From de20a2621cef9d84184a73845799b36be2c1445f Mon Sep 17 00:00:00 2001 From: "Carlos V." <76731844+cvc90@users.noreply.github.com> Date: Thu, 11 Sep 2025 03:38:25 +0200 Subject: [PATCH 1/7] Update deviceDetailsTools.php Change static route to relative route in URL for proper proxy operation --- front/deviceDetailsTools.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/front/deviceDetailsTools.php b/front/deviceDetailsTools.php index 45d030db..2c043aa9 100755 --- a/front/deviceDetailsTools.php +++ b/front/deviceDetailsTools.php @@ -198,7 +198,7 @@
  • - +
    • From db42d7f57774d39935dff69fff48b4f067414a57 Mon Sep 17 00:00:00 2001 From: Ingo Ratsdorf Date: Thu, 11 Sep 2025 21:07:18 +1200 Subject: [PATCH 2/7] Installer-rework split installer structure into systems, updated non-functional Debian12 installer with some minor fixes to Ubuntu24 installer. Updated docs. --- docs/HW_INSTALL.md | 60 ++++-- install/debian12/install.debian12.sh | 39 ++++ .../debian12/install_dependencies.debian12.sh | 33 ++++ install/debian12/netalertx.conf | 20 ++ install/debian12/start.debian12.sh | 183 ++++++++++++++++++ .../install.ubuntu24.sh} | 24 +-- .../netalertx.conf} | 0 .../start.ubuntu24.sh} | 9 +- 8 files changed, 332 insertions(+), 36 deletions(-) create mode 100644 install/debian12/install.debian12.sh create mode 100644 install/debian12/install_dependencies.debian12.sh create mode 100644 install/debian12/netalertx.conf create mode 100644 install/debian12/start.debian12.sh rename install/{ubuntu/install.ubuntu.sh => ubuntu24/install.ubuntu24.sh} (84%) rename install/{ubuntu/netalertx.ubuntu.conf => ubuntu24/netalertx.conf} (100%) rename install/{ubuntu/start.ubuntu.sh => ubuntu24/start.ubuntu24.sh} (96%) diff --git a/docs/HW_INSTALL.md b/docs/HW_INSTALL.md index 97c055da..9fa7e60b 100755 --- a/docs/HW_INSTALL.md +++ b/docs/HW_INSTALL.md @@ -7,49 +7,69 @@ To download and install NetAlertX on the hardware/server directly use the `curl` > > 🙏 Looking for maintainers for this installation method 🙂 Current community volunteers: > - [slammingprogramming](https://github.com/slammingprogramming) +> - [ingoratsdorf](https://github.com/ingoratsdorf) > > There is no guarantee that the install script or any other script will gracefully handle other installed software. > Data loss is a possibility, **it is recommended to install NetAlertX using the supplied Docker image**. -A warning to the installation method below: Piping to bash is [controversial](https://pi-hole.net/2016/07/25/curling-and-piping-to-bash) and may +> [!WARNING] +> A warning to the installation method below: Piping to bash is [controversial](https://pi-hole.net/2016/07/25/curling-and-piping-to-bash) and may be dangerous, as you cannot see the code that's about to be executed on your system. -Alternatively you can download the installation script `install/install.debian.sh` from the repository and check the code yourself (beware other scripts are -downloaded too - only from this repo). +If you trust this repo, you can download the install script via one of the methods (curl/wget) below and it will fo its best to install NetAlertX on your system. + +Alternatively you can download the installation script from the repository and check the code yourself. NetAlertX will be installed in `/app` and run on port number `20211`. Some facts about what and where something will be changed/installed by the HW install setup (may not contain everything!): +- dependencies will be installed from the respective system repos +- required python modules will be installed - `/app` directory will be deleted and newly created -- `/app` will contain the whole repository (downloaded by `install/install.debian.sh`) +- `/app` will contain the whole repository (downloaded by the install script) - The default NGINX site `/etc/nginx/sites-enabled/default` will be disabled (sym-link deleted or backed up to `sites-available`) - `/var/www/html/netalertx` directory will be deleted and newly created -- `/etc/nginx/conf.d/netalertx.conf` will be sym-linked to `/app/install/netalertx.debian.conf` +- `/etc/nginx/conf.d/netalertx.conf` will be sym-linked to the appropriate installer location (depending on your system installer script) - Some files (IEEE device vendors info, ...) will be created in the directory where the installation script is executed ## Limitations -- No system service is provided. NetAlertX must be started using `/app/install/start.debian.sh`. +- No system service is provided. NetAlertX must be started using `/app/install//start..sh`. - No checks for other running software is done. -- Only tested to work on Debian Bookworm (Debian 12). +- Only tested to work on the system listed in the install directory. - **EXPERIMENTAL** and not recommended way to install NetAlertX. -## 📥 Installation via CURL - > [!TIP] > If the below fails try grabbing and installing one of the [previous releases](https://github.com/jokob-sk/NetAlertX/releases) and run the installation from the zip package. -```bash -curl -o install.debian.sh https://raw.githubusercontent.com/jokob-sk/NetAlertX/main/install/install.debian.sh && sudo chmod +x install.debian.sh && sudo ./install.debian.sh -``` - -## 📥 Installation via WGET - -```bash -wget https://raw.githubusercontent.com/jokob-sk/NetAlertX/main/install/install.debian.sh -O install.debian.sh && sudo chmod +x install.debian.sh && sudo ./install.debian.sh -``` - -These commands will download the `install.debian.sh` script from the GitHub repository, make it executable with `chmod`, and then run it using `./install.debian.sh`. +These commands will download the `install.debian12.sh` script from the GitHub repository, make it executable with `chmod`, and then run it using `./install.debian12.sh`. Make sure you have the necessary permissions to execute the script. + + +## 📥 Debian 12 (Bookworm) + +### Installation via curl +```bash +curl -o install.debian12.sh https://raw.githubusercontent.com/jokob-sk/NetAlertX/main/install/debian12/install.debian12.sh && sudo chmod +x install.debian12.sh && sudo ./install.debian12.sh +``` + +### Installation via wget + +```bash +wget https://raw.githubusercontent.com/jokob-sk/NetAlertX/main/install/debian12/install.debian12.sh -O install.debian12.sh && sudo chmod +x install.debian12.sh && sudo ./install.debian12.sh +``` + +## 📥 Ubuntu 24 (Noble Numbat) + +### Installation via curl +```bash +curl -o install.ubuntu24.sh https://raw.githubusercontent.com/jokob-sk/NetAlertX/main/install/ubuntu24/install.ubuntu24.sh && sudo chmod +x install.ubuntu24.sh && sudo ./install.ubuntu24.sh +``` + +### Installation via wget + +```bash +wget https://raw.githubusercontent.com/jokob-sk/NetAlertX/main/install/ubuntu24/install.ubuntu24.sh -O install.ubuntu24.sh && sudo chmod +x install.ubuntu24.sh && sudo ./install.ubuntu24.sh +``` diff --git a/install/debian12/install.debian12.sh b/install/debian12/install.debian12.sh new file mode 100644 index 00000000..6f5a1277 --- /dev/null +++ b/install/debian12/install.debian12.sh @@ -0,0 +1,39 @@ +#!