Recipe for Shinobi Security DVR

Install:
Debian 9.4 container
4 cores, 8 GB disk, 2 GB RAM, 512 MB swap, big storage mountpoint on /mnt/dvr

adduser tdobes
adduser tdobes adm
adduser tdobes systemd-journal

aptitude update && aptitude forget-new && aptitude full-upgrade

aptitude install ca-certificates apt-transport-https
echo 'deb https://deb.nodesource.com/node_8.x stretch main' > /etc/apt/sources.list.d/nodesource.list
echo 'deb-src https://deb.nodesource.com/node_8.x stretch main' >> /etc/apt/sources.list.d/nodesource.list
wget -O- https://deb.nodesource.com/gpgkey/nodesource.gpg.key | apt-key add -
aptitude update

aptitude install git nodejs
aptitude --without-recommends install ffmpeg # alternate plan: install static binaries to avoid tons of X11 deps
aptitude install mariadb-server mariadb-client

# see https://gitlab.com/Shinobi-Systems/Shinobi-Installer/blob/master/shinobi-install.sh
mkdir -p /opt/shinobi
git clone https://gitlab.com/Shinobi-Systems/Shinobi.git -b master /opt/shinobi
echo '{"Product": "Shinobi Professional (Pro)", "Branch": "master", "Version": "'`GIT_DIR=/opt/shinobi/.git git rev-parse HEAD`'", "Date": "'`date`'", "Repository": "https://gitlab.com/Shinobi-Systems/Shinobi"}' > /opt/shinobi/version.json

# see https://gitlab.com/Shinobi-Systems/Shinobi/blob/master/INSTALL/ubuntu.sh
# and https://shinobi.video/docs/start#content-ubuntu--the-harder-way
# ...maybe use jq to manipulate json for config + stuff?


# TODO: test and do this stuff
pushd /opt/shinobi
# TODO: Fix this stuff so it uses custom db username/pass and possibly custom db name
mysql -u $sqluser -p$sqlpass -e "source sql/user.sql" # this has the MySQL username, password, and database name hardcoded
mysql -u $sqluser -p$sqlpass -e "source sql/framework.sql" # this has the MySQL database name hardcoded


npm install npm -g # use npm to update global install of npm to latest version
npm install --unsafe-perm # install all dependencies needed by shinobi
npm audit fix --force # checks dependencies for security issues and auto-fix

### npm install pm2 -g # should probably use systemd instead
popd
touch /opt/shinobi/INSTALL/installed.txt

cp /opt/shinobi/conf.sample.json /opt/shinobi/conf.json
# TODO: edit /opt/shinobi/conf.json
cp /opt/shinobi/super.sample.json /opt/shinobi/super.json
# TODO: edit /opt/shinobi/super.json
# generating password in super.json: echo -n admin | md5sum | cut -d' ' -f1

# we intentionally omit making a symlink for the INSTALL/shinobi script because it assumes we installed to the default dir and are using PM2

pm2 start camera.js
pm2 start cron.js
pm2 startup
pm2 save
pm2 list











adduser --system --home /nonexistent --no-create-home shinobi


npm install -g pm2 # I sorta don't think these are needed anymore: generator-nodecg yo electron

mkdir -p /var/local/pm2
chown nodecg:staff /var/local/pm2
chmod g+w /var/local/pm2

echo '[Unit]' > /etc/systemd/system/nodecg.service
echo 'Description=NodeCG Service' >> /etc/systemd/system/nodecg.service
echo 'After=network.target' >> /etc/systemd/system/nodecg.service
echo >> /etc/systemd/system/nodecg.service
echo '[Service]' >> /etc/systemd/system/nodecg.service
echo 'ExecStart=/usr/bin/pm2 start /var/local/nodecg/index.js --name nodecg' >> /etc/systemd/system/nodecg.service
echo 'User=nodecg' >> /etc/systemd/system/nodecg.service
echo 'Environment=PM2_HOME=/var/local/pm2' >> /etc/systemd/system/nodecg.service
echo 'Type=forking' >> /etc/systemd/system/nodecg.service
echo 'Restart=always' >> /etc/systemd/system/nodecg.service
echo 'RestartSec=1' >> /etc/systemd/system/nodecg.service
echo >> /etc/systemd/system/nodecg.service
echo '[Install]' >> /etc/systemd/system/nodecg.service
echo 'WantedBy=multi-user.target' >> /etc/systemd/system/nodecg.service

systemctl daemon-reload
systemctl enable nodecg.service
systemctl start nodecg.service
computer/shinobi_dvr.txt · Last modified: 2019/01/20 12:12 by tdobes
Recent changes RSS feed Driven by DokuWiki Valid XHTML 1.0 Valid CSS