search

patschi / parsedmarc-dockerized

Dockerized self-initializing parsedmarc docker stack for lazy people
GNU General Public License v3.0
78 stars 21 forks source link

Fresh install do not work #6

Closed renoproc closed 9 months ago

renoproc commented 2 years ago

Hi, I've a fresh installation on a ZorinOS 16 (20.04.1-Ubuntu), connexion to https://myIP:9999 show the elasticsearch dashbord, with all boards in error (SPF, DKIM, DMARC...) and complains about a warning

Configuration missing
server.publicBaseUrl is missing and should be configured when running in a production environment. Some features may not behave correctly.

The second error at the bottom, sounds logical because elasticsearch didn't receive the dmarc data No matching indices found: No indices match pattern "dmarc_aggregate*"

As you can see in this screen capture Screen capture 2022-08-16 14-58-40

my config.ini

[general]
save_aggregate = True
save_forensic = True
log_file = /var/log/parsedmarc/

[imap]
# IMAP login
host = imap.gmail.com
port = 993
user = my_address@gmail.com
password = "my password"
ssl = True

# advanced
[mailbox]
watch = True
reports_folder = DMARC
archive_folder = DmarcProcessed
delete = False

# advanced advanced
test = True

### NO EDIT REQURIED DOWN BELOW
[elasticsearch]
hosts = elasticsearch:9200
ssl = False

Folder for the log file is root ownered, but nothing recorded I tried with the debug = True option in the config.ini, no more information

docker do not complain during the initialization process

/opt/patschi_parsedmarc-dockerized# docker-compose up -d
Creating network "patschi_parsedmarc-dockerized_parsedmarc-network" with driver "bridge"
Creating network "patschi_parsedmarc-dockerized_default" with the default driver
Creating patschi_parsedmarc-dockerized_geoipupdate_1     ... done
Creating patschi_parsedmarc-dockerized_parsedmarc-init_1 ... done
Creating patschi_parsedmarc-dockerized_elasticsearch_1   ... done
Creating patschi_parsedmarc-dockerized_parsedmarc_1      ... done
Creating patschi_parsedmarc-dockerized_kibana_1          ... done
Creating patschi_parsedmarc-dockerized_nginx_1           ... done

Did I missed something ? Thanks in advance

xpufx commented 2 years ago

Check the logs for the parsedmarc container. I am getting a whole lot of messages about deprecated config options. They are supposed to go into a new [mailbox] section apparently. (I mean if these are really deprecated you would not be collecting any data)

After fixing the config and letting it run (I had 3000+ existing messages in the inbox) it worked. Took a long time. Try adding 'debug = True' in the General section of the conf and watch the log.

hugalafutro commented 1 year ago

I'm running into the same issue and failing to update the config.ini, could you share a working copy of config.ini please ?

Nevermind the edits were right, I just SEVERELY underestimated what you meant when you said

Took a long time.

I added debug = True to [general] and can now see it processing the messages in docker logs.

edit: afterwards several dashboards didn't populate after some googling found out reason was nameservers for w/e reason in my setup the default ones didn't work, after I added nameservers = 192.168.1.101,192.168.1.102 (my 2 pi-holes) to [general] and rebuilt the whole thing from scratch the process was literally flying, 141 messages processed in seconds instead of 20 minutes (I guess most of the time before was waiting for nslookup to time out)

patschi commented 9 months ago

I do really appreciate all your help here. I suppose it has been fixed by now, so closing it.

The new config example has the setting at the new [mailbox] section and the nameserver entry to raise awareness that it can be changed.