/usr/bin/env bash + +# 🛑 Important: This is only used for the bare-metal install 🛑 +# Update /install/start.debian12.sh in most cases is preferred + +echo "---------------------------------------------------------" +echo "[INSTALL] Run install.debian12.sh" +echo "---------------------------------------------------------" + +# Set environment variables +INSTALL_DIR=/app # Specify the installation directory here + +# Check if script is run as root +if [[ $EUID -ne 0 ]]; then + echo "This script must be run as root. Please use 'sudo'." + exit 1 +fi + +# Prepare the environment +apt-get update +apt-get install sudo -y + +# Install Git +apt-get install -y git + +# Clean the directory +rm -R $INSTALL_DIR/ + +# Clone the application repository +git clone https://github.com/jokob-sk/NetAlertX "$INSTALL_DIR/" + +# Check for buildtimestamp.txt existence, otherwise create it +if [ ! -f $INSTALL_DIR/front/buildtimestamp.txt ]; then + date +%s > $INSTALL_DIR/front/buildtimestamp.txt +fi + +# Start NetAlertX +chmod +x "$INSTALL_DIR/install/debian12/start.debian12.sh" +"$INSTALL_DIR/install/debian12/start.debian12.sh" diff --git a/install/debian12/install_dependencies.debian12.sh b/install/debian12/install_dependencies.debian12.sh new file mode 100644 index 00000000..4fc4174f --- /dev/null +++ b/install/debian12/install_dependencies.debian12.sh @@ -0,0 +1,33 @@ +#!/usr/bin/env bash + +echo "---------------------------------------------------------" +echo "[INSTALL] Run install_dependencies.debian12.sh" +echo "---------------------------------------------------------" + +# ❗ IMPORTANT - if you modify this file modify the root Dockerfile as well ❗ + +# Check if script is run as root +if [[ $EUID -ne 0 ]]; then + echo "This script must be run as root. Please use 'sudo'." + exit 1 +fi + +# Install dependencies +apt-get install -y \ + tini snmp ca-certificates curl libwww-perl arp-scan perl apt-utils cron sudo \ + nginx-light php php-cgi php-fpm php-sqlite3 php-curl sqlite3 dnsutils net-tools \ + python3 python3-dev iproute2 nmap python3-pip zip usbutils traceroute nbtscan avahi-daemon avahi-utils openrc build-essential git + +# alternate dependencies +sudo apt-get install nginx nginx-core mtr php-fpm php8.2-fpm php-cli php8.2 php8.2-sqlite3 -y +sudo phpenmod -v 8.2 sqlite3 + +# setup virtual python environment so we can use pip3 to install packages +apt-get install python3-venv -y +python3 -m venv myenv +source myenv/bin/activate + +update-alternatives --install /usr/bin/python python /usr/bin/python3 10 + +# install packages thru pip3 +pip3 install openwrt-luci-rpc asusrouter asyncio aiohttp graphene flask flask-cors unifi-sm-api tplink-omada-client wakeonlan pycryptodome requests paho-mqtt scapy cron-converter pytz json2table dhcp-leases pyunifi speedtest-cli chardet python-nmap dnspython librouteros yattag git+https://github.com/foreign-sub/aiofreepybox.git diff --git a/install/debian12/netalertx.conf b/install/debian12/netalertx.conf new file mode 100644 index 00000000..c92d9cba --- /dev/null +++ b/install/debian12/netalertx.conf @@ -0,0 +1,20 @@ +server { + listen 20211 default_server; + root /var/www/html/netalertx; + index index.php; + #rewrite /app/(.*) / permanent; + add_header X-Forwarded-Prefix "/netalertx" always; + proxy_set_header X-Forwarded-Prefix "/netalertx"; + + location ~* \.php$ { + # Set Cache-Control header to prevent caching on the first load + add_header Cache-Control "no-store"; + fastcgi_pass unix:/run/php/php8.2-fpm.sock; + include fastcgi_params; + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + fastcgi_param SCRIPT_NAME $fastcgi_script_name; + fastcgi_connect_timeout 75; + fastcgi_send_timeout 600; + fastcgi_read_timeout 600; +} +} diff --git a/install/debian12/start.debian12.sh b/install/debian12/start.debian12.sh new file mode 100644 index 00000000..1ab24ae8 --- /dev/null +++ b/install/debian12/start.debian12.sh @@ -0,0 +1,183 @@ +#!/usr/bin/env bash + +echo "---------------------------------------------------------" +echo "[INSTALL] Run start.debian12.sh" +echo "---------------------------------------------------------" +echo +echo "This script will set up and start NetAlertX on your Debian12 system." + +INSTALL_DIR=/app # Specify the installation directory here + +# DO NOT CHANGE ANYTHING BELOW THIS LINE! +INSTALLER_DIR=$INSTALL_DIR/install/ubuntu24 +CONF_FILE=app.conf +DB_FILE=app.db +NGINX_CONF_FILE=netalertx.conf +WEB_UI_DIR=/var/www/html/netalertx +NGINX_CONFIG_FILE=/etc/nginx/conf.d/$NGINX_CONF_FILE +OUI_FILE="/usr/share/arp-scan/ieee-oui.txt" # Define the path to ieee-oui.txt and ieee-iab.txt +INSTALL_PATH=$INSTALL_DIR/ +FILEDB=$INSTALL_PATH/db/$DB_FILE +# DO NOT CHANGE ANYTHING ABOVE THIS LINE! + +# if custom variables not set we do not need to do anything +if [ -n "${TZ}" ]; then + FILECONF=$INSTALL_PATH/config/$CONF_FILE + if [ -f "$FILECONF" ]; then + sed -ie "s|Europe/Berlin|${TZ}|g" $INSTALL_PATH/config/$CONF_FILE + else + sed -ie "s|Europe/Berlin|${TZ}|g" $INSTALL_PATH/back/$CONF_FILE.bak + fi +fi + +# Check if script is run as root +if [[ $EUID -ne 0 ]]; then + echo "This script must be run as root. Please use 'sudo'." + exit 1 +fi + + + +echo "---------------------------------------------------------" +echo "[INSTALL] Installing dependencies" +echo "---------------------------------------------------------" +echo + + +"${INSTALL_PATH}/install/debian12/install_dependencies.debian12.sh" # if modifying this file transfer the changes into the root