« ZoneMinder » : différence entre les versions

De Le Wiki de Lug
Aller à la navigation Aller à la recherche
Ligne 83 : Ligne 83 :
  <font color = green>ZM_PATH_ZMS=/cgi-bin/nph-zms</font>
  <font color = green>ZM_PATH_ZMS=/cgi-bin/nph-zms</font>
  <font color =grey>...</font>
  <font color =grey>...</font>
=Vhost=
  server {
    if ($host = <font color = blue>zoneminder.exemple.net</font>) {
        return 301 <nowiki>https</nowiki>://$host$request_uri;
    } # managed by Certbot
listen 80;
    listen [::]:80;
    server_name    <font color = blue>zoneminder.exemple.net</font>;
    # return 404;
    return 301 <nowiki>https://</nowiki>$host$request_uri;
}
server {
server_name    <font color = blue>zoneminder.exemple.net</font>;
    error_page 403  https:/<font color = blue>zoneminder.exemple.net</font>;
    location / {
            client_max_body_size 0; ##no limites :)
            proxy_set_header Host $host;
            proxy_set_header X-Real-IP $remote_addr;
            proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
            proxy_set_header X-Forwarded-Proto $scheme;
            proxy_set_header X-Forwarded-Protocol $scheme;
            proxy_set_header X-Forwarded-Host $http_host;
            proxy_pass https://<font color = blue>ADRESS_IP_ZONEMINDER</font>/zm/;
    }
    listen [::]:443 ssl; # managed by Certbot
<font color =grey>...</font>
    listen 443 ssl; # managed by Certbot
    listen 30000 ssl;
    listen 30001 ssl;
    listen 30002 ssl;
    listen 30003 ssl;
    listen 30004 ssl;
<font color =grey>...</font>
<font color =grey>...</font>
    ssl_certificate /etc/letsencrypt/live/<font color = blue>zoneminder.exemple.net</font>/fullchain.pem; # managed by Certbot 
    ssl_certificate_key /etc/letsencrypt/live/<font color = blue>zoneminder.exemple.net</font>/privkey.pem; # managed by Certbot
    include /etc/letsencrypt/options-ssl-nginx.conf;                             
    ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem;                               
    add_header Strict-Transport-Security "max-age=31536000" always;               
    ssl_trusted_certificate /etc/letsencrypt/live/<font color = blue>zoneminder.exemple.net</font>/chain.pem;
    ssl_stapling on;     
    ssl_stapling_verify on;
}

Version du 5 mai 2021 à 17:14

Source 

# apt update && apt upgrade

# apt install software-properties-common

# add-apt-repository ppa:iconnor/zoneminder-master

# apt install zoneminder

# adduser www-data video

# mysql_secure_installation

# vi  /etc/zm/zm.conf

# ZoneMinder database password
ZM_DB_PASS=zmpass

# mysql -U

mysql> ALTER USER 'zmuser'@'localhost' IDENTIFIED BY 'mdpnouveau';
mysql> FLUSH PRIVILEGES;
mysql> exit

# vi /etc/php/7.4/apache2/php.ini

[Date]
; Defines the default timezone used by the date functions
; http://php.net/date.timezone
date.timezone = Europe/Madrid

# timedatectl set-timezone Europe/Madrid

# a2enconf zoneminder
# a2enmod rewrite
# a2enmod headers
# a2enmod expires
# a2enmod ssl
# a2ensite default-ssl
# systemctl enable zoneminder
# service zoneminder start
# service apache2 reload



Autentification

Options -> System -> OPT_USE_AUTH

multicast

source 

MIN_STREAMING_PORT 30000

# vi /etc/apache2/ports.conf

...
<IfModule ssl_module>
        Listen 443
        Listen 30000
        Listen 30001
        Listen 30002
        Listen 30003
        Listen 30004
        ...
        ...
</IfModule>
...

# vi /etc/apache2/sites-enabled/default-ssl.conf

<IfModule mod_ssl.c>
        <VirtualHost _default_:443 *:30000 *:30002 *:30004 ... >
                ServerAdmin webmaster@localhost
...

# service apache2 restart

NGINX Reverse Proxy

# vi /etc/zm/conf.d/01-system-paths.conf

...
# ZoneMinder url path to the zms streaming server
#ZM_PATH_ZMS=/zm/cgi-bin/nph-zms
ZM_PATH_ZMS=/cgi-bin/nph-zms
...

Vhost

 server {
    if ($host = zoneminder.exemple.net) {
        return 301 https://$host$request_uri;
    } # managed by Certbot


listen 80;
    listen [::]:80;
    server_name     zoneminder.exemple.net;
   # return 404;
    return 301 https://$host$request_uri;


}

server {
server_name     zoneminder.exemple.net;
    error_page 403  https:/zoneminder.exemple.net;

    location / {
            client_max_body_size 0; ##no limites :)
            proxy_set_header Host $host;
            proxy_set_header X-Real-IP $remote_addr;
            proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
            proxy_set_header X-Forwarded-Proto $scheme;
            proxy_set_header X-Forwarded-Protocol $scheme;
            proxy_set_header X-Forwarded-Host $http_host;
            proxy_pass https://ADRESS_IP_ZONEMINDER/zm/;
    }

   listen [::]:443 ssl; # managed by Certbot
...
    listen 443 ssl; # managed by Certbot
    listen 30000 ssl;
    listen 30001 ssl;
    listen 30002 ssl;
    listen 30003 ssl;
    listen 30004 ssl;
...
...
    ssl_certificate /etc/letsencrypt/live/zoneminder.exemple.net/fullchain.pem; # managed by Certbot  
    ssl_certificate_key /etc/letsencrypt/live/zoneminder.exemple.net/privkey.pem; # managed by Certbot
    include /etc/letsencrypt/options-ssl-nginx.conf;                               
    ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem;                                 
    add_header Strict-Transport-Security "max-age=31536000" always;                
    ssl_trusted_certificate /etc/letsencrypt/live/zoneminder.exemple.net/chain.pem;
    ssl_stapling on;       
    ssl_stapling_verify on;

}
Récupérée de « https://lugwiki.stcgrupo.es/index.php?title=ZoneMinder&oldid=2010 »