_DIR}"/api
-
+mkdir -p "${INSTALL_DIR}/log" "${INSTALL_DIR}/api"
+sudo umount "${INSTALL_DIR}/log" 2>/dev/null || true
+sudo umount "${INSTALL_DIR}/api" 2>/dev/null || true
+sudo mount -t tmpfs -o size=32m,noexec,nosuid,nodev tmpfs "${INSTALL_DIR}/log"
+sudo mount -t tmpfs -o size=16m,noexec,nosuid,nodev tmpfs "${INSTALL_DIR}/api"
 # Create an empty log files
 
 # Create the execution_queue.log file if it doesn't exist

From f64cd9ea284be03816b7d8ccac2e5a30fcff50f5 Mon Sep 17 00:00:00 2001
From: Ingo Ratsdorf <ingo@envirology.co.nz>
Date: Wed, 10 Sep 2025 08:57:56 +1200
Subject: [PATCH 5/9] Update install/ubuntu/start.ubuntu.sh

Co-authored-by: coderabbitai[bot] <136622811+coderabbitai[bot]@users.noreply.github.com>
---
 install/ubuntu/start.ubuntu.sh | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/install/ubuntu/start.ubuntu.sh b/install/ubuntu/start.ubuntu.sh
index 78c986b2..d6da86b1 100644
--- a/install/ubuntu/start.ubuntu.sh
+++ b/install/ubuntu/start.ubuntu.sh
@@ -110,13 +110,13 @@ sudo ln -s "${INSTALL_PATH}/install/ubuntu/$NGINX_CONF_FILE" $NGINX_CONFIG_FILE
 # Use user-supplied port if set
 if [ -n "${PORT}" ]; then
   echo "[INSTALL] Setting webserver to user-supplied port ($PORT)"
-  sudo sed -i 's/listen 20211/listen '"$PORT"'/g' $NGINX_CONFIG_FILE
+  sudo sed -i 's/listen 20211/listen '"$PORT"'/g' "$NGINX_CONFIG_FILE"
 fi
 
 # Change web interface address if set
 if [ -n "${LISTEN_ADDR}" ]; then
   echo "[INSTALL] Setting webserver to user-supplied address (${LISTEN_ADDR})"
-  sed -ie 's/listen /listen '"${LISTEN_ADDR}":'/g' $NGINX_CONFIG_FILE
+  sed -i -e 's/listen /listen '"${LISTEN_ADDR}":'/g' "$NGINX_CONFIG_FILE"
 fi
 
 # Change php version

From c6f0614570ca67f078651f676107659bcc941e77 Mon Sep 17 00:00:00 2001
From: Ingo Ratsdorf <ingo@envirology.co.nz>
Date: Wed, 10 Sep 2025 09:11:04 +1200
Subject: [PATCH 6/9] Update install/ubuntu/start.ubuntu.sh

Co-authored-by: coderabbitai[bot] <136622811+coderabbitai[bot]@users.noreply.github.com>
---
 install/ubuntu/start.ubuntu.sh | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/install/ubuntu/start.ubuntu.sh b/install/ubuntu/start.ubuntu.sh
index d6da86b1..2b3ba06c 100644
--- a/install/ubuntu/start.ubuntu.sh
+++ b/install/ubuntu/start.ubuntu.sh
@@ -205,8 +205,8 @@ fi
 
 # start PHP
 /etc/init.d/php${PHPVERSION}-fpm start
+nginx -t || { echo "[INSTALL] nginx config test failed"; exit 1; }
 /etc/init.d/nginx start
-
 #  Activate the virtual python environment
 source myenv/bin/activate
 

From db43ab9cf6fe938f2dc1d7f5e628aea198e7fc53 Mon Sep 17 00:00:00 2001
From: Ingo Ratsdorf <ingo@envirology.co.nz>
Date: Wed, 10 Sep 2025 10:19:30 +1200
Subject: [PATCH 7/9] Fixes