Dockerfile.debian as well! + + +echo "---------------------------------------------------------" +echo "[INSTALL] Installing NGINX and setting up the web server" +echo "---------------------------------------------------------" +echo +echo "[INSTALL] Stopping any NGINX web server" + +service nginx stop 2>/dev/null +pkill -f "python ${INSTALL_DIR}/server" 2>/dev/null +echo "[INSTALL] Updating the existing installation..." + +# Remove default NGINX site if it is symlinked, or backup it otherwise +if [ -L /etc/nginx/sites-enabled/default ] ; then + echo "Disabling default NGINX site, removing sym-link in /etc/nginx/sites-enabled" + sudo rm /etc/nginx/sites-enabled/default +elif [ -f /etc/nginx/sites-enabled/default ]; then + echo "Disabling default NGINX site, moving config to /etc/nginx/sites-available" + sudo mv /etc/nginx/sites-enabled/default /etc/nginx/sites-available/default.bkp_netalertx +fi + +# Clear existing directories and files +if [ -d $WEB_UI_DIR ]; then + echo "[INSTALL] Removing existing NetAlertX web-UI" + rm -R $WEB_UI_DIR +fi + +echo "[INSTALL] Removing existing NetAlertX NGINX config" +rm "$NGINX_CONFIG_FILE" 2>/dev/null || true + +# create symbolic link to the install directory +ln -s $INSTALL_PATH/front $WEB_UI_DIR +# create symbolic link to NGINX configuration coming with NetAlertX +sudo ln -s "${INSTALL_PATH}/install/debian12/netalertx.conf" /etc/nginx/conf.d/$NGINX_CONF_FILE + +# Use user-supplied port if set +if [ -n "${PORT}" ]; then + echo "Setting webserver to user-supplied port ($PORT)" + sudo sed -i 's/listen 20211/listen '"$PORT"'/g' /etc/nginx/conf.d/$NGINX_CONF_FILE +fi + +# Change web interface address if set +if [ -n "${LISTEN_ADDR}" ]; then + echo "Setting webserver to user-supplied address (${LISTEN_ADDR})" + sed -ie 's/listen /listen '"${LISTEN_ADDR}":'/g' /etc/nginx/conf.d/$NGINX_CONF_FILE +fi + +# Run the hardware vendors update at least once +echo "[INSTALL] Run the hardware vendors update" + +# Check if ieee-oui.txt or ieee-iab.txt exist +if [ -f "$OUI_FILE" ]; then + echo "The file ieee-oui.txt exists. Skipping update_vendors.sh..." +else + echo "The file ieee-oui.txt does not exist. Running update_vendors..." + + # Run the update_vendors.sh script + if [ -f "${INSTALL_PATH}/back/update_vendors.sh" ]; then + "${INSTALL_PATH}/back/update_vendors.sh" + else + echo "update_vendors.sh script not found in $INSTALL_DIR." + fi +fi + +# Create an empty log files + +# Create the execution_queue.log file if it doesn't exist +touch "${INSTALL_DIR}"/log/{app.log,execution_queue.log,app_front.log,app.php_errors.log,stderr.log,stdout.log,db_is_locked.log} +touch "${INSTALL_DIR}"/api/user_notifications.json +# Create plugins sub-directory if it doesn't exist in case a custom log folder is used +mkdir -p "${INSTALL_DIR}"/log/plugins + +# Fixing file permissions +echo "[INSTALL] Fixing file permissions" +chown root:www-data "${INSTALL_DIR}"/api/user_notifications.json + +echo "[INSTALL] Fixing WEB_UI_DIR: ${WEB_UI_DIR}" +chmod -R a+rwx $WEB_UI_DIR + +echo "[INSTALL] Fixing INSTALL_DIR: ${INSTALL_DIR}" + +chmod -R a+rw $INSTALL_PATH/log +chmod -R a+rwx $INSTALL_DIR + +echo "[INSTALL] Copy starter $DB_FILE and $CONF_FILE if they don't exist" + +# DANGER ZONE: ALWAYS_FRESH_INSTALL +if [ "$ALWAYS_FRESH_INSTALL" = true ]; then + echo "[INSTALL] ❗ ALERT /db and /config folders are cleared because the ALWAYS_FRESH_INSTALL is set to: ${ALWAYS_FRESH_INSTALL}❗" + # Delete content of "/config/" + rm -rf "${INSTALL_PATH}/config/"* + + # Delete content of "/db/" + rm -rf "${INSTALL_PATH}/db/"* +fi + + +# Copy starter $DB_FILE and $CONF_FILE if they don't exist +cp -n "${INSTALL_PATH}/back/$CONF_FILE" "${INSTALL_PATH}/config/$CONF_FILE" +cp -n "${INSTALL_PATH}/back/$DB_FILE" "$FILEDB" + +echo "[INSTALL] Fixing permissions after copied starter config & DB" + +if [ -f "$FILEDB" ]; then + chown -R www-data:www-data $FILEDB +fi + +chmod -R a+rwx $INSTALL_DIR # second time after we copied the files +chmod -R a+rw $INSTALL_PATH/config +sudo chgrp -R www-data $INSTALL_PATH + +# Check if buildtimestamp.txt doesn't exist +if [ ! -f "${INSTALL_PATH}/front/buildtimestamp.txt" ]; then + # Create buildtimestamp.txt + date +%s > "${INSTALL_PATH}/front/buildtimestamp.txt" +fi + +# start PHP +/etc/init.d/php8.2-fpm start +nginx -t || { echo "[INSTALL] nginx config test failed"; exit 1; } +/etc/init.d/nginx start + +# Start Nginx and your application to start at boot (if needed) +# systemctl start nginx +# systemctl enable nginx + +# # systemctl enable pi-alert +# sudo systemctl restart nginx + +# Activate the virtual python environment +source myenv/bin/activate + +echo "[INSTALL] 🚀 Starting app - navigate to your :${PORT}" + +# Start the NetAlertX python script +python $INSTALL_PATH/server/ diff --git a/install/ubuntu/install.ubuntu.sh b/install/ubuntu24/install.ubuntu24.sh similarity index 84% rename from install/ubuntu/install.ubuntu.sh rename to install/ubuntu24/install.ubuntu24.sh index ee177067..0d40672a 100644 --- a/install/ubuntu/install.ubuntu.sh +++ b/install/ubuntu24/install.ubuntu24.sh @@ -14,6 +14,7 @@ echo "---------------------------------------------------------" # Set environment variables INSTALL_DIR=/app # Specify the installation directory here +INSTALLER_DIR=$INSTALL_DIR/install/ubuntu24 # Check if script is run as root if [[ $EUID -ne 0 ]]; then @@ -36,10 +37,12 @@ apt-get install -y git if [ -d "$INSTALL_DIR" ]; then echo "The installation directory exists. Removing it to ensure a clean install." echo "Are you sure you want to continue? This will delete all existing files in $INSTALL_DIR." + echo "This will include ALL YOUR SETTINGS AND DATABASE! (if there are any)" + echo echo "Type:" - echo " - 'install' to continue" - echo " - 'update' to just update from GIT" - echo " - 'start' to do nothing, leave install as-is" + echo " - 'install' to continue and DELETE ALL!" + echo " - 'update' to just update from GIT (keeps your db and settings)" + echo " - 'start' to do nothing, leave install as-is (just run the start script)" if [ "$1" == "install" ] || [ "$1" == "update" ] || [ "$1" == "start" ]; then confirmation=$1 else @@ -52,9 +55,9 @@ if [ -d "$INSTALL_DIR" ]; then # Stop nginx if running if command -v systemctl >/dev/null 2>&1 && systemctl list-units --type=service | grep -q nginx; then - systemctl stop nginx 2>/dev/null + systemctl stop nginx 2>/dev/null elif command -v service >/dev/null 2>&1; then - service nginx stop 2>/dev/null + service nginx stop 2>/dev/null fi # Kill running NetAlertX server processes in this INSTALL_DIR @@ -73,14 +76,10 @@ if [ -d "$INSTALL_DIR" ]; then echo "INSTALL_DIR is not set, is root, or is invalid. Aborting for safety." exit 1 fi - else - echo "INSTALL_DIR is not set or is root. Aborting for safety." - exit 1 - fi elif [ "$confirmation" == "update" ]; then echo "Updating the existing installation..." service nginx stop 2>/dev/null - pkill -f "python ${INSTALL_DIR}/server" 2>/dev/null + pkill -f "python ${INSTALL_DIR}/server" 2>/dev/null cd "$INSTALL_DIR" || { echo "Failed to change directory to $INSTALL_DIR"; exit 1; } git pull elif [ "$confirmation" == "start" ]; then @@ -101,5 +100,6 @@ fi # Start NetAlertX # This is where we setup the virtual environment and install dependencies -cd "$INSTALL_DIR/install/ubuntu" || { echo "Failed to change directory to $INSTALL_DIR/install/ubuntu"; exit 1; } -"$INSTALL_DIR/install/ubuntu/start.ubuntu.sh" +cd "$INSTALLER_DIR" || { echo "Failed to change directory to $INSTALLER_DIR"; exit 1; } +chmod +x "$INSTALLER_DIR/start.ubuntu24.sh" +"$INSTALLER_DIR/start.ubuntu24.sh" diff --git a/install/ubuntu/netalertx.ubuntu.conf b/install/ubuntu24/netalertx.conf similarity index 100% rename from install/ubuntu/netalertx.ubuntu.conf rename to install/ubuntu24/netalertx.conf diff --git a/install/ubuntu/start.ubuntu.sh b/install/ubuntu24/start.ubuntu24.sh similarity index 96% rename from install/ubuntu/start.ubuntu.sh rename to install/ubuntu24/start.ubuntu24.sh index 0fbca7ad..71f53440 100644 --- a/install/ubuntu/start.ubuntu.sh +++ b/install/ubuntu24/start.ubuntu24.sh @@ -4,15 +4,16 @@ echo "---------------------------------------------------------" echo "[INSTALL]" echo "---------------------------------------------------------" echo -echo "This script will set up and start NetAlertX on your Ubuntu system." +echo "This script will set up and start NetAlertX on your Ubuntu24 system." # Specify the installation directory here INSTALL_DIR=/app # DO NOT CHANGE ANYTHING BELOW THIS LINE! +INSTALLER_DIR=$INSTALL_DIR/install/ubuntu24 CONF_FILE=app.conf DB_FILE=app.db -NGINX_CONF_FILE=netalertx.ubuntu.conf +NGINX_CONF_FILE=netalertx.conf WEB_UI_DIR=/var/www/html/netalertx NGINX_CONFIG_FILE=/etc/nginx/conf.d/$NGINX_CONF_FILE OUI_FILE="/usr/share/arp-scan/ieee-oui.txt" # Define the path to ieee-oui.txt and ieee-iab.txt @@ -58,7 +59,7 @@ phpenmod -v ${PHPVERSION} sqlite3 update-alternatives --install /usr/bin/python python /usr/bin/python3 10 -cd $INSTALL_DIR/install/ubuntu || { echo "Failed to change directory to $INSTALL_DIR/install/ubuntu"; exit 1; } +cd $INSTALLER_DIR || { echo "Failed to change directory to $INSTALLER_DIR"; exit 1; } # setup virtual python environment so we can use pip3 to install packages apt-get install python3-venv -y @@ -102,7 +103,7 @@ rm "$NGINX_CONFIG_FILE" 2>/dev/null || true # create symbolic link to the install directory ln -s $INSTALL_PATH/front $WEB_UI_DIR # create symbolic link to NGINX configuration coming with NetAlertX -ln -s "${INSTALL_PATH}/install/ubuntu/$NGINX_CONF_FILE" $NGINX_CONFIG_FILE +ln -s "${INSTALLER_DIR}/$NGINX_CONF_FILE" $NGINX_CONFIG_FILE # Use user-supplied port if set if [ -n "${PORT}" ]; then From e0ffe8b424bfb54d1de248e85a4098ad236719ca Mon Sep 17 00:00:00 2001 From: Ingo Ratsdorf Date: Thu, 11 Sep 2025 21:11:04 +1200 Subject: [PATCH 3/7] Delete old Debian12 files --- install/install.debian.sh | 38 ------ install/install_dependencies.debian.sh | 34 ----- install/netalertx.debian.conf | 20 --- install/start.debian.sh | 169 ------------------------- 4 files changed, 261 deletions(-) delete mode 100755 install/install.debian.sh delete mode 100755 install/install_dependencies.debian.sh delete mode 100755 install/netalertx.debian.conf delete mode 100755 install/start.debian.sh diff --git a/install/install.debian.sh b/install/install.debian.sh deleted file mode 100755 index 548ffd38..00000000 --- a/install/install.debian.sh +++ /dev/null @@ -1,38 +0,0 @@ -#!/usr/bin/env bash - -# 🛑 Important: This is only used for the bare-metal install 🛑 -# Update /install/start.debian.sh in most cases is preferred - -echo "---------------------------------------------------------" -echo "[INSTALL] Run install.debian.sh" -echo "---------------------------------------------------------" - -# Set environment variables -INSTALL_DIR=/app # Specify the installation directory here - -# Check if script is run as root -if [[ $EUID -ne 0 ]]; then - echo "This script must be run as root. Please use 'sudo'." - exit 1 -fi - -# Prepare the environment -apt-get update -apt-get install sudo -y - -# Install Git -apt-get install -y git - -# Clean the directory -rm -R $INSTALL_DIR/ - -# Clone the application repository -git clone https://github.com/jokob-sk/NetAlertX "$INSTALL_DIR/" - -# Check for buildtimestamp.txt existence, otherwise create it -if [ ! -f $INSTALL_DIR/front/buildtimestamp.txt ]; then - date +%s > $INSTALL_DIR/front/buildtimestamp.txt -fi - -# Start NetAlertX -"$INSTALL_DIR/install/start.debian.sh" diff --git a/install/install_dependencies.debian.sh b/install/install_dependencies.debian.sh deleted file mode 100755 index 947a96ec..00000000 --- a/install/install_dependencies.debian.sh +++ /dev/null @@ -1,34 +0,0 @@ -#!