mirror of
https://github.com/scottlamb/moonfire-nvr.git
synced 2025-01-11 23:13:23 -05:00
many improvements to install docs/procedures
* in markdown files, use code fences rather than indented blocks. This is harder to screw up (one of them was off by a space so didn't render properly) and allows me to add info strings. * uniformly use "useradd" to create the user and group in all three places (install-manual.md, script-functions.sh, Dockerfile) rather than addgroup + adduser. Create a full home dir, which I suspect was the problem in #67. Don't allow customizing group name; it's always the same as the user. * install the sqlite3 package so that the "moonfire-nvr sql" command works properly. * remove "setup_db" function, which was out of place. Since the creation of the "moonfire-nvr init" command, this has to happen after installation of the binary. install.md gives instructions on this part anyway so remove it from the script. * give a proper command to create the db dir. It was creating it within the current directory, not within /var/lib/moonfire-nvr. Don't bother creating sample directory; "moonfire-nvr config" will do this. * when setting owners on a newly created directory, use a single "install -d" command rather than "mkdir" + "chown". * address confusion about whether sample file dirs need to be precreated. (Only when Moonfire NVR doesn't have write permissions on the parent.) * always just install the packaged version of ffmpeg rather than building our own. This has been usable since Debian/Raspbian 9 Stretch; Debian/Raspbian 10 Buster is out now so there's no excuse for still running Debian/Raspbian 8 Jessie. * don't chown the UI directory; it can be owned by root as with the binary. * in scripts/install.sh, don't enable/start the service yet. It hasn't been configured.
This commit is contained in:
parent
cb1bb5d810
commit
1c904b925a
@ -6,13 +6,12 @@ RUN apt-get update && \
|
||||
apt-get install -y apt-utils && \
|
||||
apt-get install -y apt-transport-https tzdata git curl sudo vim && \
|
||||
rm -rf /var/lib/apt/lists/*
|
||||
RUN groupadd -r moonfire-nvr && \
|
||||
useradd moonfire-nvr --no-log-init -m -r -g moonfire-nvr && \
|
||||
RUN useradd --no-log-init --home-dir /var/lib/moonfire-nvr --system --user-group moonfire-nvr && \
|
||||
echo 'moonfire-nvr ALL=(ALL) NOPASSWD: ALL' >>/etc/sudoers
|
||||
ENV HOME /home/moonfire-nvr
|
||||
ENV HOME /var/lib/moonfire-nvr
|
||||
COPY --chown=moonfire-nvr:moonfire-nvr . /home/moonfire-nvr/moonfire-nvr
|
||||
USER moonfire-nvr
|
||||
WORKDIR /home/moonfire-nvr/moonfire-nvr
|
||||
WORKDIR /var/lib/moonfire-nvr/moonfire-nvr
|
||||
RUN whoami && ls -l && \
|
||||
./scripts/setup-ubuntu.sh && \
|
||||
./scripts/setup-ubuntu.sh && \
|
||||
|
@ -33,17 +33,20 @@ You will need the following C libraries installed:
|
||||
On recent Ubuntu or Raspbian, the following command will install
|
||||
all non-Rust dependencies:
|
||||
|
||||
$ sudo apt-get install \
|
||||
build-essential \
|
||||
libavcodec-dev \
|
||||
libavformat-dev \
|
||||
libavutil-dev \
|
||||
libncurses5-dev \
|
||||
libncursesw5-dev \
|
||||
libsqlite3-dev \
|
||||
libssl-dev \
|
||||
pkgconf \
|
||||
tzdata
|
||||
```
|
||||
$ sudo apt-get install \
|
||||
build-essential \
|
||||
libavcodec-dev \
|
||||
libavformat-dev \
|
||||
libavutil-dev \
|
||||
libncurses5-dev \
|
||||
libncursesw5-dev \
|
||||
libsqlite3-dev \
|
||||
libssl-dev \
|
||||
pkgconf \
|
||||
sqlite3 \
|
||||
tzdata
|
||||
```
|
||||
|
||||
Next, you need Rust 1.33+ and Cargo. The easiest way to install them is by
|
||||
following the instructions at [rustup.rs](https://www.rustup.rs/).
