Korshakov
-
Posts
38 -
Joined
-
Last visited
Content Type
Profiles
Forums
Downloads
Store
Gallery
Bug Reports
Documentation
Landing
Posts posted by Korshakov
-
-
Hey guys,
i am trying to monitor Unraid docker using Zabbix agent. My Zabbix cannot fetch data from docker engine and I am 100% assured that this is permission issue.
I've mounted all necessary volumes to the container:
/var/run/docker.sock:/var/run/docker.sock
/var/run:/var/run
/sys:/sys
/var/lib/docker/:/var/lib/docker/
When i run this command inside docker
ls -l /var/run/docker.sock
i get:
srw-rw---- 1 root 281 0 Oct 17 19:51 /var/run/docker.sock
When i run same command in unraid cli i get this:
srw-rw---- 1 root docker 0 Oct 17 19:51 /var/run/docker.sock=
I am not 100% sure if adding PGID=0 and PUID=0 has done any changes.
What I know for sure is that zabbix is accessing docker as user zabbix, so i created user zabbix and then added zabbix user to the docker group using this command:
gpasswd -a zabbix docker
But no luck at all. Can someone help please?
-
that worked per
1 hour ago, cirialkilr said:Try "python3 ./manage.py createsuperuser"
That worked for me.
Worked like charm! Thanks a mil.
For others make sure once you hit console button for your docker icon you need to be in correct directory to run that command.
commands:
1. get into correct directory with this command: "cd /app/netbox/netbox"
2. run "python3 ./manage.py createsuperuser"
3. type in info as it asks you
4. done
-
Make sure you are accessing it trough the allowed domain which you specified in template. Internal IP is not accessible unless you edit config file.
-
No luck there. I've tried to input email address also tried username, tried long simple passwords, complex passwords with special characters, complex passwords without special characters. No luck at all.
NOTE: with each try I have cleared database, appdata folder and redis.
-
19 minutes ago, saarg said:
Which XML file are you talking about?
There are variables in the template to set up the superuser.
Try to not use any special characters inn ASE unraid have an issue passing those to the run command.
Sorry I mean netbox template. I have tried simple passwords like "pass" and no luck should the user be actual email as written in template comments or just username?
-
Hello,
the installation went fine, but I can't to login for some reason. It keeps saying wrong username and password. (i did setup those in xml file)
I tried inside docker to run at: /app/netbox/netbox/ this command ./manage.py createsuperuser
getting this error: env: "python": no such file or directory
****
Also it would be a good idea maybe to add variable path for email notifications
And add variables for email setup:
# Email settings
EMAIL = {
'SERVER': 'localhost',
'PORT': 25,
'USERNAME': '',
'PASSWORD': '',
'USE_SSL': False,
'USE_TLS': False,
'TIMEOUT': 10, # seconds
'FROM_EMAIL': '',
}
-
17 hours ago, Korshakov said:
Hello, every time I restart xibo CMS the docker is stuck in maintenance mode and web end is at error 500. How can I overcome this?
Found the issue, the internal XMR option in front end setting is not visible only the public XMR is. To update the internal XMR i run this command in mysql xibo database:
UPDATE `setting` SET `value`='tcp://my_IP_address:50001', `userChange`=0, `userSee`=0 WHERE `setting`='XMR_ADDRESS';
-
Hello, every time I restart xibo CMS the docker is stuck in maintenance mode and web end is at error 500. How can I overcome this?
-
4 hours ago, Progeny42 said:
That'll likely be your problem. That App Key is too long.
Make sure you use this command to generate a key in the Unraid terminal:
openssl rand -base64 32Then in the Container Edit menu, put:
base64:yourappkeyheregod, so sorry about that i didnt think twice i didnt add the base64: before my key.... sorry again!
-
2 hours ago, Progeny42 said:
@Korshakov what is your App Key? This is the only time I've seen that issue.
This one:
6c510455e05c7a86522d7856de1ec8c2f7f635ef54d60b730ca3ebddd6d79034
-
I've been stuck whole day on "oops something went wrong". Nothing in logs neither inside docker logs. Docker can communicate to external mysql as tested that inside docker. Anything else I should check other than what was written here already?
-
I got it working at the end. Some confusion in guide caused it not to work propetly. Thank you!
-
11 minutes ago, muwahhid said:
spaceinvader I am calling you and your video guide))
hahaha yeah! @SpaceInvaderOne
-
I've been looking at it whole day and i can't really find out why it's not passing authorised session back to protected subdomain. Whatever i try i always get 401 redirection, which makes me feel like there is some sort of issue in proxy manager advanced settings for both auth and endpoint subdomain.
