search

jokob-sk / NetAlertX

šŸ–§šŸ” WIFI / LAN intruder detector. Scans for devices connected to your network and alerts you if new and unknown devices are found.
GNU General Public License v3.0
3.1k stars 187 forks source link

can't access database #218

Closed poudenes closed 1 year ago

poudenes commented 1 year ago

Describe the issue

Try install on mat Synology NAS. After deploy the tool can't access database

environment: HOST_USER_ID: 1026 HOST_USER_GID: 100

environment:
PUID: 1026
PGID: 100

Use for all dockers those ID and GID.

Paste last few lines from pialert.log

root@pialert:/home/pi/pialert/front/log# cat pialert.log 

 Permissions check (All should be True)
------------------------------------------------
  /config/pialert.conf |  READ  | False
  /config/pialert.conf |  WRITE | False
  /db/pialert.db       |  READ  | False
  /db/pialert.db       |  WRITE | False
------------------------------------------------
[Setup] (/home/pi/pialert/config/pialert.conf) file is not readable or missing. Trying to copy over the default one.
[Setup] (/home/pi/pialert/back/pialert.conf_bak) copied over successfully to (/home/pi/pialert/config/pialert.conf).
[Setup] (/home/pi/pialert/db/pialert.db) file is not readable or missing. Trying to copy over the default one.
[Setup] (/home/pi/pialert/back/pialert.db_bak) copied over successfully to (/home/pi/pialert/db/pialert.db).
[Setup] Attempting to fix permissions.
[Setup] Attempting to fix permissions.
[LOG_LEVEL=debug] 09:19:32 Opening DB
[upgradeDB] Adding dev_Network_Node_MAC_ADDR to the Devices table
[upgradeDB] Adding dev_Network_Node_port to the Devices table
[upgradeDB] Adding dev_Icon to the Devices table
[upgradeDB] Re-creating Settings table
[upgradeDB] Re-creating Pholus_Scan table
[upgradeDB] Re-creating Parameters table
[upgradeDB] Re-creating Nmap_Scan table
[2023-05-05 09:19:33] Plugins: Number of dynamically loaded plugins: 5
     [Plugins] ---------------------------------------------
     [Plugins] display_name: DHCP Leases
     [Plugins] description: This plugin is to import devices from dhcp.leases files.
     [Plugins] ---------------------------------------------
     [Plugins] display_name: Rogue DHCP
     [Plugins] description: This plugin is to use NMAP to monitor for rogue DHCP servers.
     [Plugins] ---------------------------------------------
     [Plugins] display_name: Services (NMAP)
     [Plugins] description: This plugin shows all services discovered by NMAP scans.
     [Plugins] ---------------------------------------------
     [Plugins] display_name: UniFi import
     [Plugins] description: This plugin is used to import devices from an UNIFI controller.
     [Plugins] ---------------------------------------------
     [Plugins] display_name: Website monitor
     [Plugins] description: This plugin is to monitor status changes of services or websites.
     [API] Updating table_settings.json file in /front/api
[2023-05-05 09:19:34] Config: Imported new config
     [API] Updating table_devices.json file in /front/api
     [API] Updating table_nmap_scan.json file in /front/api
     [API] Updating table_pholus_scan.json file in /front/api
     [API] Updating table_events_pending_alert.json file in /front/api
     [API] Updating table_plugins_events.json file in /front/api
     [API] Updating table_plugins_history.json file in /front/api
     [API] Updating table_plugins_objects.json file in /front/api
     [API] Updating table_language_strings.json file in /front/api
     [API] Updating table_custom_endpoint.json file in /front/api
[2023-05-05 09:19:34] Process: Start
[2023-05-05 09:19:33] Check Internet IP:
    Retrieving Internet IP:
      87.208.15.87
    Retrieving previous IP:
      0.0.0.0
    New internet IP: 87.208.15.87
    Skipping Dynamic DNS update
[2023-05-05 09:19:34] Scan: Pholus for 600s (10.0min)
        Pholus scan on [interface] eth1 [mask] 192.168.1.0/24
[2023-05-05 09:20:14] Scan: Pholus SUCCESS
[2023-05-05 09:19:33] Scan Devices:
    arp-scan start
  Processing scan results
    Devices Detected.......: 2
        arp-scan detected..: 0
        Pi-hole detected...: +0
        New Devices........: 1
    Devices in this cycle..: 1
        Down Alerts........: 0
        New Down Alerts....: 0
        New Connections....: 0
        Disconnections.....: 0
        IP Changes.........: 0
  Updating DB Info
    Sessions Events (connect / discconnect)
    Creating new devices
    Updating Devices Info
        Trying to resolve devices without name
          Pholus entries from prev scans: 0
        Names Found (DiG/Pholus): 0 (0/0)
        Names Not Found         : 1
    Voiding false (ghost) disconnections
    Pairing session events (connection / disconnection) 
    Creating sessions snapshot
    Inserting scan results into Online_History
    Skipping repeated notifications
[2023-05-05 09:20:26] Scan: Nmap for max 150s (2.5min) per device
        Estimated max delay: 150s (2.5min)
[2023-05-05 09:20:28] Scan: Nmap SUCCESS for 192.168.100.62 (1/1)
[2023-05-05 09:20:28] Scan: Ports found by NMAP: 23
[2023-05-05 09:20:28] Scan: Nmap newly discovered or changed ports: 23
  Check if something to report
     [API] Updating notification_* files in /front/api
     [API] Updating table_devices.json file in /front/api
     [API] Updating table_nmap_scan.json file in /front/api
     [API] Updating table_events_pending_alert.json file in /front/api
    Changes detected, sending reports
      Skip email
      Skip Apprise
      Skip webhook
      Skip NTFY
      Skip PUSHSAFER
      Skip MQTT
[2023-05-05 09:20:28] Notifications: 0
[2023-05-05 09:19:33] Upkeep Database:
    Online_History: Delete all but keep latest 150 entries
    Optimize Database
    Events: Delete all older than 90 days
    Plugin Events History: Delete all older than 90 days
    Pholus_Scan: Delete all older than 7 days
    Pholus_Scan: Delete all duplicates
    Nmap_Scan: Delete all duplicates
    Shrink Database
[2023-05-05 09:20:29] Last action: cleanup
[2023-05-05 09:20:29] Process: Wait
     [API] Updating table_devices.json file in /front/api
     [API] Updating table_events_pending_alert.json file in /front/api
[2023-05-05 09:20:34] Process: Start
[2023-05-05 09:20:34] Process: Wait
[2023-05-05 09:21:34] Process: Start
[2023-05-05 09:21:34] Process: Wait
[2023-05-05 09:22:34] Process: Start
[2023-05-05 09:22:34] Check Internet IP:
    Retrieving Internet IP:
      87.208.15.87
    Retrieving previous IP:
      87.208.15.87
    No changes to perform
    Skipping Dynamic DNS update
  Check if something to report
    No changes to report
[2023-05-05 09:22:34] Notifications: 0
[2023-05-05 09:22:34] Last action: internet_IP
[2023-05-05 09:22:34] Process: Wait
[2023-05-05 09:23:34] Process: Start
[2023-05-05 09:23:34] Process: Wait