|
||||
@ -52,60 +55,65 @@ Finally, building the UI requires [yarn](https://yarnpkg.com/en/).
|
||||
|
||||
Once prerequisites are installed, Moonfire NVR can be built as follows:
|
||||
|
||||
$ yarn
|
||||
$ yarn build
|
||||
$ cargo test
|
||||
$ cargo build --release
|
||||
$ sudo install -m 755 target/release/moonfire-nvr /usr/local/bin
|
||||
$ sudo mkdir /usr/local/lib/moonfire-nvr
|
||||
$ sudo cp -R ui-dist /usr/local/lib/moonfire-nvr/ui
|
||||
```
|
||||
$ yarn
|
||||
$ yarn build
|
||||
$ cargo test
|
||||
$ cargo build --release
|
||||
$ sudo install -m 755 target/release/moonfire-nvr /usr/local/bin
|
||||
$ sudo mkdir /usr/local/lib/moonfire-nvr
|
||||
$ sudo cp -R ui-dist /usr/local/lib/moonfire-nvr/ui
|
||||
```
|
||||
|
||||
## Creating the user and database
|
||||
|
||||
You can create Moonfire NVR's dedicated user and SQLite database with the
|
||||
following commands:
|
||||
|
||||
$ sudo addgroup --system moonfire-nvr
|
||||
$ sudo adduser --system moonfire-nvr --home /var/lib/moonfire-nvr
|
||||
$ sudo mkdir /var/lib/moonfire-nvr
|
||||
$ sudo chown moonfire-nvr:moonfire-nvr /var/lib/moonfire-nvr
|
||||
$ sudo -u moonfire-nvr -H mkdir db sample
|
||||
$ sudo -u moonfire-nvr moonfire-nvr init
|
||||
```
|
||||
$ sudo useradd --system --user-group --create-home --home /var/lib/moonfire-nvr moonfire-nvr
|
||||
$ sudo -u moonfire-nvr -H sh -c 'cd && mkdir --mode=700 db'
|
||||
$ sudo -u moonfire-nvr moonfire-nvr init
|
||||
```
|
||||
|
||||
## System Service
|
||||
|
||||
Moonfire NVR can be run as a systemd service. Create
|
||||
`/etc/systemd/system/moonfire-nvr.service`:
|
||||
|
||||
[Unit]
|
||||
Description=Moonfire NVR
|
||||
After=network-online.target
|
||||
```
|
||||
[Unit]
|
||||
Description=Moonfire NVR
|
||||
After=network-online.target
|
||||
|
||||
[Service]
|
||||
ExecStart=/usr/local/bin/moonfire-nvr run \
|
||||
--db-dir=/var/lib/moonfire-nvr/db \
|
||||
--http-addr=0.0.0.0:8080
|
||||
Environment=TZ=:/etc/localtime
|
||||
Environment=MOONFIRE_FORMAT=google-systemd
|
||||
Environment=MOONFIRE_LOG=info
|
||||
Environment=RUST_BACKTRACE=1
|
||||
Type=simple
|
||||
User=moonfire-nvr
|
||||
Nice=-20
|
||||
Restart=on-abnormal
|
||||
CPUAccounting=true
|
||||
MemoryAccounting=true
|
||||
BlockIOAccounting=true
|
||||
[Service]
|
||||
ExecStart=/usr/local/bin/moonfire-nvr run \
|
||||
--db-dir=/var/lib/moonfire-nvr/db \
|
||||
--http-addr=0.0.0.0:8080
|
||||
Environment=TZ=:/etc/localtime
|
||||
Environment=MOONFIRE_FORMAT=google-systemd
|
||||
Environment=MOONFIRE_LOG=info
|
||||
Environment=RUST_BACKTRACE=1
|
||||
Type=simple
|
||||
User=moonfire-nvr
|
||||
Nice=-20
|
||||
Restart=on-failure
|
||||
CPUAccounting=true
|
||||
MemoryAccounting=true
|
||||
BlockIOAccounting=true
|
||||
|
||||
[Install]
|
||||
WantedBy=multi-user.target
|
||||
[Install]
|
||||
WantedBy=multi-user.target
|
||||
```
|
||||
|
||||
Note that the HTTP port currently has no authentication, encryption, or
|
||||
logging; it should not be directly exposed to the Internet.
