If you have Nginx reverse Proxy you need to Forward requests to subfolder cacti
location = / {
return 301 /cacti;
}
Greetings
If you have Nginx reverse Proxy you need to Forward requests to subfolder cacti
location = / {
return 301 /cacti;
}
Greetings
For help visit me at http://forum.its-egner.de
At first clone Repo and change Directory
git clone https://github.com/Its-egner/Cacti.git
cd Cacti
Edit docker-compose File, change Passwords! and bring Container up.
docker compose up -d
Container will build and start
Chown the Files to
chown 33:33 cacti_log/ cacti_plugins/ cacti_rra/
Do Database initialisation with
docker exec -ti cacti_app bash /var/www/html/init-db.sh
visit cacti <your_IP>:7070/cacti
If prompt for Login use admin admin
If you want to use Spine, enter config Path
/usr/local/spine/etc/spine.conf
Hi everyone,
I start building my own cacti Container from scratch, because there is no good one out there, wich is easy upgradable.
leckeres Japan. Curry und hausgemachte Limonade
Mannheim Innenstadt
Hi,
first we need the check in nodebb/.docker/config
vi healtcheck.js
const http = require('http');
const options = {
host: '127.0.0.1',
port: 4567,
timeout: 2000
};
const healthCheck = http.request(options, (res) => {
console.log(`HEALTHCHECK STATUS: ${res.statusCode}`);
if (res.statusCode == 200) {
process.exit(0);
}
else {
process.exit(1);
}
});
healthCheck.on('error', function (err) {
console.error('ERROR');
process.exit(1);
});
healthCheck.end();
Then we can add the check in our yml File
healthcheck:
test: ["CMD", "node", "/opt/config/healthcheck.js"]
interval: 5s
timeout: 3s
retries: 5
start_period: 15s
To check if everything is Working we can watch docker ps, it should be healthy there or use docker inspeckt
docker inspect --format='{{json .State.Health}}' <container-id>
Greetings
Willkommen beim IT-Support! Wir sind hier, um Ihnen bei allen technischen Fragen und Problemen schnell und zuverlässig zu helfen. Egal, ob Sie Unterstützung bei Software, Hardware oder Netzwerken benötigen – unser Team steht Ihnen mit Rat und Tat zur Seite. Zögern Sie nicht, uns zu kontaktieren – wir sorgen dafür, dass Ihre IT reibungslos läuft!
Welcome to our IT Support! We are here to assist you with all your technical questions and issues quickly and reliably. Whether you need help with software, hardware, or networks – our team is ready to support you. Don't hesitate to contact us – we ensure your IT runs smoothly!
Here I want to share my yml File, because there are very few on the Internet.
version: '3.3'
services:
uptime-kuma:
image: louislam/uptime-kuma:1
container_name: uptime-kuma
volumes:
- ./uptime-kuma-data:/app/data
- /var/run/docker.sock:/var/run/docker.sock
ports:
- 3001:3001 # <Host Port>:<Container Port>
restart: always
healthcheck:
test: ["CMD", "curl", "-f", "http://localhost:3001"]
interval: 5s
timeout: 3s
retries: 5
start_period: 10s
At first you need to clone the reposetory:
git clone https://github.com/NodeBB/NodeBB.git
Go to NodeBB and chmod and chown the Docker dir.
chown -R 1001:1001 .docker
chmod -R 755 .docker
Start Building Nodebb with:
docker compose --profile mongo up -d
you can also use redis or postgres as Database.
Greetings
Here I describe how you connect the Unifi Controller to external Database.