Removed 'sudo' from all calls as the script already needs to run as sudo so it's pointless
---
 install/ubuntu/start.ubuntu.sh | 40 ++++++++++++++++------------------
 1 file changed, 19 insertions(+), 21 deletions(-)

diff --git a/install/ubuntu/start.ubuntu.sh b/install/ubuntu/start.ubuntu.sh
index 2b3ba06c..48d44aa5 100644
--- a/install/ubuntu/start.ubuntu.sh
+++ b/install/ubuntu/start.ubuntu.sh
@@ -47,21 +47,21 @@ echo
 
 
 # Install dependencies
-sudo apt-get install -y \
-    tini snmp ca-certificates curl libwww-perl arp-scan perl apt-utils cron sudo \
+apt-get install -y \
+    tini snmp ca-certificates curl libwww-perl arp-scan perl apt-utils cron \
     nginx-light php php-cgi php-fpm php-sqlite3 php-curl sqlite3 dnsutils net-tools \
     python3 python3-dev iproute2 nmap python3-pip zip usbutils traceroute nbtscan avahi-daemon avahi-utils build-essential
 
 # alternate dependencies
-sudo apt-get install nginx nginx-core mtr php-fpm php${PHPVERSION}-fpm php-cli php${PHPVERSION} php${PHPVERSION}-sqlite3 -y
-sudo phpenmod -v ${PHPVERSION} sqlite3
+apt-get install nginx nginx-core mtr php-fpm php${PHPVERSION}-fpm php-cli php${PHPVERSION} php${PHPVERSION}-sqlite3 -y
+phpenmod -v ${PHPVERSION} sqlite3
 
-sudo update-alternatives --install /usr/bin/python python /usr/bin/python3 10
+update-alternatives --install /usr/bin/python python /usr/bin/python3 10
 
 cd $INSTALL_DIR/install/ubuntu || { echo "Failed to change directory to $INSTALL_DIR/install/ubuntu"; exit 1; }
 
 # setup virtual python environment so we can use pip3 to install packages
-sudo apt-get install python3-venv -y
+apt-get install python3-venv -y
 python3 -m venv myenv
 source myenv/bin/activate
 
@@ -85,32 +85,30 @@ echo "[INSTALL] Updating the existing installation..."
 # Remove default NGINX site if it is symlinked, or backup it otherwise
 if [ -L /etc/nginx/sites-enabled/default ] ; then
   echo "[INSTALL] Disabling default NGINX site, removing sym-link in /etc/nginx/sites-enabled"
-  sudo rm /etc/nginx/sites-enabled/default
+  rm /etc/nginx/sites-enabled/default
 elif [ -f /etc/nginx/sites-enabled/default ]; then
   echo "[INSTALL] Disabling default NGINX site, moving config to /etc/nginx/sites-available"
-  sudo mv /etc/nginx/sites-enabled/default /etc/nginx/sites-available/default.bkp_netalertx
+  mv /etc/nginx/sites-enabled/default /etc/nginx/sites-available/default.bkp_netalertx
 fi
 
 # Clear existing directories and files
 if [ -d $WEB_UI_DIR ]; then
   echo "[INSTALL] Removing existing NetAlertX web-UI"
-  sudo rm -R $WEB_UI_DIR
+  rm -R $WEB_UI_DIR
 fi
 
-if [ -L "$NGINX_CONFIG_FILE" ]; then
-  echo "[INSTALL] Removing existing NetAlertX NGINX config"
-  sudo rm "$NGINX_CONFIG_FILE"
-fi
+echo "[INSTALL] Removing existing NetAlertX NGINX config"
+rm "$NGINX_CONFIG_FILE" 2>/dev/null || true
 
 # create symbolic link to the  install directory
 ln -s $INSTALL_PATH/front $WEB_UI_DIR
 # create symbolic link to NGINX configuration coming with NetAlertX
-sudo ln -s "${INSTALL_PATH}/install/ubuntu/$NGINX_CONF_FILE" $NGINX_CONFIG_FILE
+ln -s "${INSTALL_PATH}/install/ubuntu/$NGINX_CONF_FILE" $NGINX_CONFIG_FILE
 
 # Use user-supplied port if set
 if [ -n "${PORT}" ]; then
   echo "[INSTALL] Setting webserver to user-supplied port ($PORT)"
-  sudo sed -i 's/listen 20211/listen '"$PORT"'/g' "$NGINX_CONFIG_FILE"
+  sed -i 's/listen 20211/listen '"$PORT"'/g' "$NGINX_CONFIG_FILE"
 fi
 
