The World According To Vissie

https://wiki.zoneminder.com/Debian_10_Buster_with_Zoneminder_1.34.x_from_ZM_Repo#Zoneminder_1.34.x_on_Buster_LEMP_.28NGNIX.2C_Mariadb.2C_PHP.29

sudo apt install nginx mariadb-server php-fpm php-mysql fcgiwrap
sudo apt install apt-transport-https gnupg
sudo mysql_secure_installation
# Read, but basicly say Yes to everything
sudo systemctl restart mysql

sudo vim /etc/php/7.3/fpm/php.ini

Locate cgi.fix_pathinfo=1 and change to 0 and un-comment the line:

cgi.fix_pathinfo=0 
sudo systemctl restart php7.3-fpm
sudo vim /etc/apt/sources.list.d/zoneminder.list

Add the following line to the end of the file

deb https://zmrepo.zoneminder.com/debian/release-1.34 buster/ 

or

deb https://zmrepo.zoneminder.com/debian/release-1.36 buster/ 
  
wget -O - https://zmrepo.zoneminder.com/debian/archive-keyring.gpg | sudo apt-key add -
sudo apt update
sudo apt install zoneminder

Change the ZM_PATH_ZMS in the 01-system-paths.conf file to /cgi-bin/nph-zms by dropping the /zm/

sudo vim /etc/zm/conf.d/01-system-paths.conf
sudo systemctl enable zoneminder
sudo systemctl restart zoneminder

Edit the Ngnix default configuration.

sudo vim /etc/nginx/sites-available/default

Locate the line “index index.html index.htm index.nginx-debian.html;” and add index.php

index index.php index.html index.htm index.nginx-debian.html;

In the “server” section after listen [::] :80 default_Server; add

include /etc/nginx/zoneminder.conf;

Create a Zoneminder conf file

sudo vim /etc/nginx/zoneminder.conf

Enter the following into the zoneminder.conf file (This file was improved by databoy2k)

location /cgi-bin {
auth_basic off;
        alias /usr/lib/zoneminder/cgi-bin;     
        include fastcgi_params;
        fastcgi_param SCRIPT_FILENAME $request_filename;
        fastcgi_param HTTP_PROXY "";
        fastcgi_pass unix:/var/run/fcgiwrap.socket;
}
location /zm/cache {
auth_basic off;
        alias /var/cache/zoneminder/cache;
}
location ~ /zm/api/(css|img|ico) {
auth_basic off;
        rewrite ^/zm/api(.+)$ /api/app/webroot/$1 break;
        try_files $uri $uri/ =404;
}
location /zm {
auth_basic off;
        alias /usr/share/zoneminder/www;
        try_files $uri $uri/ /index.php?$args =404;    
        location /zm/api {
auth_basic off;
                rewrite ^/zm/api(.+)$ /zm/api/app/webroot/index.php?p=$1 last;
         }
                location ~ \.php$ {
                auth_basic off;
                        include fastcgi_params;
                        fastcgi_param SCRIPT_FILENAME $request_filename;
                        fastcgi_param HTTP_PROXY "";
                fastcgi_index index.php;
                        fastcgi_pass unix:/var/run/php/php7.3-fpm.sock;
        }
    }

sudo systemctl restart nginx.service

If it does not exist create

sudo vim /etc/default/fcgiwrap

and insert (with the number of children -c equal to the number of cameras) Note that you may need to have this value larger than the number if cameras. In my case I run “camera walls” from a custom web page that accesses the Zoneminder monitors. I have needed to increase the -c to include the number of cameras in the camera wall web pages.

DAEMON_OPTS=-c 17

sudo systemctl restart fcgiwrap

http://onlinetechadvice.blogspot.com/2014/04/hikvision-ds-2cd2032-i-working-in.html?m=1#comment-form

• Create a new monitor and choose source as ffmpeg
• Click on source tab, add rtsp://username:password@192.168.1.120:554/cam/realmonitor?channel=1&subtype=0?tcp to the source(change your IP as necessary on your network, and your username and password.
• Colors is 24 bit, Width is 1920, Height is 1080(I choose 1080P mode instead of 3MP), Click save and it should now work.