Paste your pialert.conf (remove personal info)

#-----------------AUTOGENERATED FILE-----------------#
#                                                    #
#         Generated:  2022-12-30_22-19-40            #
#                                                    #
#   Config file for the LAN intruder detection app:  #
#      https://github.com/jokob-sk/Pi.Alert          #
#                                                    #
#-----------------AUTOGENERATED FILE-----------------#

# General
#---------------------------
# Scan using interface eth0
# SCAN_SUBNETS    = ['192.168.1.0/24 --interface=eth0']
#
# Scan multiple interfaces (eth1 and eth0):
# SCAN_SUBNETS    = [ '192.168.1.0/24 --interface=eth1', '192.168.1.0/24 --interface=eth0' ]
SCAN_SUBNETS=['192.168.1.0/24 --interface=eth1']
PRINT_LOG=False
TIMEZONE='Europe/Amsterdam'
PIALERT_WEB_PROTECTION=False
PIALERT_WEB_PASSWORD='PASSWORD'
INCLUDED_SECTIONS=['internet','new_devices','down_devices','events']
SCAN_CYCLE_MINUTES=5
DAYS_TO_KEEP_EVENTS=90
# Used for generating links in emails. Make sure not to add a trailing slash!
REPORT_DASHBOARD_URL='http://pi.alert'

# Email
#---------------------------
REPORT_MAIL=False
SMTP_SERVER='smtp.gmail.com'
SMTP_PORT=587
REPORT_TO='user@gmail.com'
REPORT_FROM='Pi.Alert <user@gmail.com>'
SMTP_SKIP_LOGIN=False
SMTP_USER='user@gmail.com'
SMTP_PASS='password'
SMTP_SKIP_TLS=False