 # Change web interface address if set
@@ -144,10 +142,10 @@ fi
 
 echo "[INSTALL] Create log and api mounts"
 mkdir -p "${INSTALL_DIR}/log" "${INSTALL_DIR}/api"
-sudo umount "${INSTALL_DIR}/log" 2>/dev/null || true
-sudo umount "${INSTALL_DIR}/api" 2>/dev/null || true
-sudo mount -t tmpfs -o size=32m,noexec,nosuid,nodev tmpfs "${INSTALL_DIR}/log"
-sudo mount -t tmpfs -o size=16m,noexec,nosuid,nodev tmpfs "${INSTALL_DIR}/api"
+umount "${INSTALL_DIR}/log" 2>/dev/null || true
+umount "${INSTALL_DIR}/api" 2>/dev/null || true
+mount -t tmpfs -o size=32m,noexec,nosuid,nodev tmpfs "${INSTALL_DIR}/log"
+mount -t tmpfs -o size=16m,noexec,nosuid,nodev tmpfs "${INSTALL_DIR}/api"
 # Create an empty log files
 
 # Create the execution_queue.log file if it doesn't exist
@@ -195,7 +193,7 @@ fi
 
 chmod -R a+rwx $INSTALL_DIR # second time after we copied the files
 chmod -R a+rw $INSTALL_PATH/config
-sudo chgrp -R www-data  $INSTALL_PATH
+chgrp -R www-data  $INSTALL_PATH
 
 # Check if buildtimestamp.txt doesn't exist
 if [ ! -f "${INSTALL_PATH}/front/buildtimestamp.txt" ]; then
@@ -213,4 +211,4 @@ source myenv/bin/activate
 echo "[INSTALL] 🚀 Starting app - navigate to your <server IP>:${PORT}"
 
 # Start the NetAlertX python script
-python $INSTALL_PATH/server/ 2>/dev/null 1>/dev/null &
+python $INSTALL_PATH/server/ &

From d31af28f08aee0db2617d5342acf632d8460c47d Mon Sep 17 00:00:00 2001
From: Ingo Ratsdorf <ingo@envirology.co.nz>
Date: Wed, 10 Sep 2025 11:44:41 +1200
Subject: [PATCH 8/9] Minor updates

Fixes typo in start.ubuntu.sh
Redirects output of python server to /dev/null
to avoid I/O errors if started from SSH for example
---
 install/ubuntu/start.ubuntu.sh | 11 ++++++-----
 1 file changed, 6 insertions(+), 5 deletions(-)

diff --git a/install/ubuntu/start.ubuntu.sh b/install/ubuntu/start.ubuntu.sh
index 48d44aa5..0fbca7ad 100644
--- a/install/ubuntu/start.ubuntu.sh
+++ b/install/ubuntu/start.ubuntu.sh
@@ -41,7 +41,7 @@ fi
 
 
 echo "---------------------------------------------------------"
-echo "[INSTALL] Installing depemdecies"
+echo "[INSTALL] Installing dependencies"
 echo "---------------------------------------------------------"
 echo
 
@@ -75,11 +75,10 @@ echo "---------------------------------------------------------"
 echo "[INSTALL] Installing NGINX and setting up the web server"
 echo "---------------------------------------------------------"
 echo
-echo "[INSTALL] Stopping anyNGINX web server"
+echo "[INSTALL] Stopping any NGINX web server"
 
 service nginx stop 2>/dev/null
-pkill -f "python /app/server" 2>/dev/null
-
+pkill -f "python ${INSTALL_DIR}/server" 2>/dev/null
 echo "[INSTALL] Updating the existing installation..."
 