|
||||
|
||||
Tell `systemd` to look for the new file:
|
||||
|
||||
$ sudo systemctl daemon-reload
|
||||
```
|
||||
$ sudo systemctl daemon-reload
|
||||
```
|
||||
|
||||
See the [systemd](http://www.freedesktop.org/wiki/Software/systemd/)
|
||||
documentation for more information. The [manual
|
||||
|
@ -89,7 +89,6 @@ Although not all listed in the default `prep.config` file, these are the
|
||||
available configuration variable and their defaults.
|
||||
|
||||
NVR_USER=moonfire-nvr
|
||||
NVR_GROUP=$NVR_USER
|
||||
NVR_PORT=8080
|
||||
NVR_HOME_BASE=/var/lib
|
||||
DB_NAME=db
|
||||
|
@ -13,7 +13,9 @@ See the [github page](https://github.com/scottlamb/moonfire-nvr) (in case
|
||||
you're not reading this text there already). You can download the
|
||||
bleeding-edge version from the commandline via git:
|
||||
|
||||
$ git clone https://github.com/scottlamb/moonfire-nvr.git
|
||||
```
|
||||
$ git clone https://github.com/scottlamb/moonfire-nvr.git
|
||||
```
|
||||
|
||||
## Building and installing from source
|
||||
|
||||
@ -39,26 +41,29 @@ Moonfire NVR keeps two kinds of state:
|
||||
By now Moonfire NVR's dedicated user and database should have been created for
|
||||
you. Next you need to create a sample file directory.
|
||||
|
||||
## Creating a sample file directory
|
||||
|
||||
### ...on a dedicated hard drive
|
||||
## Dedicated hard drive seutp
|
||||
|
||||
If a dedicated hard drive is available, set up the mount point:
|
||||
|
||||
$ sudo vim /etc/fstab
|
||||
$ sudo mkdir /media/nvr
|
||||
$ sudo mount /media/nvr
|
||||
$ sudo mkdir /media/nvr/sample
|
||||
$ sudo chown moonfire-nvr:moonfire-nvr /media/nvr/sample
|
||||
```
|
||||
$ sudo vim /etc/fstab
|
||||
$ sudo mkdir /media/nvr
|
||||
$ sudo mount /media/nvr
|
||||
$ sudo install -d -o moonfire-nvr -g moonfire-nvr -m 700 /media/nvr/sample
|
||||
```
|
||||
|
||||
In the fstab you'd add a line similar to this:
|
||||
In `/etc/fstab`, add a line similar to this:
|
||||
|
||||
/dev/disk/by-uuid/23d550bc-0e38-4825-acac-1cac8a7e091f /media/nvr ext4 defaults,noatime,nofail 0 2
|
||||
```
|
||||
/dev/disk/by-uuid/23d550bc-0e38-4825-acac-1cac8a7e091f /media/nvr ext4 defaults,noatime,nofail 0 2
|
||||
```
|
||||
|
||||
You'll have to lookup the correct uuid for your disk. One way to do that is
|
||||
via the following command:
|
||||
|
||||
$ ls -l /dev/disk/by-uuid
|
||||
```
|
||||
$ ls -l /dev/disk/by-uuid
|
||||
```
|
||||
|
||||
If you use the `nofail` attribute in `/etc/fstab` as described above, your
|
||||
system will boot successfully even when the hard drive is unavailable (such as
|
||||
@ -66,19 +71,18 @@ when your external USB storage is unmounted). This is convenient, but you
|
||||
likely want to ensure the `moonfire-nvr` service only starts when the mounting
|
||||
is successful. Edit the systemd configuration to do so:
|
||||
|
||||
$ sudo vim /etc/systemd/system/moonfire-nvr.service
|
||||
$ sudo systemctl daemon-reload
|
||||
```
|
||||
$ sudo vim /etc/systemd/system/moonfire-nvr.service
|
||||
$ sudo systemctl daemon-reload
|
||||
```
|
||||
|
||||
You'll want to add a line like `Requires=media-nvr.mount` to the `[Unit]`
|
||||
section of the file.
