netalertx not accessible using web browser

[rte2806]

Hi all,
I'm trying to install and use netalertx on Raspberry Pi 4 using docker.

This is my Portainer Stack:
services: netalertx: user: 20211:20211 container_name: netalertx # Use this line for stable release image: "ghcr.io/jokob-sk/netalertx:latest" networks: macnet: ipv4_address: 192.168.178.205 # network_mode: "host" restart: unless-stopped cap_drop: # Drop all capabilities for enhanced security - ALL cap_add: # Re-add necessary capabilities - NET_RAW - NET_ADMIN - SYS_ADMIN - NET_BIND_SERVICE volumes: - ${APP_FOLDER}/config:/data/config - ${APP_FOLDER}/db:/data/db - ${APP_FOLDER}/logs:/tmp/log # to sync with system time - /etc/localtime:/etc/localtime:ro tmpfs: # All writable runtime state resides under /tmp; comment out to persist logs between restarts # - "/tmp:uid=20211,gid=20211,mode=1700,rw,noexec,nosuid,nodev,async,noatime,nodiratime" # Retain logs # - /netalertx/logs:/tmp/log - "/tmp/api:uid=20211,gid=20211,mode=1700,rw,noexec,nosuid,nodev,async,noatime,nodiratime" - "/tmp/nginx:uid=20211,gid=20211,mode=1700,rw,noexec,nosuid,nodev,async,noatime,nodiratime" - "/tmp/run:uid=20211,gid=20211,mode=1700,rw,noexec,nosuid,nodev,async,noatime,nodiratime" environment: - PORT=${PORT} - APP_CONF_OVERRIDE=${APP_CONF_OVERRIDE} networks: macnet: external: true

In environment variable I assigned 20211 to PORT, /netalertx to APP_FOLDER and nothing to APP_CONF_OVERRIDE

The container starts without errors. If I'm trying to access the GUI over http://192.168.178.205:20211 in Safari the browser starts loading but Dows not show the netalertx GUI.

This is my container log:
`\033[0m��\033[1;31m

---

| \ | | | | / _ | | | | \ \ / /
| | | | |/ /\ \ | ___ _ _| | \ V /
| . |/ _ \ __| _ | |/ _ \ __| __|/ \
| |\ | __/ || | | | | / | | |_/ /^\ \
_| _/_|__| |/|___|| __/ /
\033[0m Network intruder and presence detector.
https://netalertx.com
Startup pre-checks
--> storage permission.sh
--> data migration.sh
--> mounts.py
Path | Writeable | Mount | RAMDisk | Performance | DataLoss
--------------------------+-----------+-------+---------+-------------+----------
/data/db | ✅ | ✅ | ➖ | ➖ | ✅
/data/config | ✅ | ✅ | ➖ | ➖ | ✅
/tmp/run/tmp | ✅ | ✅ | ✅ | ✅ | ✅
/tmp/api | ✅ | ✅ | ✅ | ✅ | ✅
/tmp/log | ✅ | ✅ | ❌ | ❌ | ✅
/tmp/run | ✅ | ✅ | ✅ | ✅ | ✅
/tmp/nginx/active-config | ✅ | ✅ | ✅ | ✅ | ✅
══════════════════════════════════════════════════════════════════════════════
⚠️ ATTENTION: Configuration issues detected (marked with ❌).
Your configuration has write permission, dataloss, or performance issues
as shown in the table above.
We recommend starting with the default docker-compose.yml as the
configuration can be quite complex.
Review the documentation for a correct setup:
https://github.com/jokob-sk/NetAlertX/blob/main/docs/DOCKER_COMPOSE.md
https://github.com/jokob-sk/NetAlertX/blob/main/docs/docker-troubleshooting/mount-configuration-issues.md
══════════════════════════════════════════════════════════════════════════════
--> first run config.sh
--> first run db.sh
--> mandatory folders.sh
* Creating nginx active configuration directory.
* Creating System services run log.
* Creating System services run tmp.
--> writable config.sh
══════════════════════════════════════════════════════════════════════════════
⚠️ ATTENTION: Read permission denied.
The application cannot read from "/data/config/app.conf". This will cause
unpredictable errors. Please correct the file system permissions.
https://github.com/jokob-sk/NetAlertX/blob/main/docs/docker-troubleshooting/file-permissions.md
══════════════════════════════════════════════════════════════════════════════
\033[1;31m══════════════════════════════════════════════════════════════════════════════
❌ NetAlertX startup aborted: critical failure in writable config.sh.
https://github.com/jokob-sk/NetAlertX/blob/main/docs/docker-troubleshooting/troubleshooting.md
══════════════════════════════════════════════════════════════════════════════
\033[0m
`

May I ask for your help, please?

Kind regards,
Rainer

[jokob-sk]

Hi,

Did you add the correct ownership to the folders?

https://jokob-sk.github.io/NetAlertX/docker-troubleshooting/file-permissions/?h=chmod#how-to-correct-the-issue

[rte2806]

Hi Jakob-sk,
many thanks for your quick response.

Here are my current ownerships and access rights for my folder netalertx:
drwxrwxrwx 6 20211 20211 4096 19. Dez 13:54 . drwxr-xr-x 19 root root 4096 18. Dez 17:23 .. drwxr-xr-x 2 20211 20211 4096 19. Dez 13:54 api drwxrwxrwx 2 20211 20211 4096 18. Dez 17:31 config drwxrwxrwx 2 20211 20211 4096 18. Dez 17:31 db drwxrwxrwx 3 20211 20211 4096 18. Dez 17:31 logs

The folder itself has the same ownership and rights:
drwxrwxrwx 6 20211 20211 4096 19. Dez 13:54 netalertx

Kind regards,
Rainer

[jokob-sk]

@adamoutler can you have a look. The permissions look fine to me.

[adamoutler]

It appears the permissions are not RW for user/group 20211 on the config file. It says it cannot read the config.

[rte2806]

Hi Adamoutler,
As I wrote in my previous comment I see below stated permissions for config file:
drwxrwxrwx 2 [20211 20211 4096 18](tel:20211 20211 4096 18). Dez 17:31 config

But you are also right, there is a comment:
The application cannot read from "/data/config/app.conf". This will cause
unpredictable errors. Please correct the file system permissions.
https://github.com/jokob-sk/NetAlertX/blob/main/docs/docker-troubleshooting/file-permissions.md

Which details should I post to find the reason for this comment?

Kind regards, Rainer

[rte2806]

Hi Adamoutler,

I just rechecked all permissions and found in directory config a file app.conf with wrong permissions. After setting correct permissions I was able to start the dashboard.

Many thanks for your assistance.

I wish you and your family. Merry Christmas and a Happy New Year,
Rainer