# Webhooks
#---------------------------
REPORT_WEBHOOK=False
WEBHOOK_URL='http://n8n.local:5555/webhook-test/aaaaaaaa-aaaa-aaaa-aaaaa-aaaaaaaaaaaa'
WEBHOOK_PAYLOAD='json'                 # webhook payload data format for the "body > attachements > text" attribute 
                                       # in https://github.com/jokob-sk/Pi.Alert/blob/main/docs/webhook_json_sample.json 
                                       #   supported values: 'json', 'html' or 'text'
                                       #   e.g.: for discord use 'html'
WEBHOOK_REQUEST_METHOD='GET'

# Apprise
#---------------------------
REPORT_APPRISE=False
APPRISE_HOST='http://localhost:8000/notify'
APPRISE_URL='mailto://smtp-relay.sendinblue.com:587?from=user@gmail.com&name=apprise&user=user@gmail.com&pass=password&to=user@gmail.com'

# NTFY
#---------------------------
REPORT_NTFY=False
NTFY_HOST='https://ntfy.sh'
NTFY_TOPIC='replace_my_secure_topicname_91h889f28'
NTFY_USER='user'
NTFY_PASSWORD='passw0rd'

# PUSHSAFER
#---------------------------
REPORT_PUSHSAFER=False
PUSHSAFER_TOKEN='ApiKey'

# MQTT
#---------------------------
REPORT_MQTT=False
MQTT_BROKER='192.168.100.62'
MQTT_PORT=1883
MQTT_USER='myuser'
MQTT_PASSWORD='mypassword'
MQTT_QOS=0
MQTT_DELAY_SEC=2

# DynDNS
#---------------------------
DDNS_ACTIVE=False
DDNS_DOMAIN='your_domain.freeddns.org'
DDNS_USER='dynu_user'
DDNS_PASSWORD='A0000000B0000000C0000000D0000000'
DDNS_UPDATE_URL='https://api.dynu.com/nic/update?'

# PiHole
#---------------------------
# if enabled you need to map '/etc/pihole/pihole-FTL.db' in docker-compose.yml
PIHOLE_ACTIVE=False
# if enabled you need to map '/etc/pihole/dhcp.leases' in docker-compose.yml
DHCP_ACTIVE=False

# Pholus
#---------------------------
PHOLUS_ACTIVE=False
PHOLUS_TIMEOUT=120
PHOLUS_FORCE=False
PHOLUS_DAYS_DATA=7
PHOLUS_RUN='once'
PHOLUS_RUN_TIMEOUT=600
PHOLUS_RUN_SCHD='0 4 * * *'

#-------------------IMPORTANT INFO-------------------#
#   This file is ingested by a python script, so if  #
#        modified it needs to use python syntax      #
#-------------------IMPORTANT INFO-------------------#

Paste your docker-compose.yml and .env (remove personal info)

version: "3.9"
services:
  pialert:
    image: jokobsk/pi.alert:latest
    container_name: pialert
    hostname: pialert
    restart: always
    volumes:
      - /etc/localtime:/etc/localtime:ro
      - /volumeUSB1/usbshare/docker/pialert/config:/home/pi/pialert/config
      - /volumeUSB1/usbshare/docker/pialert/db:/home/pi/pialert/db
    environment:
      TZ: Europe/Amsterdam
      HOST_USER_ID: 1026
      HOST_USER_GID: 100
      MQTT_BROKER: 192.168.100.62
      MQTT_PORT: 1883
      MQTT_USER: myusername
      MQTT_PASSWORD: mypassword
      PORT: 20211
    security_opt:
      - no-new-privileges:true
    mem_limit: 2g
    cpu_shares: 768
    healthcheck:
      test: curl -f http://localhost:20211/ || exit 1
    network_mode: host
jokob-sk commented 1 year ago

Hi!

Please try to create the container without mounting the following directories:

      - /volumeUSB1/usbshare/docker/pialert/config:/home/pi/pialert/config
      - /volumeUSB1/usbshare/docker/pialert/db:/home/pi/pialert/db

If that works, then your permissions on your server are not set up correctly.

An alternative is to map the db file directly. Please check the Common issues section in the README for details.

If the above doesn't help, can you please post screenshots of the errors you are receiving?

Thanks, j

poudenes commented 1 year ago

Thanks. Seems to work now.

jokob-sk commented 1 year ago

Thanks for the update > closing