Skip Navigation

tko

@ tko @tkohhh.social

Posts
2
Comments
69
Joined
3 yr. ago

  • Logwatch

    Jump

  • Here you go. I commented out what is not necessary. There are some passwords noted that you'll want to set to your own values. Also, pay attention to the volume mappings... I left my values in there, but you'll almost certainly need to change those to make sense for your host system. Hopefully this is helpful!

     
        
services:
  mongodb:
    image: "mongo:6.0"
    volumes:
      - "/mnt/user/appdata/mongo-graylog:/data/db"
#      - "/mnt/user/backup/mongodb:/backup"
    restart: "on-failure"
#    logging:
#      driver: "gelf"
#      options:
#        gelf-address: "udp://10.9.8.7:12201"
#        tag: "mongodb"

  opensearch:
    image: "opensearchproject/opensearch:2.13.0"
    environment:
      - "OPENSEARCH_JAVA_OPTS=-Xms1g -Xmx1g"
      - "bootstrap.memory_lock=true"
      - "discovery.type=single-node"
      - "action.auto_create_index=false"
      - "plugins.security.ssl.http.enabled=false"
      - "plugins.security.disabled=true"
      - "OPENSEARCH_INITIAL_ADMIN_PASSWORD=[yourpasswordhere]"
    ulimits:
      nofile: 64000
      memlock:
        hard: -1
        soft: -1
    volumes:
      - "/mnt/user/appdata/opensearch-graylog:/usr/share/opensearch/data"
    restart: "on-failure"
#    logging:
#      driver: "gelf"
#      options:
#        gelf-address: "udp://10.9.8.7:12201"
#        tag: "opensearch"

  graylog:
    image: "graylog/graylog:6.2.0"
    depends_on:
      opensearch:
        condition: "service_started"
      mongodb:
        condition: "service_started"
    entrypoint: "/usr/bin/tini -- wait-for-it opensearch:9200 --  /docker-entrypoint.sh"
    environment:
      GRAYLOG_TIMEZONE: "America/Los_Angeles"
      TZ: "America/Los_Angeles"
      GRAYLOG_ROOT_TIMEZONE: "America/Los_Angeles"
      GRAYLOG_NODE_ID_FILE: "/usr/share/graylog/data/config/node-id"
      GRAYLOG_PASSWORD_SECRET: "[anotherpasswordhere]"
      GRAYLOG_ROOT_PASSWORD_SHA2: "[aSHA2passwordhash]"
      GRAYLOG_HTTP_BIND_ADDRESS: "0.0.0.0:9000"
      GRAYLOG_HTTP_EXTERNAL_URI: "http://localhost:9000/"
      GRAYLOG_ELASTICSEARCH_HOSTS: "http://opensearch:9200/"
      GRAYLOG_MONGODB_URI: "mongodb://mongodb:27017/graylog"

    ports:
    - "5044:5044/tcp"   # Beats
    - "5140:5140/udp"   # Syslog
    - "5140:5140/tcp"   # Syslog
    - "5141:5141/udp"   # Syslog - dd-wrt
    - "5555:5555/tcp"   # RAW TCP
    - "5555:5555/udp"   # RAW UDP
    - "9000:9000/tcp"   # Server API
    - "12201:12201/tcp" # GELF TCP
    - "12201:12201/udp" # GELF UDP
    - "10000:10000/tcp" # Custom TCP port
    - "10000:10000/udp" # Custom UDP port
    - "13301:13301/tcp" # Forwarder data
    - "13302:13302/tcp" # Forwarder config
    volumes:
      - "/mnt/user/appdata/graylog/data:/usr/share/graylog/data/data"
      - "/mnt/user/appdata/graylog/journal:/usr/share/graylog/data/journal"
      - "/mnt/user/appdata/graylog/etc:/etc/graylog"
    restart: "on-failure"

volumes:
  mongodb_data:
  os_data:
  graylog_data:
  graylog_journal:

  • Logwatch

    Jump

  • Can you clarify what your concern is with "heavy" logging solutions that require database/elasticsearch? If you're worried about system resources that's one thing, but if it's just that it seems "complicated," I have a docker compose file that handles Graylog, Opensearch, and Mongodb. Just give it a couple of persistent storage volumes, and it's good to go. You can send logs directly to it with syslog or gelf, or set up a filebeat container to ingest file logs.

    There's a LOT you can do with it once you've got your logs into the system, but you don't NEED to do anything else. Just something to consider!

