From The World according to Vissie
Jump to navigation Jump to search

How to install
sudo apt install nginx mariadb-server php-fpm php-mysql fcgiwrap
sudo apt install apt-transport-https gnupg
sudo mysql_secure_installation
sudo systemctl restart mysql

Locate (Ctrl+w) cgi.fix_pathinfo=1 and change to

sudo systemctl restart php7.3-fpm
sudo vim /etc/apt/sources.list.d/zoneminder.list

Add the following line to the end of the file

deb buster/
wget -O - | sudo apt-key add -
sudo apt update
sudo apt install zoneminder

Change the ZM_PATH_ZMS in the 01-system-paths.conf file to /cgi-bin/nph-zms by dropping the /zm/

sudo vim /etc/zm/conf.d/01-system-paths.conf
sudo systemctl enable zoneminder
sudo systemctl restart zoneminder

Edit the Ngnix default configuration.

sudo vim /etc/nginx/sites-available/default

Locate the line "index index.html index.htm index.nginx-debian.html;" and add index.php

index index.php index.html index.htm index.nginx-debian.html;

In the "server" section after listen [::] :80 default_Server; add

include /etc/nginx/zoneminder.conf;

Create a Zoneminder conf file

sudo vim /etc/nginx/zoneminder.conf

Enter the following into the zoneminder.conf file (This file was improved by databoy2k)

location /cgi-bin {
auth_basic off;
        alias /usr/lib/zoneminder/cgi-bin;     
        include fastcgi_params;
        fastcgi_param SCRIPT_FILENAME $request_filename;
        fastcgi_param HTTP_PROXY "";
        fastcgi_pass unix:/var/run/fcgiwrap.socket;
location /zm/cache {
auth_basic off;
        alias /var/cache/zoneminder/cache;
location ~ /zm/api/(css|img|ico) {
auth_basic off;
        rewrite ^/zm/api(.+)$ /api/app/webroot/$1 break;
        try_files $uri $uri/ =404;
location /zm {
auth_basic off;
        alias /usr/share/zoneminder/www;
        try_files $uri $uri/ /index.php?$args =404;    
        location /zm/api {
auth_basic off;
                rewrite ^/zm/api(.+)$ /zm/api/app/webroot/index.php?p=$1 last;
                location ~ \.php$ {
                auth_basic off;
                        include fastcgi_params;
                        fastcgi_param SCRIPT_FILENAME $request_filename;
                        fastcgi_param HTTP_PROXY "";
                fastcgi_index index.php;
                        fastcgi_pass unix:/var/run/php/php7.3-fpm.sock;

sudo systemctl restart nginx.service If it does not exist create

sudo vim /etc/default/fcgiwrap

and insert (with the number of children -c equal to the number of cameras) Note that you may need to have this value larger than the number if cameras. In my case I run "camera walls" from a custom web page that accesses the Zoneminder monitors. I have needed to increase the -c to include the number of cameras in the camera wall web pages.

sudo systemctl restart fcgiwrap

How to setup cameras
  1. Create a new monitor and choose source as ffmpeg
  2. Click on source tab, add rtsp://username:password@ to the source(change your IP as neccessary on your network, and your username and password.
  3. Colours is 24 bit, Width is 1920, Height is 1080(I choose 1080P mode instead of 3MP), Click save and it should now work.

It turns out, this is better:


Enable ssl

First, activate the HTTPS / ssl handler for Apache (Ubuntu includes it in the default "LAMP" install, it just needs to be activated):

sudo a2enmod ssl
sudo service apache2 restart

Next, we'll create the place to store the certificates, as well as the self signed certificate itself:

sudo mkdir /etc/apache2/ssl
sudo openssl req -x509 -nodes -days 3065 -newkey rsa:2048 -keyout /etc/apache2/ssl/zm.key -out /etc/apache2/ssl/zm.crt

Fill in the form with the obvious information For "Common Name", put in the IP address of the server or the fully qualified domain name if you have one (ie: Now that we have the required certificate, we can configure Apache to talk HTTPS:

Edit /etc/apache2/sites-available/default-ssl.conf with your favorite editor (nano, vim, etc)

Change SSLCertificateFile to: /etc/apache2/ssl/zm.crt
Change SSLCertificateKeyFile to: /etc/apache2/ssl/zm.key

Lastly, put the new HTTPS / ssl configuration in place and restart Apache:

sudo a2ensite default-ssl.conf
sudo service apache2 restart

Now open a browser and try to go to the server using HTTPS. For example, . You will get a security warning about an invalid certificate. This is because it's a self signed certificate as opposed to one signed by a trusted 3rd party. You can accept this warning and continue.

Error checking

Maria DB does not start

Currupt Table

Cannot read first page of './zm/Logs.ibd' I/O error

This did NOT fix my issue:

sudo chown mysql:mysql /var/lib/mysql/zm/Logs.frm
sudo chown mysql:mysql /var/lib/mysql/zm/Logs.idb

So I tried this:
sudo cp -rf /var/lib/mysql  /var/lib/mysql_backup_data
sudo vim /etc/mysql/mariadb.conf.d/50-server.cnf 
innodb_force_recovery = 1

Backup DB

sudo mysqldump -uroot -p zm > zm_backup.sql

Restore DB

mysql -uroot -p
drop database zm;
create database zm;

Reset root password

sudo systemctl stop mariadb
sudo mysqld_safe --skip-grant-tables &

Reconnect to the MariaDB server with the MariaDB root account:

mysql -u root

Use the following commands to reset root’s password. Replace password with a strong password:

use mysql;
update user SET PASSWORD=PASSWORD("password") WHERE USER='root';
flush privileges;

Then kill all open mariadb or mysql running processes:

sudo ps -ef | grep mysql

Then restart MariaDB:

sudo systemctl start mariadb