/usr/bin/env bash - -echo "---------------------------------------------------------" -echo "[INSTALL] Run install_dependencies.debian.sh" -echo "---------------------------------------------------------" - -# ❗ IMPORTANT - if you modify this file modify the root Dockerfile as well ❗ - -# Check if script is run as root -if [[ $EUID -ne 0 ]]; then - echo "This script must be run as root. Please use 'sudo'." - exit 1 -fi - -# Install dependencies -apt-get install -y \ - tini snmp ca-certificates curl libwww-perl arp-scan perl apt-utils cron sudo \ - nginx-light php php-cgi php-fpm php-sqlite3 php-curl sqlite3 dnsutils net-tools \ - python3 python3-dev iproute2 nmap python3-pip zip usbutils traceroute nbtscan avahi-daemon avahi-utils openrc build-essential git - -# alternate dependencies -sudo apt-get install nginx nginx-core mtr php-fpm php8.2-fpm php-cli php8.2 php8.2-sqlite3 -y -sudo phpenmod -v 8.2 sqlite3 - -# setup virtual python environment so we can use pip3 to install packages -apt-get install python3.11-venv -y -python3 -m venv myenv -source myenv/bin/activate - -update-alternatives --install /usr/bin/python python /usr/bin/python3 10 - -# install packages thru pip3 -pip3 install openwrt-luci-rpc asusrouter asyncio aiohttp graphene flask flask-cors unifi-sm-api tplink-omada-client wakeonlan pycryptodome requests paho-mqtt scapy cron-converter pytz json2table dhcp-leases pyunifi speedtest-cli chardet python-nmap dnspython librouteros yattag git+https://github.com/foreign-sub/aiofreepybox.git - diff --git a/install/netalertx.debian.conf b/install/netalertx.debian.conf deleted file mode 100755 index 4cb02a9a..00000000 --- a/install/netalertx.debian.conf +++ /dev/null @@ -1,20 +0,0 @@ -server { - listen 20211 default_server; - root /var/www/html/netalertx; - index index.php; - #rewrite /app/(.*) / permanent; - add_header X-Forwarded-Prefix "/netalertx" always; - proxy_set_header X-Forwarded-Prefix "/netalertx"; - - location ~* \.php$ { - # Set Cache-Control header to prevent caching on the first load - add_header Cache-Control "no-store"; - fastcgi_pass unix:/run/php/php8.2-fpm.sock; - include fastcgi_params; - fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; - fastcgi_param SCRIPT_NAME $fastcgi_script_name; - fastcgi_connect_timeout 75; - fastcgi_send_timeout 600; - fastcgi_read_timeout 600; - } -} diff --git a/install/start.debian.sh b/install/start.debian.sh deleted file mode 100755 index 4a88d509..00000000 --- a/install/start.debian.sh +++ /dev/null @@ -1,169 +0,0 @@ -#!/usr/bin/env bash - -echo "---------------------------------------------------------" -echo "[INSTALL] Run start.debian.sh" -echo "---------------------------------------------------------" - - -INSTALL_DIR=/app # Specify the installation directory here - -# DO NOT CHANGE ANYTHING BELOW THIS LINE! -CONF_FILE=app.conf -DB_FILE=app.db -NGINX_CONF_FILE=netalertx.debian.conf -WEB_UI_DIR=/var/www/html/netalertx -NGINX_CONFIG_FILE=/etc/nginx/conf.d/$NGINX_CONF_FILE -OUI_FILE="/usr/share/arp-scan/ieee-oui.txt" # Define the path to ieee-oui.txt and ieee-iab.txt -INSTALL_PATH=$INSTALL_DIR/ -FILEDB=$INSTALL_PATH/db/$DB_FILE -# DO NOT CHANGE ANYTHING ABOVE THIS LINE! - -# if custom variables not set we do not need to do anything -if [ -n "${TZ}" ]; then - FILECONF=$INSTALL_PATH/config/$CONF_FILE - if [ -f "$FILECONF" ]; then - sed -ie "s|Europe/Berlin|${TZ}|g" $INSTALL_PATH/config/$CONF_FILE - else - sed -ie "s|Europe/Berlin|${TZ}|g" $INSTALL_PATH/back/$CONF_FILE.bak - fi -fi - -# Check if script is run as root -if [[ $EUID -ne 0 ]]; then - echo "This script must be run as root. Please use 'sudo'." - exit 1 -fi - -# Run setup scripts -echo "[INSTALL] Run setup scripts" - -"${INSTALL_PATH}/install/install_dependencies.debian.sh" # if modifying this file transfer the changes into the root Dockerfile.debian as well! - -echo "[INSTALL] Setup NGINX" - -# Remove default NGINX site if it is symlinked, or backup it otherwise -if [ -L /etc/nginx/sites-enabled/default ] ; then - echo "Disabling default NGINX site, removing sym-link in /etc/nginx/sites-enabled" - sudo rm /etc/nginx/sites-enabled/default -elif [ -f /etc/nginx/sites-enabled/default ]; then - echo "Disabling default NGINX site, moving config to /etc/nginx/sites-available" - sudo mv /etc/nginx/sites-enabled/default /etc/nginx/sites-available/default.bkp_netalertx -fi - -# Clear existing directories and files -if [ -d $WEB_UI_DIR ]; then - echo "Removing existing NetAlertX web-UI" - sudo rm -R $WEB_UI_DIR -fi - -if [ -f $NGINX_CONFIG_FILE ]; then - echo "Removing existing NetAlertX NGINX config" - sudo rm $NGINX_CONFIG_FILE -fi - -# create symbolic link to the install directory -ln -s $INSTALL_PATH/front $WEB_UI_DIR -# create symbolic link to NGINX configuration coming with NetAlertX -sudo ln -s "${INSTALL_PATH}/install/netalertx.debian.conf" /etc/nginx/conf.d/$NGINX_CONF_FILE - -# Use user-supplied port if set -if [ -n "${PORT}" ]; then - echo "Setting webserver to user-supplied port ($PORT)" - sudo sed -i 's/listen 20211/listen '"$PORT"'/g' /etc/nginx/conf.d/$NGINX_CONF_FILE -fi - -# Change web interface address if set -if [ -n "${LISTEN_ADDR}" ]; then - echo "Setting webserver to user-supplied address (${LISTEN_ADDR})" - sed -ie 's/listen /listen '"${LISTEN_ADDR}":'/g' /etc/nginx/conf.d/$NGINX_CONF_FILE -fi - -# Run the hardware vendors update at least once -echo "[INSTALL] Run the hardware vendors update" - -# Check if ieee-oui.txt or ieee-iab.txt exist -if [ -f "$OUI_FILE" ]; then - echo "The file ieee-oui.txt exists. Skipping update_vendors.sh..." -else - echo "The file ieee-oui.txt does not exist. Running update_vendors..." - - # Run the update_vendors.sh script - if [ -f "${INSTALL_PATH}/back/update_vendors.sh" ]; then - "${INSTALL_PATH}/back/update_vendors.sh" - else - echo "update_vendors.sh script not found in $INSTALL_DIR." - fi -fi - -# Create an empty log files - -# Create the execution_queue.log file if it doesn't exist -touch "${INSTALL_DIR}"/log/{app.log,execution_queue.log,app_front.log,app.php_errors.log,stderr.log,stdout.log,db_is_locked.log} -touch "${INSTALL_DIR}"/api/user_notifications.json -# Create plugins sub-directory if it doesn't exist in case a custom log folder is used -mkdir -p "${INSTALL_DIR}"/log/plugins - -# Fixing file permissions -echo "[INSTALL] Fixing file permissions" -chown root:www-data "${INSTALL_DIR}"/api/user_notifications.json - -echo "[INSTALL] Fixing WEB_UI_DIR: ${WEB_UI_DIR}" - -chmod -R a+rwx $WEB_UI_DIR - -echo "[INSTALL] Fixing INSTALL_DIR: ${INSTALL_DIR}" - -chmod -R a+rw $INSTALL_PATH/log -chmod -R a+rwx $INSTALL_DIR - -echo "[INSTALL] Copy starter $DB_FILE and $CONF_FILE if they don't exist" - -# DANGER ZONE: ALWAYS_FRESH_INSTALL -if [ "$ALWAYS_FRESH_INSTALL" = true ]; then - echo "[INSTALL] ❗ ALERT /db and /config folders are cleared because the ALWAYS_FRESH_INSTALL is set to: ${ALWAYS_FRESH_INSTALL}❗" - # Delete content of "/config/" - rm -rf "${INSTALL_PATH}/config/"* - - # Delete content of "/db/" - rm -rf "${INSTALL_PATH}/db/"* -fi - - -# Copy starter $DB_FILE and $CONF_FILE if they don't exist -cp -n "${INSTALL_PATH}/back/$CONF_FILE" "${INSTALL_PATH}/config/$CONF_FILE" -cp -n "${INSTALL_PATH}/back/$DB_FILE" "$FILEDB" - -echo "[INSTALL] Fixing permissions after copied starter config & DB" - -if [ -f "$FILEDB" ]; then - chown -R www-data:www-data $FILEDB -fi - -chmod -R a+rwx $INSTALL_DIR # second time after we copied the files -chmod -R a+rw $INSTALL_PATH/config -sudo chgrp -R www-data $INSTALL_PATH - -# Check if buildtimestamp.txt doesn't exist -if [ ! -f "${INSTALL_PATH}/front/buildtimestamp.txt" ]; then - # Create buildtimestamp.txt - date +%s > "${INSTALL_PATH}/front/buildtimestamp.txt" -fi - -# start PHP -/etc/init.d/php8.2-fpm start -/etc/init.d/nginx start - -# Start Nginx and your application to start at boot (if needed) -# systemctl start nginx -# systemctl enable nginx - -# # systemctl enable pi-alert -# sudo systemctl restart nginx - -# Activate the virtual python environment -source myenv/bin/activate - -echo "[INSTALL] 🚀 Starting app - navigate to your :${PORT}" - -# Start the NetAlertX python script -python $INSTALL_PATH/server/ From 9943c980558e777ba3587515876aaedb06ec689f Mon Sep 17 00:00:00 2001 From: Ingo Ratsdorf Date: Fri, 12 Sep 2025 14:55:30 +1200 Subject: [PATCH 4/7] DOC updates --- docs/REVERSE_PROXY.md | 88 ++++++++++++++++++++++++++++--------------- 1 file changed, 57 insertions(+), 31 deletions(-) diff --git a/docs/REVERSE_PROXY.md b/docs/REVERSE_PROXY.md index 81c34692..f0a4c730 100755 --- a/docs/REVERSE_PROXY.md +++ b/docs/REVERSE_PROXY.md @@ -2,9 +2,13 @@ > Submitted by amazing [cvc90](https://github.com/cvc90) 🙏 - > [!NOTE] -> There are 2 NGINX files for NetAlertX, one for the bare-metal Debian install (`netalertx.debian.conf`), and one for the docker container (`netalertx.template.conf`). Both can be found in the [install](https://github.com/jokob-sk/NetAlertX/tree/main/install) folder. Map, or use, the one appropriate for your setup. +> There are various NGINX config files for NetAlertX, some for the bare-metal install, currently Debian 12 and Ubuntu 24 (`netalertx.conf`), and one for the docker container (`netalertx.template.conf`). +> +> The first one you can find in the respective bare metal installer folder `/app/install/\/netalertx.conf`. +> The docker one can be found in the [install](https://github.com/jokob-sk/NetAlertX/tree/main/install) folder. Map, or use, the one appropriate for your setup. + +
    ## NGINX HTTP Configuration (Direct Path) @@ -26,9 +30,11 @@ `nginx -s reload` or `systemctl restart nginx` -4. Once NGINX restarts, you should be able to access the proxy website at http://netalertx/ +4. Check your config with `nginx -t`. If there are any issues, it will tell you. -
    +5. Once NGINX restarts, you should be able to access the proxy website at http://netalertx/ + +
    ## NGINX HTTP Configuration (Sub Path) @@ -50,13 +56,15 @@ } ``` -3. Activate the new website by running the following command: +4. Check your config with `nginx -t`. If there are any issues, it will tell you. + +5. Activate the new website by running the following command: `nginx -s reload` or `systemctl restart nginx` -4. Once NGINX restarts, you should be able to access the proxy website at http://netalertx/netalertx/ +6. Once NGINX restarts, you should be able to access the proxy website at http://netalertx/netalertx/ -
    +
    ## NGINX HTTP Configuration (Sub Path) with module ngx_http_sub_module @@ -86,13 +94,15 @@ } ``` -3. Activate the new website by running the following command: +3. Check your config with `nginx -t`. If there are any issues, it will tell you. + +4. Activate the new website by running the following command: `nginx -s reload` or `systemctl restart nginx` -4. Once NGINX restarts, you should be able to access the proxy website at http://netalertx/netalertx/ +5. Once NGINX restarts, you should be able to access the proxy website at http://netalertx/netalertx/ -
    +
    **NGINX HTTPS Configuration (Direct Path)** @@ -113,13 +123,15 @@ } ``` -3. Activate the new website by running the following command: +4. Check your config with `nginx -t`. If there are any issues, it will tell you. + +5. Activate the new website by running the following command: `nginx -s reload` or `systemctl restart nginx` -4. Once NGINX restarts, you should be able to access the proxy website at https://netalertx/ +6. Once NGINX restarts, you should be able to access the proxy website at https://netalertx/ -
    +
    **NGINX HTTPS Configuration (Sub Path)** @@ -143,13 +155,15 @@ } ``` -3. Activate the new website by running the following command: +4. Check your config with `nginx -t`. If there are any issues, it will tell you. + +5. Activate the new website by running the following command: `nginx -s reload` or `systemctl restart nginx` -4. Once NGINX restarts, you should be able to access the proxy website at https://netalertx/netalertx/ +6. Once NGINX restarts, you should be able to access the proxy website at https://netalertx/netalertx/ -
    +
    ## NGINX HTTPS Configuration (Sub Path) with module ngx_http_sub_module @@ -181,13 +195,15 @@ } ``` -3. Activate the new website by running the following command: +4. Check your config with `nginx -t`. If there are any issues, it will tell you. + +5. Activate the new website by running the following command: `nginx -s reload` or `systemctl restart nginx` -4. Once NGINX restarts, you should be able to access the proxy website at https://netalertx/netalertx/ +6. Once NGINX restarts, you should be able to access the proxy website at https://netalertx/netalertx/ -
    +
    ## Apache HTTP Configuration (Direct Path) @@ -204,13 +220,15 @@ ``` -3. Activate the new website by running the following command: +4. Check your config with `httpd -t`. If there are any issues, it will tell you. + +5. Activate the new website by running the following command: `a2ensite netalertx` or `service apache2 reload` -4. Once Apache restarts, you should be able to access the proxy website at http://netalertx/ +6. Once Apache restarts, you should be able to access the proxy website at http://netalertx/ -
    +