At first you need the MongoDB Container.
create docker-compose.yml in folder mongodb where you want it:
services:
mongo:
image: 'mongo:4.4'
restart: unless-stopped
ports:
- '27017:27017'
environment:
MONGO_INITDB_ROOT_USERNAME: test
MONGO_INITDB_ROOT_PASSWORD: password
MONGO_INITDB_DATABASE: test
volumes:
- mongo-data:/data/db
volumes:
mongo-data:
Then you need to create User for Unifi Controller like this:
use unifi
db.createUser(
{
user: "unifi",
pwd: "password", // or cleartext password
roles: [
{ role: "readWrite", db:"admin" } ,
{ role: "readWrite", db:"unifi" } ,
{ role: "readWrite", db:"unifi_stat" }
]
}
)
Now we can another folder called unifi and also create the docker-compose.yml
version: '2.3'
services:
controller:
image: "jacobalberty/unifi:latest"
container_name: unifi_controller
init: true
restart: always
volumes:
- dir:/unifi
- data:/unifi/data
- log:/unifi/log
- cert:/unifi/cert
- init:/unifi/init.d
- run:/var/run/unifi
# Mount local folder for backups and autobackups
- ./backup:/unifi/data/backup
user: unifi
sysctls:
net.ipv4.ip_unprivileged_port_start: 0
environment:
# DB_URI: mongodb://mongo/unifi
#STATDB_URI: mongodb://mongo/unifi_stat
DB_URI: mongodb://unifi:password@89.58.43.67:27017/unifi?authSource=unifi
STATDB_URI: mongodb://unifi:password@89.58.43.67:27017/unifi_stat?authSource=unifi
DB_NAME: unifi
ports:
- "3478:3478/udp" # STUN
- "5514:5514/tcp" # Remote Logging
- "6789:6789/tcp" # Speed test
- "8080:8080/tcp" # Device/ controller comm.
- "8443:8443/tcp" # Controller GUI/API as seen in a web browser
- "8880:8880/tcp" # HTTP portal redirection
- "8843:8843/tcp" # HTTPS portal redirection
- "10001:10001/udp" # AP discovery
logs:
image: bash
container_name: unifi_logs
depends_on:
- controller
command: bash -c 'tail -F /unifi/log/*.log'
restart: always
volumes:
- log:/unifi/log
volumes:
data:
log:
cert:
init:
dir:
run:
At first you need Backup of your Database.
You can do that with mongodump:
mongodump --db nodebb -u nodebb -p password --gzip --archive=/root/nodebb-backup/mongodb-nodebb-`date +"%d-%m-%y"`.gz
than we create a folder and copy yml to file
mkdir mongodb nodebb-backup
vi /root/mongodb/docker-compose.yml
services:
mongo:
image: 'mongo:4.4'
restart: unless-stopped
ports:
- '27017:27017'
# environment:
# MONGO_INITDB_ROOT_USERNAME: nodebb
# MONGO_INITDB_ROOT_PASSWORD: password
# MONGO_INITDB_DATABASE: nodebb
volumes:
- mongo-data:/data/db
- /root/nodebb-backup:/root
volumes:
mongo-data:
Then we start docker Container with your already installed docker and docker-compose file.
docker-compose up -d
Then we have mongo container running without authentication.
We can now import the database backup you made earlier with:
docker exec -ti $(docker ps -qf name=mongodb-mongo-1) mongorestore --db nodebb --gzip --archive=/root/mongodb-nodebb-02-04-25_v4-4.gz
Now you can live with no authentication or you need to add root and user to the Database
you need add following to mongodb
docker exec -ti $(docker ps -qf name=mongodb-mongo-1) bash
mongo
use admin
db.getSiblingDB('admin').createUser(
{
user:"root",
pwd:"password",
roles: ["root"]
})
use nodebb
db.createUser(
{
user: "nodebb2",
pwd: "password", // or cleartext password
roles: [
{ role: "readWrite", db:"nodebb" }
]
}
)
exit
Now you can enable authentication with enabling it in yml file
services:
mongo:
image: 'mongo:4.4'
restart: unless-stopped
ports:
- '27018:27017'
environment:
MONGO_INITDB_ROOT_USERNAME: nodebb
MONGO_INITDB_ROOT_PASSWORD: password
MONGO_INITDB_DATABASE: nodebb
volumes:
- mongo-data:/data/db
- /root/nodebb-backup:/root
volumes:
mongo-data:
Then do docker-compose up -d
docker exec -ti $(docker ps -qf name=mongodb-mongo-1) bash
mongo
use nodebb
db.auth('nodebb2','password');
If everything is working correctly you see an ok statement here.