 # Remove default NGINX site if it is symlinked, or backup it otherwise
@@ -211,4 +210,6 @@ source myenv/bin/activate
 echo "[INSTALL] 🚀 Starting app - navigate to your <server IP>:${PORT}"
 
 # Start the NetAlertX python script
-python $INSTALL_PATH/server/ &
+# All error and console output being diverted to null,
+# otherwise we can get critical errors re I/O
+python "$INSTALL_PATH/server/" 2>/dev/null 1>/dev/null &

From 99981754c94e34dbf4f6065c51b2d920b5af4416 Mon Sep 17 00:00:00 2001
From: Ingo Ratsdorf <ingo@envirology.co.nz>
Date: Wed, 10 Sep 2025 11:54:05 +1200
Subject: [PATCH 9/9] Some more fixes

---
 install/ubuntu/install.ubuntu.sh     | 29 +++++++++++++++++++++++-----
 install/ubuntu/netalertx.ubuntu.conf |  5 +++--
 2 files changed, 27 insertions(+), 7 deletions(-)

diff --git a/install/ubuntu/install.ubuntu.sh b/install/ubuntu/install.ubuntu.sh
index efd14ee1..ee177067 100644
--- a/install/ubuntu/install.ubuntu.sh
+++ b/install/ubuntu/install.ubuntu.sh
@@ -46,14 +46,33 @@ if [ -d "$INSTALL_DIR" ]; then
     read -p "Enter your choice: " confirmation
   fi
   if [ "$confirmation" == "install" ]; then
-    if [ -n "$INSTALL_DIR" ] && [ "$INSTALL_DIR" != "" ]; then
+    # Ensure INSTALL_DIR is safe to wipe
+    if [ -n "$INSTALL_DIR" ] && [ "$INSTALL_DIR" != "" ] && [ "$INSTALL_DIR" != "/" ] && [ "$INSTALL_DIR" != "." ] && [ -d "$INSTALL_DIR" ]; then
       echo "Removing existing installation..."
+
+      # Stop nginx if running
+      if command -v systemctl >/dev/null 2>&1 && systemctl list-units --type=service | grep -q nginx; then
+      systemctl stop nginx 2>/dev/null
+      elif command -v service >/dev/null 2>&1; then
       service nginx stop 2>/dev/null
-      pkill -f "python /app/server" 2>/dev/null
-      umount  "$INSTALL_DIR/api" 2>/dev/null
-      umount  "$INSTALL_DIR/front" 2>/dev/null
-      rm -rf "$INSTALL_DIR/"
+      fi
+
+      # Kill running NetAlertX server processes in this INSTALL_DIR
+      pkill -f "python.*${INSTALL_DIR}/server" 2>/dev/null
+
+      # Unmount only if mountpoints exist
+      mountpoint -q "$INSTALL_DIR/api" && umount "$INSTALL_DIR/api" 2>/dev/null
+      mountpoint -q "$INSTALL_DIR/front" && umount "$INSTALL_DIR/front" 2>/dev/null
+
+      # Remove all contents safely
+      rm -rf -- "$INSTALL_DIR"/* "$INSTALL_DIR"/.[!.]* "$INSTALL_DIR"/..?* 2>/dev/null
+
+      # Re-clone repository
       git clone https://github.com/jokob-sk/NetAlertX "$INSTALL_DIR/"
+    else
+      echo "INSTALL_DIR is not set, is root, or is invalid. Aborting for safety."
+      exit 1
+    fi
     else
       echo "INSTALL_DIR is not set or is root. Aborting for safety."
       exit 1
diff --git a/install/ubuntu/netalertx.ubuntu.conf b/install/ubuntu/netalertx.ubuntu.conf
index e5d1e642..0e8bdbc6 100644
--- a/install/ubuntu/netalertx.ubuntu.conf
+++ b/install/ubuntu/netalertx.ubuntu.conf
@@ -11,10 +11,11 @@ server {
     add_header Cache-Control "no-store";
     fastcgi_pass unix:/run/php/php8.3-fpm.sock;
     include         fastcgi_params;
+    try_files $uri =404;
     fastcgi_param   SCRIPT_FILENAME    $document_root$fastcgi_script_name;
     fastcgi_param   SCRIPT_NAME        $fastcgi_script_name;
     fastcgi_connect_timeout 75;
-          fastcgi_send_timeout 600;
-          fastcgi_read_timeout 600;
+    fastcgi_send_timeout 600;
+    fastcgi_read_timeout 600;
   }
 }