Recipe for Shinobi Security DVR

Install:
Debian 10.3 container
4 cores, 8 GB disk, 2 GB RAM, 512 MB swap, big storage mountpoint on /mnt/dvr

adduser tdobes
adduser tdobes adm
adduser tdobes systemd-journal

aptitude update && aptitude forget-new && aptitude full-upgrade

aptitude install apt-transport-https gnupg
echo 'deb https://deb.nodesource.com/node_12.x buster main' > /etc/apt/sources.list.d/nodesource.list
echo 'deb-src https://deb.nodesource.com/node_12.x buster main' >> /etc/apt/sources.list.d/nodesource.list
wget -O- https://deb.nodesource.com/gpgkey/nodesource.gpg.key | apt-key add -
aptitude update

aptitude install git nodejs
aptitude install mariadb-server mariadb-client

# this installs a ton of xorg deps:
# aptitude --without-recommends install ffmpeg
# alternate plan: install static binaries instead (from https://johnvansickle.com/ffmpeg/)
wget https://johnvansickle.com/ffmpeg/releases/ffmpeg-release-amd64-static.tar.xz
tar -xJf ffmpeg-release-amd64-static.tar.xz
mv ffmpeg-*-amd64-static/ffmpeg ffmpeg-*-amd64-static/ffprobe /usr/local/bin/
rm -r ffmpeg-release-amd64-static.tar.xz ffmpeg-*-amd64-static/

# see https://gitlab.com/Shinobi-Systems/Shinobi-Installer/blob/master/shinobi-install.sh
mkdir -p /opt/shinobi
git clone https://gitlab.com/Shinobi-Systems/Shinobi.git -b master /opt/shinobi
echo '{"Product": "Shinobi Professional (Pro)", "Branch": "master", "Version": "'`GIT_DIR=/opt/shinobi/.git git rev-parse HEAD`'", "Date": "'`date`'", "Repository": "https://gitlab.com/Shinobi-Systems/Shinobi"}' > /opt/shinobi/version.json
shinobi_cron_key=`head -c 512 < /dev/urandom | base64 -w 0 | head -c 30`
sed -e 's|change_this_to_something_very_random__just_anything_other_than_this|'$shinobi_cron_key'|' /opt/shinobi/conf.sample.json > /opt/shinobi/conf.json
cp /opt/shinobi/super.sample.json /opt/shinobi/super.json

# see https://gitlab.com/Shinobi-Systems/Shinobi/blob/master/INSTALL/ubuntu.sh
# and https://shinobi.video/docs/start#content-ubuntu--the-harder-way
# ...maybe use jq to manipulate json for config + stuff?


# TODO: test and do this stuff
pushd /opt/shinobi
# TODO: Fix this stuff so it uses custom db username/pass and possibly custom db name
mysql -u $sqluser -p$sqlpass -e "source sql/user.sql" # this has the MySQL username, password, and database name hardcoded
mysql -u $sqluser -p$sqlpass -e "source sql/framework.sql" # this has the MySQL database name hardcoded


npm install npm -g # use npm to update global install of npm to latest version
npm install --unsafe-perm # install all dependencies needed by shinobi
npm audit fix --force # checks dependencies for security issues and auto-fix

### npm install pm2 -g # should probably use systemd instead
popd
touch /opt/shinobi/INSTALL/installed.txt

cp /opt/shinobi/conf.sample.json /opt/shinobi/conf.json
# TODO: edit /opt/shinobi/conf.json
cp /opt/shinobi/super.sample.json /opt/shinobi/super.json
# TODO: edit /opt/shinobi/super.json
# generating password in super.json: echo -n admin | md5sum | cut -d' ' -f1

# we intentionally omit making a symlink for the INSTALL/shinobi script because it assumes we installed to the default dir and are using PM2

pm2 start camera.js
pm2 start cron.js
pm2 startup
pm2 save
pm2 list











adduser --system --home /nonexistent --no-create-home shinobi


npm install -g pm2 # I sorta don't think these are needed anymore: generator-nodecg yo electron

mkdir -p /var/local/pm2
chown nodecg:staff /var/local/pm2
chmod g+w /var/local/pm2

echo '[Unit]' > /etc/systemd/system/nodecg.service
echo 'Description=NodeCG Service' >> /etc/systemd/system/nodecg.service
echo 'After=network.target' >> /etc/systemd/system/nodecg.service
echo >> /etc/systemd/system/nodecg.service
echo '[Service]' >> /etc/systemd/system/nodecg.service
echo 'ExecStart=/usr/bin/pm2 start /var/local/nodecg/index.js --name nodecg' >> /etc/systemd/system/nodecg.service
echo 'User=nodecg' >> /etc/systemd/system/nodecg.service
echo 'Environment=PM2_HOME=/var/local/pm2' >> /etc/systemd/system/nodecg.service
echo 'Type=forking' >> /etc/systemd/system/nodecg.service
echo 'Restart=always' >> /etc/systemd/system/nodecg.service
echo 'RestartSec=1' >> /etc/systemd/system/nodecg.service
echo >> /etc/systemd/system/nodecg.service
echo '[Install]' >> /etc/systemd/system/nodecg.service
echo 'WantedBy=multi-user.target' >> /etc/systemd/system/nodecg.service

systemctl daemon-reload
systemctl enable nodecg.service
systemctl start nodecg.service
computer/shinobi_dvr.txt · Last modified: 2020/05/10 14:06 by tdobes
Recent changes RSS feed Driven by DokuWiki Valid XHTML 1.0 Valid CSS