Greetings
I wan to write an Articlle about this Topic because I havent found one what is including all I want and have to Figure it Out by myself.
At first wen need a Folder and get our Docker Compose File running
mkdir fail2ban
cd fail2ban
vi docker-compose.yml
Paste the following text into the editor:
version: "3"
services:
fail2ban:
container_name: fail2ban
hostname: fail2ban
cap_add:
- NET_ADMIN
- NET_RAW
environment:
- TZ=Europe/Berlin
- F2B_DB_PURGE_AGE=14d
- SSMTP_HOST=<your-mail-server>
- SSMTP_PORT=25
- SSMTP_HOSTNAME=<hostname-of-your-container>
image: crazymax/fail2ban:latest
network_mode: host
restart: unless-stopped
volumes:
- /root/fail2ban/data:/data
- /root/ngix-proxy-manager/data/logs:/var/log/npm
- /var/log:/var/log/varlog
Save the file and start the Container with
docker-compose up -d
The Fail2ban Container will be loaded and is starting. There should be a data dir now with 4 folders
action.d
db
filter.d
jail.d
The db Folder can be ignored, now we need to create a jail.local in jail.d
vi jail.d/jail.local
Paste the following in there.:
[DEFAULT]
# "bantime.increment" allows to use database for searching of previously banned ip's to increase a
# default ban time using special formula, default it is banTime * 1, 2, 4, 8, 16, 32...
bantime.increment = true
# "bantime.rndtime" is the max number of seconds using for mixing with random time
# to prevent "clever" botnets calculate exact time IP can be unbanned again:
bantime.rndtime = 2048
# following example can be used for small initial ban time (bantime=60) - it grows more aggressive at begin,
# for bantime=60 the multipliers are minutes and equal: 1 min, 5 min, 30 min, 1 hour, 5 hour, 12 hour, 1 day, 2 day
bantime.multipliers = 1 5 30 60 300 720 1440 2880
#Ban without sending E-Mail
#action = %(action_)s
#Ban and send E-Mail
action = %(action_mw)s
destemail = <dest email>
sender = <from email>
mta = sendmail
[npm]
# bots that trigger too many 403 or 404
# logs are comming from reverse proxy "nginx proxy manager"
enabled = true
ignoreip = 127.0.0.0/8 10.0.0.0/8 172.0.0.0/8 192.168.0.0/16
filter = npm-filter
chain = DOCKER-USER
logpath = /var/log/npm/proxy-host-*_access.log
maxretry = 5
findtime = 60
bantime = 600
[sshd]
enabled = true
port = ssh
filter = sshd
ignoreip = 127.0.0.0/8 10.0.0.0/8 172.27.0.0/16 192.168.0.0/16
chain = INPUT
logpath = /var/log/varlog/auth.log
findtime = 10m
maxretry = 5
bantime = -1
we Monitor the NPM and the Systems sshd here, thats why we mapped the Volume from local logs into the fail2ban container.
Next Step is to add filter Rules in filter.d for our NPM
vi filter.d/npm-filter.conf
[INCLUDES]
[Definition]
failregex = ^.+ (405|404|403|401|\-) (405|404|403|401) - .+ [Client <HOST>] [Length .+] .+ [Sent-to <F-CONTAINER>.+</F-CONTAINER>] <F-USERAGENT>".+"</F-USERAGENT> .+$
ignoreregex = ^.+ (404|\-) (404) - .+".+(\.png|\.txt|\.jpg|\.ico|\.js|\.css)[/]" [Client <HOST>] [Length .+] ".+" .+$
Now we have everything set up and we can restart the container with
docker-compose restart
Now we want to see what fail2ban is doing. We can check the logs by doing docker ps to show the running containers and docker logs <container-id> --follow
Thats it, feel Free to ask if you have problems with this Setup
Hi,
wer das Forum auch als Blog benutzen möchte, kann sich gerne bei mir melden. Würde dann eine eigene Kategorie anlegen.
Viele Grüße