|
||||
You'll want to add lines similar to the following to the `[Unit]` section of
|
||||
the file:
|
||||
|
||||
### ...without a dedicated hard drive
|
||||
|
||||
If you don't have a dedicated hard drive available, simply create a directory
|
||||
owned by the dedicated user. It's convenient to place it within the
|
||||
installation's directory (typically `/var/lib/moonfire-nvr`):
|
||||
|
||||
$ sudo -u moonfire-nvr -H mkdir sample
|
||||
```
|
||||
After=media.nvr.mount
|
||||
Requires=media-mvr.mount
|
||||
```
|
||||
|
||||
## Completing configuration through the UI
|
||||
|
||||
@ -87,11 +91,18 @@ configurations to the database.
|
||||
|
||||
You can configure the system's database through a text-based user interface:
|
||||
|
||||
$ sudo -u moonfire-nvr moonfire-nvr config 2>debug-log
|
||||
```
|
||||
$ sudo -u moonfire-nvr moonfire-nvr config 2>debug-log
|
||||
```
|
||||
|
||||
In the user interface,
|
||||
|
||||
1. add your sample file dir(s) under "Directories and retention".
|
||||
If you used a dedicated hard drive, use the directory you precreated
|
||||
(`/media/surveillance/sample`). Otherwise, try
|
||||
`/var/lib/moonfire-nvr/sample`. Moonfire NVR will create the directory as
|
||||
long as it has the required permissions on the parent directory.
|
||||
|
||||
2. add cameras under "Cameras and streams".
|
||||
|
||||
* There's a "Test" button to verify your settings directly from the add/edit
|
||||
@ -135,8 +146,10 @@ system](secure.md) first.
|
||||
The following commands will start Moonfire NVR and enable it for following
|
||||
boots, respectively:
|
||||
|
||||
$ sudo systemctl start moonfire-nvr
|
||||
$ sudo systemctl enable moonfire-nvr
|
||||
```
|
||||
$ sudo systemctl start moonfire-nvr
|
||||
$ sudo systemctl enable moonfire-nvr
|
||||
```
|
||||
|
||||
The HTTP interface is accessible on port 8080; if your web browser is running
|
||||
on the same machine, you can access it at
|
||||
|
@ -67,7 +67,6 @@ fi
|
||||
if [ -d "ui-dist" ]; then
|
||||
sudo mkdir -p "${LIB_DIR}/ui"
|
||||
sudo cp -R ui-dist/. "${LIB_DIR}/ui/"
|
||||
sudo chown -R ${NVR_USER}:${NVR_GROUP} "${LIB_DIR}/ui/"
|
||||
echo_info -x "Server UI installed..."
|
||||
else
|
||||
echo_fatal -x "Server UI failed to build or install..."
|
||||
@ -114,7 +113,7 @@ Environment=RUST_BACKTRACE=1
|
||||
Type=simple
|
||||
User=${NVR_USER}
|
||||
Nice=-20
|
||||
Restart=on-abnormal
|
||||
Restart=on-failure
|
||||
CPUAccounting=true
|
||||
MemoryAccounting=true
|
||||
BlockIOAccounting=true
|
||||
@ -123,13 +122,4 @@ BlockIOAccounting=true
|
||||
WantedBy=multi-user.target
|
||||
NVR_EOF
|
||||
|
||||
# Configure and start service
|
||||
#
|
||||
if [ -f "${SERVICE_PATH}" ]; then
|
||||
echo_info -x 'Configuring system daemon...'
|
||||
sudo systemctl daemon-reload
|
||||
sudo systemctl enable ${SERVICE_NAME}
|
||||
sudo systemctl restart ${SERVICE_NAME}
|
||||
echo_info -x 'Getting system daemon status...'