    ## Apache HTTP Configuration (Sub Path) @@ -229,13 +247,15 @@ ``` -3. Activate the new website by running the following command: +4. Check your config with `httpd -t`. If there are any issues, it will tell you. + +5. Activate the new website by running the following command: `a2ensite netalertx` or `service apache2 reload` -4. Once Apache restarts, you should be able to access the proxy website at http://netalertx/ +6. Once Apache restarts, you should be able to access the proxy website at http://netalertx/ -
    +
    ## Apache HTTPS Configuration (Direct Path) @@ -255,13 +275,15 @@ ``` -3. Activate the new website by running the following command: +4. Check your config with `httpd -t`. If there are any issues, it will tell you. + +5. Activate the new website by running the following command: `a2ensite netalertx` or `service apache2 reload` -4. Once Apache restarts, you should be able to access the proxy website at https://netalertx/ +6. Once Apache restarts, you should be able to access the proxy website at https://netalertx/ -
    +
    ## Apache HTTPS Configuration (Sub Path) @@ -283,11 +305,15 @@ ``` -3. Activate the new website by running the following command: +4. Check your config with `httpd -t`. If there are any issues, it will tell you. + +5. Activate the new website by running the following command: `a2ensite netalertx` or `service apache2 reload` -4. Once Apache restarts, you should be able to access the proxy website at https://netalertx/netalertx/ +6. Once Apache restarts, you should be able to access the proxy website at https://netalertx/netalertx/ + +
    ## Reverse proxy example by using LinuxServer's SWAG container. @@ -349,6 +375,7 @@ location ^~ /netalertx/ { } ``` +
    ## Traefik @@ -480,4 +507,3 @@ docker run -d --rm --network=host \ ghcr.io/jokob-sk/netalertx:latest ``` - From e00f26658bbefe1c574e834a88c7677a85344931 Mon Sep 17 00:00:00 2001 From: Ingo Ratsdorf Date: Fri, 12 Sep 2025 15:16:25 +1200 Subject: [PATCH 5/7] CodeRabbit suggestions --- docs/REVERSE_PROXY.md | 10 +++++----- install/debian12/start.debian12.sh | 4 ++-- 2 files changed, 7 insertions(+), 7 deletions(-) diff --git a/docs/REVERSE_PROXY.md b/docs/REVERSE_PROXY.md index f0a4c730..5a29ec9b 100755 --- a/docs/REVERSE_PROXY.md +++ b/docs/REVERSE_PROXY.md @@ -220,7 +220,7 @@ ``` -4. Check your config with `httpd -t`. If there are any issues, it will tell you. +4. Check your config with `httpd -t` (or `apache2ctl -t` on Debian/Ubuntu). If there are any issues, it will tell you. 5. Activate the new website by running the following command: @@ -247,7 +247,7 @@ ``` -4. Check your config with `httpd -t`. If there are any issues, it will tell you. +4. Check your config with `httpd -t` (or `apache2ctl -t` on Debian/Ubuntu). If there are any issues, it will tell you. 5. Activate the new website by running the following command: @@ -275,7 +275,7 @@ ``` -4. Check your config with `httpd -t`. If there are any issues, it will tell you. +4. Check your config with `httpd -t` (or `apache2ctl -t` on Debian/Ubuntu). If there are any issues, it will tell you. 5. Activate the new website by running the following command: @@ -305,7 +305,7 @@ ``` -4. Check your config with `httpd -t`. If there are any issues, it will tell you. +4. Check your config with `httpd -t` (or `apache2ctl -t` on Debian/Ubuntu). If there are any issues, it will tell you. 5. Activate the new website by running the following command: @@ -381,7 +381,7 @@ location ^~ /netalertx/ { > Submitted by [Isegrimm](https://github.com/Isegrimm) 🙏 (based on this [discussion](https://github.com/jokob-sk/NetAlertX/discussions/449#discussioncomment-7281442)) -Asuming the user already has a working Traefik setup, this is what's needed to make NetAlertX work at a URL like www.domain.com/netalertx/. +Assuming the user already has a working Traefik setup, this is what's needed to make NetAlertX work at a URL like www.domain.com/netalertx/. Note: Everything in these configs assumes '**www.domain.com**' as your domainname and '**section31**' as an arbitrary name for your certificate setup. You will have to substitute these with your own. diff --git a/install/debian12/start.debian12.sh b/install/debian12/start.debian12.sh index 1ab24ae8..ac9256c3 100644 --- a/install/debian12/start.debian12.sh +++ b/install/debian12/start.debian12.sh @@ -9,7 +9,7 @@ echo "This script will set up and start NetAlertX on your Debian12 system." INSTALL_DIR=/app # Specify the installation directory here # DO NOT CHANGE ANYTHING BELOW THIS LINE! -INSTALLER_DIR=$INSTALL_DIR/install/ubuntu24 +INSTALLER_DIR=$INSTALL_DIR/install/debian12 CONF_FILE=app.conf DB_FILE=app.db NGINX_CONF_FILE=netalertx.conf @@ -44,7 +44,7 @@ echo "---------------------------------------------------------" echo -"${INSTALL_PATH}/install/debian12/install_dependencies.debian12.sh" # if modifying this file transfer the changes into the root Dockerfile.debian as well! +"${INSTALLER_DIR}/install_dependencies.debian12.sh" # if modifying this file transfer the changes into the root Dockerfile.debian as well! echo "---------------------------------------------------------" From 8f00a2845455b5abbaca2fdc9c12ed7144376054 Mon Sep 17 00:00:00 2001 From: Ingo Ratsdorf Date: Fri, 12 Sep 2025 15:40:51 +1200 Subject: [PATCH 6/7] Numbering sequence corrected --- docs/REVERSE_PROXY.md | 48 +++++++++++++++++++++---------------------- 1 file changed, 24 insertions(+), 24 deletions(-) diff --git a/docs/REVERSE_PROXY.md b/docs/REVERSE_PROXY.md index 5a29ec9b..1f56d109 100755 --- a/docs/REVERSE_PROXY.md +++ b/docs/REVERSE_PROXY.md @@ -56,13 +56,13 @@ } ``` -4. Check your config with `nginx -t`. If there are any issues, it will tell you. +3. Check your config with `nginx -t`. If there are any issues, it will tell you. -5. Activate the new website by running the following command: +4. Activate the new website by running the following command: `nginx -s reload` or `systemctl restart nginx` -6. Once NGINX restarts, you should be able to access the proxy website at http://netalertx/netalertx/ +5. Once NGINX restarts, you should be able to access the proxy website at http://netalertx/netalertx/