  • What went right this week: the good news that matters

    Jump

  • I love the idea of a "Migration Museum"... we need more of that in the world!

  • Verifying & Validating a Docker Container

    Jump

  • I'm far from an expert, but it seems to me that if you're setting up your containers according to best practice you would only be mapping the specific ports needed for the service, which renders a wayward "open port" useless. If there's some kind of UI exploit, that's a different story. Perhaps this is why most people suggest not exposing your containerized services to the WAN. If we're talking about a virus that might affect files, it can only see the files that are mapped to the container which limits the damage that can be done. If you are exposing sensitive files to your container, it might be worth it to vet the container more thoroughly (and make sure you have good backups).

  • Removed

    New social media platform with no community guidelines, no mods and no bots. Better than Reddit with file sharing and instant messaging.

    Jump
  • Removed

    New social media platform with no community guidelines, no mods and no bots. Better than Reddit with file sharing and instant messaging.

    Jump

  • Missed the point on that one...

  • Removed

    Is Lemmy a tool for censorship or quite the opposite?

    Jump

  • Federation is a tool to connect instances together. If one instance isn't being run in a way that you like, you can and should create an account on a different instance that better aligns with your ideals. Or, if you can't find any such instance, then you can create your own instance. This is the beauty of federation!

  • Bill Gates to give away $200 billion by 2045, says Musk is 'killing' world's poorest children

    Jump

  • Bill Gates to give away $200 billion by 2045, says Musk is 'killing' world's poorest children

    Jump

  • Even if that's true, it doesn't diminish the very real good that the foundation has accomplished, like Polio eradication or HIV/AIDS research. You can feel about Bill Gates whatever you want, but you cannot deny that his money has done very good things for humanity.

  • Version Dashboard

    Jump

  • I always use a version tag, but I don't spend any time reading release notes for 95% of my containers. I'll go through and update versions a couple times a year. If something breaks, at least I know that it broke because I updated it and I can troubleshoot then. The main consideration for me is to not accidentally update and then having a surprise problem to deal with.

  • Removed

    What happened to the forums at ServerBuilds.net?

    Jump

  • I think the main page has been untouched for a few years now. I think JDM went all in on the forum and Discord and stopped focusing on the static webpage.

  • Removed

    What happened to the forums at ServerBuilds.net?

    Jump

  • The discord is active. There is some problem with the hosting, I don't remember the details, but they are recommending people use the internet archive to find information posted on the forum for the time being.

  • How many people would you give 10 dollars to without question?

    Jump

  • Sure... stop by, I'll give it to you!

  • How many people would you give 10 dollars to without question?

    Jump

  • If I have a $10 bill in my wallet, I would give it to literally anybody who asked me.

  • What is good and bad about free speech?

    Jump

  • These are good! On my instance, my sidebar says "You can stay as long as you’re not being a jerk."

  • Eight artificial dyes will be phased out of US food supply, Health Secretary RFK Jr. says

    Jump

  • Honest question... just about everything I've read regarding why HFCS is bad is really just about the dangers of consuming sugar in general. Is there something that shows it's worse than sugar?

    I totally agree that we eat way too much sugar in America, and I'm all for reducing. I just wonder if any efforts to this end should be focused on ALL sources of sugar, not just HFCS.

  • Intel NUC Homelab - Plex, Immich, Home Assistant

    Jump

  • I think this is just a terminology difference. The documentation says that "Add Ons" are not supported in Container and Core, but "Add Ons" means the easy button you press to install those services. All of those Add On services are just containers that HAOS manages for you. Every single one of them can be set up as a container manually and function the same as the official "Add Ons."

    I don't know for sure, but I wonder if the reason for this is that it's not technically possible for a container to manage other external containers. Does anybody know about this?

  • Intel NUC Homelab - Plex, Immich, Home Assistant

    Jump

  • To be fair, Addons are just other containers. If you're using a Docker install for Home Assistant, I think the idea is you already have a handle on your docker host, and you're capable of adding whatever other containers you might need.

  • What are your favourite songs with epic bass drops?

    Jump

  • "On Her Majesty's Secret Service" by Propellerheads has an amazing bass drop in the middle of the song.

    I'm also partial to "Empire Ants" by Gorillaz.

  • Deleted

    What TV show intro will you never skip?

    Jump

  • Yes! It sets the tone for the show so perfectly. Just to satisfy my curiosity, I pulled up the first episode on Hulu... the new music gives a completely different tone. It's terrible!