|
||||
sudo systemctl status ${SERVICE_NAME}
|
||||
fi
|
||||
sudo systemctl daemon-reload
|
||||
|
@ -41,8 +41,6 @@ NODE_MIN_VERSION="8"
|
||||
YARN_MIN_VERSION="1.0"
|
||||
CARGO_MIN_VERSION="0.2"
|
||||
RUSTC_MIN_VERSION="1.33"
|
||||
FFMPEG_MIN_VERSION="55.1.101"
|
||||
FFMPEG_RELEASE_VERSION="3.4"
|
||||
|
||||
normalizeDirPath()
|
||||
{
|
||||
@ -80,11 +78,6 @@ catPrefix()
|
||||
sed -e "s/^/$2/" < "$1"
|
||||
}
|
||||
|
||||
mkdir_moonfire()
|
||||
{
|
||||
sudo -u "${NVR_USER}" -H mkdir "$@"
|
||||
}
|
||||
|
||||
echo_multi()
|
||||
{
|
||||
local prefix=''
|
||||
@ -151,7 +144,6 @@ initEnvironmentVars()
|
||||
. "${MOONFIRE_DIR}/prep.config"
|
||||
fi
|
||||
NVR_USER="${NVR_USER:-moonfire-nvr}"
|
||||
NVR_GROUP="${NVR_GROUP:-$NVR_USER}"
|
||||
NVR_PORT="${NVR_PORT:-8080}"
|
||||
NVR_HOME_BASE="${NVR_HOME_BASE:-/var/lib}"
|
||||
NVR_HOME="${NVR_HOME_BASE}/${NVR_USER}"
|
||||
@ -244,23 +236,6 @@ userExists()
|
||||
return $(id -u "$1" >/dev/null 2>&1)
|
||||
}
|
||||
|
||||
groupExists()
|
||||
{
|
||||
return $(id -g "$1" >/dev/null 2>&1)
|
||||
}
|
||||
|
||||
moonfire()
|
||||
{
|
||||
case "$1" in
|
||||
start)
|
||||
sudo systemctl start "$2"
|
||||
;;
|
||||
stop)
|
||||
sudo systemctl stop "$2"
|
||||
;;
|
||||
esac
|
||||
}
|
||||
|
||||
sudo_warn()
|
||||
{
|
||||
echo_warn -x -p '!!!!! ' \
|
||||
@ -271,48 +246,18 @@ sudo_warn()
|
||||
'------------------------------------------------------------------------------'
|
||||
}
|
||||
|
||||
|
||||
# Prepare for sqlite directory and set schema into db
|
||||
#
|
||||
setup_db()
|
||||
{
|
||||
if [ ! -d "${DB_DIR}" ]; then
|
||||
echo_info -x 'Create database directory...'
|
||||
mkdir_moonfire -p "${DB_DIR}"
|
||||
fi
|
||||
echo_info -x 'Ensure database is initialized...'
|
||||
sudo -u "${NVR_USER}" -H -- "${SERVICE_BIN}" init --db-dir="${DB_DIR}"
|
||||
}
|
||||
|
||||
# Make sure all sample directories and files owned by moonfire
|
||||
#
|
||||
fix_ownership()
|
||||
{
|
||||
sudo chown -R ${NVR_USER}:${NVR_USER} "$1"
|
||||
echo_info -x "Fix ownership of files in \"$1\"..."
|
||||
}
|
||||
|
||||
# Create user and groups if not there
|
||||
# Create user, group, and database directory if not there
|
||||
#
|
||||
prep_moonfire_user()
|
||||
{
|
||||
echo_info -x "Create user/group and directories we need..."