    @@ -123,13 +123,13 @@ } ``` -4. Check your config with `nginx -t`. If there are any issues, it will tell you. +3. Check your config with `nginx -t`. If there are any issues, it will tell you. -5. Activate the new website by running the following command: +4. Activate the new website by running the following command: `nginx -s reload` or `systemctl restart nginx` -6. Once NGINX restarts, you should be able to access the proxy website at https://netalertx/ +5. Once NGINX restarts, you should be able to access the proxy website at https://netalertx/
    @@ -155,13 +155,13 @@ } ``` -4. Check your config with `nginx -t`. If there are any issues, it will tell you. +3. Check your config with `nginx -t`. If there are any issues, it will tell you. -5. Activate the new website by running the following command: +4. Activate the new website by running the following command: `nginx -s reload` or `systemctl restart nginx` -6. Once NGINX restarts, you should be able to access the proxy website at https://netalertx/netalertx/ +5. Once NGINX restarts, you should be able to access the proxy website at https://netalertx/netalertx/
    @@ -195,13 +195,13 @@ } ``` -4. Check your config with `nginx -t`. If there are any issues, it will tell you. +3. Check your config with `nginx -t`. If there are any issues, it will tell you. -5. Activate the new website by running the following command: +4. Activate the new website by running the following command: `nginx -s reload` or `systemctl restart nginx` -6. Once NGINX restarts, you should be able to access the proxy website at https://netalertx/netalertx/ +5. Once NGINX restarts, you should be able to access the proxy website at https://netalertx/netalertx/
    @@ -220,13 +220,13 @@ ``` -4. Check your config with `httpd -t` (or `apache2ctl -t` on Debian/Ubuntu). If there are any issues, it will tell you. +3. Check your config with `httpd -t` (or `apache2ctl -t` on Debian/Ubuntu). If there are any issues, it will tell you. -5. Activate the new website by running the following command: +4. Activate the new website by running the following command: `a2ensite netalertx` or `service apache2 reload` -6. Once Apache restarts, you should be able to access the proxy website at http://netalertx/ +5. Once Apache restarts, you should be able to access the proxy website at http://netalertx/
    @@ -247,13 +247,13 @@ ``` -4. Check your config with `httpd -t` (or `apache2ctl -t` on Debian/Ubuntu). If there are any issues, it will tell you. +3. Check your config with `httpd -t` (or `apache2ctl -t` on Debian/Ubuntu). If there are any issues, it will tell you. -5. Activate the new website by running the following command: +4. Activate the new website by running the following command: `a2ensite netalertx` or `service apache2 reload` -6. Once Apache restarts, you should be able to access the proxy website at http://netalertx/ +5. Once Apache restarts, you should be able to access the proxy website at http://netalertx/
    @@ -275,13 +275,13 @@ ``` -4. Check your config with `httpd -t` (or `apache2ctl -t` on Debian/Ubuntu). If there are any issues, it will tell you. +3. Check your config with `httpd -t` (or `apache2ctl -t` on Debian/Ubuntu). If there are any issues, it will tell you. -5. Activate the new website by running the following command: +4. Activate the new website by running the following command: `a2ensite netalertx` or `service apache2 reload` -6. Once Apache restarts, you should be able to access the proxy website at https://netalertx/ +5. Once Apache restarts, you should be able to access the proxy website at https://netalertx/
    @@ -305,13 +305,13 @@ ``` -4. Check your config with `httpd -t` (or `apache2ctl -t` on Debian/Ubuntu). If there are any issues, it will tell you. +3. Check your config with `httpd -t` (or `apache2ctl -t` on Debian/Ubuntu). If there are any issues, it will tell you. -5. Activate the new website by running the following command: +4. Activate the new website by running the following command: `a2ensite netalertx` or `service apache2 reload` -6. Once Apache restarts, you should be able to access the proxy website at https://netalertx/netalertx/ +5. Once Apache restarts, you should be able to access the proxy website at https://netalertx/netalertx/
    From 2762e8a30d7365a4b6a5b5dfd72e3f38991564a7 Mon Sep 17 00:00:00 2001 From: Ingo Ratsdorf Date: Sat, 13 Sep 2025 18:25:22 +1200 Subject: [PATCH 7/7] fixing out of memory issues TMPFS runs out of memory, so removing size limits. Fixing some order of execution --- install/ubuntu24/start.ubuntu24.sh | 27 ++++++++++++++++++--------- 1 file changed, 18 insertions(+), 9 deletions(-) diff --git a/install/ubuntu24/start.ubuntu24.sh b/install/ubuntu24/start.ubuntu24.sh index 71f53440..0770b3b7 100644 --- a/install/ubuntu24/start.ubuntu24.sh +++ b/install/ubuntu24/start.ubuntu24.sh @@ -138,22 +138,31 @@ else fi fi -# create log and api mounts - +echo "---------------------------------------------------------" echo "[INSTALL] Create log and api mounts" -mkdir -p "${INSTALL_DIR}/log" "${INSTALL_DIR}/api" -umount "${INSTALL_DIR}/log" 2>/dev/null || true -umount "${INSTALL_DIR}/api" 2>/dev/null || true -mount -t tmpfs -o size=32m,noexec,nosuid,nodev tmpfs "${INSTALL_DIR}/log" -mount -t tmpfs -o size=16m,noexec,nosuid,nodev tmpfs "${INSTALL_DIR}/api" -# Create an empty log files +echo "---------------------------------------------------------" +echo -# Create the execution_queue.log file if it doesn't exist +echo "[INSTALL] Cleaning up old mounts if any" +umount "${INSTALL_DIR}/log" +umount "${INSTALL_DIR}/api" + +echo "[INSTALL] Creating log and api folders if they don't exist" +mkdir -p "${INSTALL_DIR}/log" "${INSTALL_DIR}/api" + +echo "[INSTALL] Mounting log and api folders as tmpfs" +mount -t tmpfs -o noexec,nosuid,nodev tmpfs "${INSTALL_DIR}/log" +mount -t tmpfs -o noexec,nosuid,nodev tmpfs "${INSTALL_DIR}/api" + + +# Create log files if they don't exist +echo "[INSTALL] Creating log files if they don't exist" touch "${INSTALL_DIR}"/log/{app.log,execution_queue.log,app_front.log,app.php_errors.log,stderr.log,stdout.log,db_is_locked.log} touch "${INSTALL_DIR}"/api/user_notifications.json # Create plugins sub-directory if it doesn't exist in case a custom log folder is used mkdir -p "${INSTALL_DIR}"/log/plugins + # Fixing file permissions echo "[INSTALL] Fixing file permissions" chown root:www-data "${INSTALL_DIR}"/api/user_notifications.json