-
8 hours ago, Sycotix said:
@Korshakov I read your file data and found this:
error_page 401 =302 https://auth.YOURDOMAIN.com/?rd=$target_url;You need to update YOURDOMAIN. If you haven't yet, then yes, this would confirm your theory of a redirection issue.
I will add this in the documentation which seems I missed.
I did sorry i didn't send it to you properly.
-
i think iam havin issue somewhere else too. When i try to just simply bypass all rules i get 502 error on subdomain office, but when i try to set a rule i gets redirected to auth.domain but in logs it says erorr 401 user **** no authorised when i try to add user to the policy i ger 502 error.
My conclusion is what i beleive to be truth: that office domain sends to auth domain but auth domain sends back incorectly. I will send you my files in PM.
-
Hello and thank you for your fantastic work.
everything is working as it should but as soon as i try to apply default access control to deny and set custom rules iam getting 401 error. Here is the rule:
default_policy: deny
rules:
# Rules applied to 'admins' group
- domain: "office.lssolutions.ie"
subject: "group:admins"
policy: one_factori've looked at the documentation and i cant really see diffrence with this rule below:
- domain: "*.example.com"
subject:
- "group:admins"
policy: two_factor
-
Hello, please consider adding USER ID field to Telegram agent notifier. By that the agent sends messages only to specified user. Group ID would be handy too. Both features are supported by telegram and people can simply get their IDs by chatting with telegram's IDBot by ty typing /getid. As far as I am aware of its a matter of adding one line of code to the API.
This not really handy feature request but more of security and privacy feature request. The problem of telegram agent as it is now is that anyone can find your bot and once they send a message to it Unraid will send them all notifications too. So basically if 100 people finds my bot and says "hi or whatever to it" unraid notifies me and all other 100 people about for example "parity check started". I might be too much worried about that but I can really easily imagine how hacker could use these informations to determinate scheduled parity checks etc. etc.
Down the line maybe adding more bots for Mattermost, MS Teams, Discord etc etc. would be great too.
-
1 minute ago, ich777 said:
I created 2 of the 3 templates in the CA App (I think the Zabbix Agent is created by another user).
I will look into this but please keep in mind that it could take a bit since my spare time is at the time really, really, really limited...
First of all i will look into Agent2 and then i have to dig into postgres because i'm not really into it and i try everything before i release it... so this will take longer.
No problem at all, thank you VERY much in advance.
-
55 minutes ago, ich777 said:
Can you provide a link to the new container? I'm not really familar with Zabbix since i'm not using it, I only created the templates and tested if everything is working...
Zabbix Agent 2 Documentation:
https://www.zabbix.com/documentation/current/manual/concepts/agent2
Zabbix Agent2 Docker:
https://registry.hub.docker.com/r/zabbix/zabbix-agent2
Agent2 is officially released so no need to use trunk tag latest tag is perfect.
Something more to read about zabbix agent2
https://blog.zabbix.com/magic-of-new-zabbix-agent/8460/
If it was you who created those templates in "CA App Store in Unraid" then I WOULD LOVE YOU TO HIGH HEAVENS if you could make templates for zabbix server and web interface using postgres database as well. Zabbix has put a lot of time to postgres as its better than mysql due to constant writing to database. (its better for zabbix is what i mean).
