Monitorix FreeBSD

Monitorix is a system monitor web application. Useful if you are hosting on a vps or something or wanna share current system status with users. Mouse Server Stats

It's not that hard, Monitorix is in the pkg repository. Ill show you a basic nginx config for it and some basic notes on config for monitorix.

$sudo pkg install nginx
$sudo pkg install monitorix

That will get you set up with nginx and monitorix, see rather simple.

Config monitorix:

$EDITOR /usr/local/etc/monitorix.conf

Take note of this value - if you arent using freebsd or pkg install it might be different

base_dir = /usr/local/www/monitorix/

First you will wanna change base url to root - or your preferred, default is monitorix. I recommend root, we are gonna put it under a subdomain on the server so there shouldnt be any conflicts.

base_url = /
# Graphs (de)activation
# -----------------------------------------------------------------------------
<graph_enable>
        system          = n
        kern            = y
        proc            = n
        hptemp          = n
        lmsens          = n
        gensens         = n
        ipmi            = n
        nvidia          = n
        disk            = n
        fs              = y
        zfs             = y
        du              = y
        net             = y
        netstat         = y
        tc              = n
        libvirt         = n
        process         = n
        serv            = n
        mail            = n
        port            = n
        user            = y
        ftp             = n
        apache          = n
        nginx           = y
        lighttpd        = n
        mysql           = n
        mongodb         = n
        varnish         = n
        pagespeed       = n
        squid           = n
        nfss            = n
        nfsc            = n
        bind            = n
        ntp             = n
        chrony          = n
        fail2ban        = n
        icecast         = n
        raspberrypi     = n
        phpapc          = n
        memcached       = n
        apcupsd         = n
        nut             = n
        wowza           = n
        int             = n
        tc              = n
        libvirt         = n
        process         = n
        serv            = n
        mail            = n
        port            = n
        user            = y
        ftp             = n
        apache          = n
        nginx           = y
        lighttpd        = n
        mysql           = n
        mongodb         = n
        varnish         = n
        pagespeed       = n
        squid           = n
        nfss            = n
        nfsc            = n
        bind            = n
        ntp             = n
        chrony          = n
        fail2ban        = n
        icecast         = n
        raspberrypi     = n
        phpapc          = n
        memcached       = n
        apcupsd         = n
        nut             = n
        wowza           = n
        int             = n
        verlihub        = n
</graph_enable>

These are the options I set, the details for each of these graphs are below it.

ZFS values you are gonna have to edit, if you are using basic one disk install something like this:

<zfs>
    max_pools = 5
    list = zroot
    rigid = 0, 0, 0, 0, 2, 0, 2
    limit = 1000, 1000, 1000, 1000, 100, 1000, 100
</zfs>

DU you probably wanna edit, i set it to my major directories

<du>
    list = TinyIB, Pleroma, Root
    <desc>
        0 = /opt/tinyib
        1 = /opt/pleroma
                2 = /
    </desc>
    <dirmap>
        /var/spool/mail = Mail boxes
        /var/spool/mqueue = Mail queue
    </dirmap>
    graphs_per_row = 3
    rigid = 0
    limit = 100
</du>

Also gonna want to add proper network interface name:

<net>
    max = 10
    list = em0
    <desc>
        em0 = Virt Net, 0, 10000000
    </desc>
    gateway = em0
</net>

Optional: certbot Lets encrypt free certs

$sudo pkg install py37-certbot

make sure you got port 80 and port 443 open on your vps-es firewall I have a simple pf tutorial here too.

$sudo certbot certonly --standalone

Now add server block to nginx:

    #stats
    server {
        #listen 8099; # for tor / hidden service
        #listen 4499 ssl; # for tor / hiddenservice 
        listen 80;
        listen 443 ssl;

        server_name stats.mouse.services;#stats.jgrur523hlfmrgoduxurhdrughi5ptvq23mhjuh3pveqnzf2i3nlelid.onion; # use domain name if you have here
        access_log  /var/log/nginx/stats.mouse.services.access.log; #might wanna set these too
        error_log  /var/log/nginx/stats.mouse.services.error.log; #might wanna set these too

        ssl_protocols TLSv1.2;
        ssl_ciphers HIGH:!MEDIUM:!LOW:!aNULL:!NULL:!SHA;
        ssl_prefer_server_ciphers on;
        ssl_session_cache shared:SSL:10m;
        ssl_certificate /usr/local/etc/letsencrypt/live/stats.mouse.services/fullchain.pem; #see url
        ssl_certificate_key /usr/local/etc/letsencrypt/live/stats.mouse.services/privkey.pem; #see url
        location / {
            add_header X-XSS-Protection "1; mode=block";
            add_header X-Permitted-Cross-Domain-Policies none;
            add_header X-Frame-Options DENY;
            add_header X-Content-Type-Options nosniff;
            add_header Referrer-Policy same-origin;
            add_header X-Download-Options noopen;

            proxy_http_version 1.1;
            proxy_set_header Upgrade $http_upgrade;
            proxy_set_header Connection "upgrade";
            proxy_pass		http://127.0.0.1:8080/;
            proxy_buffering off;
         proxy_set_header Host $host;
        location ~ ^/monitorix/(.+\.png)$ {
            alias /usr/local/www/monitorix/$1; #base dir location value noted from before
        }


        }
        #bellow is my error page locations, you can make your own - i recommend it rather than using defaults
    # redirect server error pages to the static page /50x.html
        #
        error_page   500 502 503 504  /50x.html;
        location = /50x.html {
            root   /usr/local/www/mouseservices;
        }

        error_page  404              /404.html;
        location = /404.html {
            root   /usr/local/www/mouseservices; 
        }

        # deny access to .htaccess files, if Apache's document root
        # concurs with nginx's one
        # 
        location ~ /\.ht {
            deny  all;
        }

    }

Thats pretty much it now just

$sudo service monitorix enable
$sudo service monitorix start
$sudo service nginx enable
$sudo service nginx start