|
||||
if ! groupExists "${NVR_GROUP}"; then
|
||||
sudo addgroup --quiet --system ${NVR_GROUP}
|
||||
fi
|
||||
if ! userExists "${NVR_USER}"; then
|
||||
sudo adduser --quiet --system ${NVR_USER} \
|
||||
--ingroup "${NVR_GROUP}" --home "${NVR_HOME}"
|
||||
sudo useradd --system ${NVR_USER} --user-group --create-home --home-dir "${NVR_HOME}"
|
||||
fi
|
||||
if [ ! -d "${NVR_HOME}" ]; then
|
||||
sudo mkdir "${NVR_HOME}"
|
||||
sudo chown "${NVR_USER}:${NVR_GROUP}" "${NVR_HOME}"
|
||||
fi
|
||||
sudo chown ${NVR_USER}:${NVR_GROUP} "${NVR_HOME}"
|
||||
sudo -u ${NVR_USER} -H sh -c 'cd && test -d db || mkdir --mode=700 db'
|
||||
}
|
||||
|
||||
pre_install_prep()
|
||||
{
|
||||
prep_moonfire_user
|
||||
setup_db
|
||||
}
|
||||
|
@ -38,32 +38,21 @@ makePrepConfig
|
||||
export DEBIAN_FRONTEND=noninteractive
|
||||
|
||||
|
||||
# Process command line options
|
||||
#
|
||||
while getopts ":f" opt; do
|
||||
case $opt in
|
||||
f) DONT_BUILD_FFMPEG=1
|
||||
;;
|
||||
:)
|
||||
echo_fatal "Option -$OPTARG requires an argument."
|
||||
;;
|
||||
\?)
|
||||
echo_fatal -x "Invalid option: -$OPTARG"
|
||||
;;
|
||||
esac
|
||||
done
|
||||
|
||||
sudo_warn
|
||||
|
||||
# Setup all apt packages we need
|
||||
#
|
||||
echo_info -x 'Preparing and downloading packages we need...'
|
||||
PKGS="build-essential \
|
||||
libavcodec-dev \
|
||||
libavformat-dev \
|
||||
libavutil-dev \
|
||||
libncurses5-dev \
|
||||
libncursesw5-dev \
|
||||
libsqlite3-dev \
|
||||
libssl-dev \
|
||||
pkgconf \
|
||||
sqlite3 \
|
||||
tzdata"
|
||||
|
||||
# Add yarn before NodeSource so it can all go in one update
|
||||
@ -102,42 +91,6 @@ sudo apt-get install -y $PKGS
|
||||
sudo apt-get autoremove -y
|
||||
echo_info -x
|
||||
|
||||
# Check for ffmpeg and install by building if necessary
|
||||
# This needs to be done before building moonfire so it can
|
||||
# find the right versions of the libraries.
|
||||
#
|
||||
ffv=`ffmpeg -version 2>/dev/null | extractVersion libavutil`
|
||||
ffv=${ffv:-0}
|
||||
if ! versionAtLeast "$ffv" "$FFMPEG_MIN_VERSION"; then
|
||||
if [ "${DONT_BUILD_FFMPEG:-0}" -ne 0 ]; then
|
||||
echo_warn -x "ffmpeg version (${ffv}) installed is too old for moonfire." \
|
||||
"Suggest you manually install at least version $FFMPEG_MIN_VERSION of libavutil." \
|
||||
"ffmpeg versions 2.x and 3.x all should work."
|
||||
else
|
||||
OLDDIR=`pwd`
|
||||
cd ..
|
||||
if [ -d FFmpeg ]; then
|
||||
echo_info -x "Removing older FFmpeg directory..."
|
||||
rm -fr FFmpeg
|
||||
fi
|
||||
echo_info -x "Fetching FFmpeg source..."
|
||||
git clone --depth 1 -b "release/${FFMPEG_RELEASE_VERSION}" https://github.com/FFmpeg/FFmpeg.git
|
||||
cd FFmpeg
|
||||
pt=`uname -p 2>/dev/null`
|
||||
if [ -z "${pt##*86*}" ]; then
|
||||
DEBIAN_FRONTEND=noninteractive sudo apt-get install -y yasm
|
||||
fi
|
||||
./configure --enable-shared
|
||||
make
|
||||
sudo make install
|
||||
sudo ldconfig
|
||||
cd "$OLDDIR"
|
||||
OLDDIR=
|
||||
fi
|
||||
else
|
||||
echo_info -x "FFmpeg is already usable..."
|
||||
fi
|
||||
|
||||
# If cargo appears installed, initialize for using it so rustc can be found
|
||||
#
|
||||
initCargo
|
||||
|
Loading…
Reference in New Issue
Block a user