Here are my codes i used to create dockers on centos machine (should be same on unraid too). And these has been running in real production for month so it should
***zabbix postgres server***
docker create \
--name zabbix-server \
--net mybridge \
--ip 5.0.10.20 \
--restart unless-stopped \
-e DB_SERVER_HOST="5.0.10.25" \
-e DB_SERVER_PORT="5432" \
-e POSTGRES_DATABASE="zabbix" \
-e POSTGRES_USER="zabbix" \
-e POSTGRES_PASSWORD="Clare3633" \
-e TZ="Europe/London" \
-v /etc/localtime:/etc/localtime:ro \
-v /etc/timezone:/etc/timezone:ro \
-p 10051:10051 \
zabbix/zabbix-server-pgsql:centos-trunk***zabbix web server***
docker create \
--name zabbix-web \
--net mybridge \
--ip 5.0.10.21 \
--restart unless-stopped \
-p 8686:8080 \
-e DB_SERVER_HOST="5.0.10.25" \
-e POSTGRES_USER="zabbix" \
-e POSTGRES_PASSWORD="Clare3633" \
-e ZBX_SERVER_HOST="5.0.10.20" \
-e PHP_TZ="Europe/London" \
-v /etc/localtime:/etc/localtime:ro \
-v /etc/timezone:/etc/timezone:ro \
zabbix/zabbix-web-nginx-pgsql:centos-trunk***zabbix-agent2***
docker create \
--name zabbix-agent \
--net mybridge \
--privileged \
--ip 5.0.10.22 \
--restart unless-stopped \
-e /etc/localtime:/etc/localtime:ro \
-e /etc/timezone:/etc/timezone:ro \
-e ZBX_HOSTNAME="Centos server" \
-e ZBX_SERVER_HOST="5.0.10.20" \
-e ZBX_ACTIVE_ALLOW="false" \
-e TZ=Europe/Dublin \
-v /var/run/docker.sock:/var/run/docker.sock \
-v /usr/bin/docker:/usr/bin/docker \
-v /mnt/appdata/zabbix-agent/config:/etc/zabbix/zabbix_agentd.d \
zabbix/zabbix-agent2:alpine-trunkBare in mind that zabbix agent and zabbix agent2 are two products so please do not replace your agent template which is there already. Also if i could recoomend to mount conf.d folder for both agents so people are able to add user parameters easily.
Here are the allowed volumes inside container:
/etc/zabbix/zabbix_agentd.d
/var/lib/zabbix/modules
/var/lib/zabbix/enc
all 3 with read/write permission and they all can be under one config folder with subfolders such as
/mnt/user/appdata/zabbix-agent/conf.d
/mnt/user/appdata/zabbix-agent/modules
/mnt/user/appdata/zabbix-agent/enc
In agent template you have variables for encryption, but in order for that to work properly there has to be two more thinks PSK Identity and PSK.key file.
For the identity you can just do this:
-e ZBX_TLSPSKIDENTITY="whatever you want to call it for example PSK1"
and
-e ZBX_TLSPSKFILE="this can be stored in conf.d folder" -- Please be aware people need to create file such as for example key.psk using nano editor in paste their key string there.
simple command "openssl rand --hex 32" will generate the key string.
Hope i wrote everything. Please contact me if you wish for further info.
-
I've tried adding variables:
-e PUID=99 \
-e PGID=100 \However no joy, I am afraid this docker container does not support these? I might be wrong i really don't know. On zabbix docker hub there is no mention of puid of pgid. All it really says is to run it privileged or mount the volumes i want to monitor.
-
Hey guys, as you may know zabbix-agent2 is out. Which brings support for docker monitoring natively.
I managed to get this working properly on CentOS 8 server running docker, there was only one issue which was that server couldn't fetch data from agent.
Fix to that was to simply add user "zabbix" to docker group issuing this command: "gpasswd -a zabbix". I have exacly the same issue in zabbix-server logs again with unraid so i tried to do the same command. While the unraid did successfully added user zabbix to docker group I still cant get it working.
Here's how i manually created docker container in unraid.
docker create \
--name zabbix-agent \
--net host \
--privileged \
-e HOST_OS="Unraid" \
--restart unless-stopped \
-e ZBX_HOSTNAME="Unraid server" \
-e ZBX_SERVER_HOST="10.0.20.10" \
-e ZBX_ACTIVE_ALLOW="false" \
-e TZ=Europe/London \
-v /var/run/docker.sock:/var/run/docker.sock \
-v /usr/bin/docker:/usr/bin/docker \
zabbix/zabbix-agent2:alpine-trunkAny idea what am I missing to make this working?
-
5 minutes ago, Korshakov said:
Hello, this might be really stupid question. But i can't to setup Server to Server access. Do i need to run wireguard client docker on one unraid and second just wireguard server with peer added as server to server?
What i tried was both unraids with this plugin with both unraids created server to server peers and both peers configs share same details.
Sorry, don't mind me. I didnt see this BIG icon on the top right corner called import tunnel. *FACEPAL*
-
Hello, this might be really stupid question. But i can't to setup Server to Server access. Do i need to run wireguard client docker on one unraid and second just wireguard server with peer added as server to server?
What i tried was both unraids with this plugin with both unraids created server to server peers and both peers configs share same details.
[Plugin] [Beta-Testers wanted] Zabbix-agent
in Plugin Support
Posted
Will definitely try it, because I use Zabbix to monitor over 200 different hosts. Zabbix Agent 2 would be a sweet addition as it would finally resolve my issue how to monitor docker containers on Unraid.