Simple patch for adding Netdata add-on service to the IPFire web interface.
- Script:
0.2.12
- Netdata: 1.42.0-1
- Features
- Installation
- Update
- Uninstall
- Reset
- Fix broken permissions
- Service
- Known issues
- Roadmap
- Community
- Thanks
- Author
The installer script will allow you to do the following:
- Install / Update / Remove / Reset the add-on
- Fix broken permissions
- Backup and restore config files when running
remove
orreset
commands - Add / Remove the patch on the services page (not implemented yet)
- Test the Netdata service
- Install
git
with Pakfire - Clone the project and run the patch:
# pakfire install -y git
# git clone https://github.com/Jiab77/ipfire-netdata-addon-service-patch.git
# cd ipfire-netdata-addon-service-patch
# ./install.sh -h
Once done, simply reload the page(s).
You can remove
git
right after from Pakfire once installed.git
is just required for downloading and updating the project to get the latest versions.
# cd ipfire-netdata-addon-service-patch
# ./install.sh -u
You can also use
--update
if you prefer the long version.
# cd ipfire-netdata-addon-service-patch
# ./install.sh -r
You can also use
--remove
if you prefer the long version.
# cd ipfire-netdata-addon-service-patch
# ./install.sh -R
You can also use
--reset
if you prefer the long version.
This feature should be ran automatically during the install process but if you have used --no-fix
then you have to do it manually.
# cd ipfire-netdata-addon-service-patch
# ./install.sh -f
You can also use
--fix-perms
if you prefer the long version.
The Netdata service will be added to the IPFire services page by injecting a custom line inside the CGI
file.
WARNING
Don't run the following commands at the moment!
./install.sh -s add
./install.sh -s rm
These commands might break your IPFire installation, so please, really, don't run them!
(Both exists in the script but they are not ready to use for the moment)
Here is how it works:
-
Install the patch (don't use it for the moment)
# cd ipfire-netdata-addon-service-patch # ./install.sh -s add
You can also use
--service
if you prefer the long version. -
Remove the patch (don't use it for the moment)
# cd ipfire-netdata-addon-service-patch # ./install.sh -s rm (or 'remove')
You can also use
--service
if you prefer the long version. -
Test the service
# cd ipfire-netdata-addon-service-patch # ./install.sh -s test
You can also use
--service
if you prefer the long version.
Here is the list of known issues and related workarounds.
When I was looking for the Unbound service graph in Netdata, I've discovered that the go.d.plugin
was not running and was not displayed when running the ps fax | grep netdata
command.
It took few hours to debug it but I could finally find the reason why simply no plugin could be started by analyzing the file /opt/netdata/var/log/netdata/collector.log
and discovered that all plugin got permission denied
errors:
Collector logs
# cat /opt/netdata/var/log/netdata/collector.log.1 | grep -i "permission denied" | sort -u | head -n20
sh: line 1: exec: /opt/netdata/usr/libexec/netdata/plugins.d/charts.d.plugin: cannot execute: Permission denied
sh: line 1: exec: /opt/netdata/usr/libexec/netdata/plugins.d/cups.plugin: cannot execute: Permission denied
sh: line 1: exec: /opt/netdata/usr/libexec/netdata/plugins.d/ebpf.plugin: cannot execute: Permission denied
sh: line 1: exec: /opt/netdata/usr/libexec/netdata/plugins.d/fping.plugin: cannot execute: Permission denied
sh: line 1: exec: /opt/netdata/usr/libexec/netdata/plugins.d/go.d.plugin: cannot execute: Permission denied
sh: line 1: exec: /opt/netdata/usr/libexec/netdata/plugins.d/ioping.plugin: cannot execute: Permission denied
sh: line 1: exec: /opt/netdata/usr/libexec/netdata/plugins.d/perf.plugin: cannot execute: Permission denied
sh: line 1: exec: /opt/netdata/usr/libexec/netdata/plugins.d/python.d.plugin: cannot execute: Permission denied
sh: line 1: /opt/netdata/usr/libexec/netdata/plugins.d/charts.d.plugin: Permission denied
sh: line 1: /opt/netdata/usr/libexec/netdata/plugins.d/cups.plugin: Permission denied
sh: line 1: /opt/netdata/usr/libexec/netdata/plugins.d/ebpf.plugin: Permission denied
sh: line 1: /opt/netdata/usr/libexec/netdata/plugins.d/fping.plugin: Permission denied
sh: line 1: /opt/netdata/usr/libexec/netdata/plugins.d/go.d.plugin: Permission denied
sh: line 1: /opt/netdata/usr/libexec/netdata/plugins.d/ioping.plugin: Permission denied
sh: line 1: /opt/netdata/usr/libexec/netdata/plugins.d/perf.plugin: Permission denied
sh: line 1: /opt/netdata/usr/libexec/netdata/plugins.d/python.d.plugin: Permission denied
I then looked at the /opt/netdata/usr/libexec/netdata/plugins.d
folder and seen that all the *.plugin
files had their GID
defined to the group id 999
.
The problem here is that the group id 999
does not exist on IPFire...
You can check it on your side by running these commands:
-
Search for the group id
999
# grep -c "999" /etc/group 0
-
Search for the user id
999
# grep -c "999" /etc/passwd 0
While if you are running the same commands but with netdata
instead:
-
Search for the group name
netdata
# grep -c "netdata" /etc/group 1
-
Search for the user name
netdata
# grep -c "netdata" /etc/passwd 1
So... What does all of this means? Well... it means that there is probably a permission issue during the install process or during the package building process.
To be sure of that and also find a way to fix that permission issue, we'll need to find which files are impacted and set to the wrong group id.
Here is how to do so:
# find /opt/netdata -group 999 2>/dev/null | wc -l
321
Woow... that's quite a lot 😅 Just forget to fix them all manually 😆
Ok so let's stop the Netdata service, fix the permissions, restart the service and see how it goes after that!
# /etc/init.d/netdata stop
Stopping real-time performance and health monitoring... [ OK ]
# find /opt/netdata -group 999 | wc -l
321
# find /opt/netdata -group 999 -exec chown -c root:netdata {} \; | wc -l
321
# find /opt/netdata -group 999 | wc -l
0
# /etc/init.d/netdata start
Starting real-time performance and health monitoring...
# /etc/init.d/netdata status
netdata is running with Process ID(s) 20865 20863 20859.
Now, if you check the screenshots in the next section, you should get a similar result on your side.
Don't worry, you'll not have to do all this technical things, I've already implemented everything in the install.sh script 😉
If you want to fix your current installation, you just need to run the following command:
# cd ~/ipfire-netdata-addon-service-patch
# ./install.sh -f
You can also use
--fix-perms
instead if you prefer long arguments.
Or if you want to be more radical and reset your Netdata installation, you can run this command instead:
# cd ~/ipfire-netdata-addon-service-patch
# ./install.sh -R
You can also use
--reset
instead if you prefer long arguments.
If for whatever reasons you want to reset your Netdata installation without fixing the permissions, you can run this command:
# cd ~/ipfire-netdata-addon-service-patch
# ./install.sh -R --no-fix
That's all! Hope that all of this could have been helpful for everyone. 🙇♂️
- Create initial version
- Make the script better
- Fix permissions issues
- Implement script
update
feature - Finish the
service
code - See if the kickstart method can be supported
You can find the discussion around this project here.
Huge thanks to @siosios for his work on the Netdata package for IPFire!
- Jiab77