diff --git a/guide/install.md b/guide/install.md index 384880a..95561b4 100644 --- a/guide/install.md +++ b/guide/install.md @@ -13,20 +13,9 @@ instead want to build Moonfire NVR yourself, see the [Build instructions](build.md). First, install [Docker](https://www.docker.com/) if you haven't already, -and verify you can run the container. +and verify `docker run --rm hello-world` works. -``` -$ docker run --rm -it scottlamb/moonfire-nvr:latest -moonfire-nvr 0.6.2 -security camera network video recorder - -USAGE: - moonfire-nvr - -... -``` - -Next, you'll need to set up your filesystem and the Monfire NVR user. +Next, you'll need to set up your filesystem and the Moonfire NVR user. Moonfire NVR keeps two kinds of state: @@ -56,12 +45,13 @@ time zone. sudo sh -c 'cat > /usr/local/bin/nvr' <<'EOF' #!/bin/bash -e -tz=America/Los_Angeles -container_name=moonfire-nvr -image_name=scottlamb/moonfire-nvr:latest +tz="America/Los_Angeles" +container_name="moonfire-nvr" +image_name="scottlamb/moonfire-nvr:latest" common_docker_run_args=( --mount=type=bind,source=/var/lib/moonfire-nvr,destination=/var/lib/moonfire-nvr --user="$(id -u moonfire-nvr):$(id -g moonfire-nvr)" + --security-opt=seccomp:unconfined --env=RUST_BACKTRACE=1 --env=TZ=":${tz}" ) @@ -73,7 +63,7 @@ run) --detach=true \ --restart=on-failure \ "${common_docker_run_args[@]}" \ - --publish=8080:8080 \ + --network=host \ --name="${container_name}" \ "${image_name}" \ run \ diff --git a/guide/troubleshooting.md b/guide/troubleshooting.md index af324f9..39e56cd 100644 --- a/guide/troubleshooting.md +++ b/guide/troubleshooting.md @@ -11,6 +11,7 @@ need more help. * [Camera stream errors](#camera-stream-errors) * [Problems](#problems) * [Server errors](#server-errors) + * [`clock_gettime failed: EPERM: Operation not permitted`](#clock_gettime-failed-eperm-operation-not-permitted) * [`Error: pts not monotonically increasing; got 26615520 then 26539470`](#error-pts-not-monotonically-increasing-got-26615520-then-26539470) * [Out of disk space](#out-of-disk-space) * [Database or filesystem corruption errors](#database-or-filesystem-corruption-errors) @@ -213,6 +214,23 @@ W20210309 00:28:55.527 s-courtyard-sub moonfire_nvr::streamer] courtyard-sub: sl ### Server errors +#### `clock_gettime failed: EPERM: Operation not permitted` + +If commands fail with an error like the following, you're likely running +Docker with an overly restrictive `seccomp` setup. [This stackoverflow +answer](https://askubuntu.com/questions/1263284/apt-update-throws-signature-error-in-ubuntu-20-04-container-on-arm/1264921#1264921) describes the +problem in more detail. The simplest solution is to add +`--security-opt=seccomp:unconfined` to your Docker commandline. +If you are using the recommended `/usr/local/bin/nvr` wrapper script, +add this option to the `common_docker_run_args` section. + +``` +$ docker run --rm -it moonfire-nvr:latest +clock_gettime failed: EPERM: Operation not permitted + +This indicates a broken environment. See the troubleshooting guide. +``` + #### `Error: pts not monotonically increasing; got 26615520 then 26539470` If your streams cut out and you see error messages like this one in Moonfire diff --git a/server/src/main.rs b/server/src/main.rs index f8fce5d..d703dfd 100644 --- a/server/src/main.rs +++ b/server/src/main.rs @@ -137,6 +137,15 @@ fn panic_hook(p: &std::panic::PanicInfo) { } fn main() { + if let Err(e) = nix::time::clock_gettime(nix::time::ClockId::CLOCK_MONOTONIC) { + eprintln!( + "clock_gettime failed: {}\n\n\ + This indicates a broken environment. See the troubleshooting guide.", + e + ); + std::process::exit(1); + } + let args = Args::from_args(); let mut h = mylog::Builder::new() .set_format(