https://forums.zoneminder.com/viewtopic.php?t=25766

It turns out, this is better: rtsp://username:password@192.168.1.120:554//Streaming/Channels/1

http://www.overworkeditguy.com/2017/07/basic-security-with-zoneminder.html

First, activate the HTTPS / ssl handler for Apache (Ubuntu includes it in the default “LAMP” install, it just needs to be activated):

sudo a2enmod ssl
sudo service apache2 restart

Next, we'll create the place to store the certificates, as well as the self signed certificate itself:

sudo mkdir /etc/apache2/ssl
sudo openssl req -x509 -nodes -days 3065 -newkey rsa:2048 -keyout /etc/apache2/ssl/zm.key -out /etc/apache2/ssl/zm.crt

Fill in the form with the obvious information For “Common Name”, put in the IP address of the server or the fully qualified domain name if you have one (ie: zoneminder.mydomain.com) Now that we have the required certificate, we can configure Apache to talk HTTPS:

Edit /etc/apache2/sites-available/default-ssl.conf with your favorite editor (nano, vim, etc)

Change SSLCertificateFile to: /etc/apache2/ssl/zm.crt
Change SSLCertificateKeyFile to: /etc/apache2/ssl/zm.key

Lastly, put the new HTTPS / ssl configuration in place and restart Apache:

sudo a2ensite default-ssl.conf
sudo service apache2 restart

Now open a browser and try to go to the server using HTTPS. For example, https://192.168.0.100/zm . You will get a security warning about an invalid certificate. This is because it's a self signed certificate as opposed to one signed by a trusted 3rd party. You can accept this warning and continue.

Debian (From Versions 8) stores zoneminder log messages in /var/log/syslog and /var/log/messages mixed with the other log records of the OS.

If you want to have only zoneminder logs, apart from the other log messages, in dedicated log files, you will have to change the configuration of /etc/rsyslog.conf and add specific statements for Zoneminder.

• Create configuration file in /etc/rsyslog.d (all configuration files from this directory will be included in /etc/rsyslog.conf):

#touch /etc/rsyslog.d/zm.conf

• Edit /etc/rsyslog.d/zm. conf, add the code below:

#zoneminder rules

########################################################################

# Send Zoneminder messages in files located in /var/log/zm:

# All messages
:programname, contains, "zm" /var/log/zm/zmall

#Specific Messages generated by different components of Zoneminder:

#Analysis Daemon
:programname, contains, "zma" /var/log/zm/zma

#Capture Daemon
:programname, contains, "zmc" /var/log/zm/zmc

#Zoneminder Daemon Control Script
:programname, contains, "zdmc" /var/log/zm/zdmc

#Filter Component
:programname, contains, "zmfilter" /var/log/zm/zmfilter

#Audit Component
:programname, contains, "zmaudit" /var/log/zm/zmaudit

########################################################################

########################################################################
#Custom logs

# You may add custom logs by using the filtering by program name statements.
# For example, if you want to log the messages of "Monitor 3", add:
#:programname, contains, "_m3" /var/log/zm/monitor-3

########################################################################

########################################################################

#Discard Zoneminder messages after being written in the files above
#so that they do not end in the /var/log/syslog and /var/log/messages:

# - this is deprecated in Debian 8, but may work in previous versions- :programname, contains, "zm" ~
:programname, contains, "zm" stop

########################################################################

• Restart syslog daemon

#systemctl restart rsyslog.service Zoneminder logs will be generated as defined in the above file.

Cannot read first page of './zm/Logs.ibd' I/O error

This did NOT fix my issue:

sudo chown mysql:mysql /var/lib/mysql/zm/Logs.frm
sudo chown mysql:mysql /var/lib/mysql/zm/Logs.idb

So I tried this: https://iserversupport.com/recover-crashed-innodb-tables-on-mysql-database-server/

sudo cp -rf /var/lib/mysql  /var/lib/mysql_backup_data
sudo vim /etc/mysql/mariadb.conf.d/50-server.cnf 

innodb_force_recovery = 1

sudo mysqldump -uroot -p zm > zm_backup.sql

mysql -uroot -p

drop database zm;
create database zm;
GRANT ALL PRIVILEGES ON zm.* TO 'zmuser'@'localhost' WITH GRANT OPTION;
FLUSH PRIVILEGES ;
exit;

sudo systemctl stop mariadb
sudo mysqld_safe --skip-grant-tables &

Reconnect to the MariaDB server with the MariaDB root account:

mysql -u root

Use the following commands to reset root’s password. Replace password with a strong password:

use mysql;
update user SET PASSWORD=PASSWORD("password") WHERE USER='root';
flush privileges;
exit

Then kill all open mariadb or mysql running processes:

sudo ps -ef | grep mysql

Then restart MariaDB:

sudo systemctl start mariadb