Zoneminder
Contents
How to install
https://wiki.zoneminder.com/Debian_10_Buster_with_Zoneminder_1.34.x_from_ZM_Repo#Zoneminder_1.34.x_on_Buster_LEMP_.28NGNIX.2C_Mariadb.2C_PHP.29
sudo apt install nginx mariadb-server php-fpm php-mysql fcgiwrap sudo apt install apt-transport-https gnupg sudo mysql_secure_installation sudo systemctl restart mysql
Locate (Ctrl+w) cgi.fix_pathinfo=1 and change to
cgi.fix_pathinfo=0 sudo systemctl restart php7.3-fpm sudo vim /etc/apt/sources.list.d/zoneminder.list
Add the following line to the end of the file
deb https://zmrepo.zoneminder.com/debian/release-1.34 buster/ wget -O - https://zmrepo.zoneminder.com/debian/archive-keyring.gpg | sudo apt-key add - sudo apt update sudo apt install zoneminder
Change the ZM_PATH_ZMS in the 01-system-paths.conf file to /cgi-bin/nph-zms by dropping the /zm/
sudo vim /etc/zm/conf.d/01-system-paths.conf sudo systemctl enable zoneminder sudo systemctl restart zoneminder
Edit the Ngnix default configuration.
sudo vim /etc/nginx/sites-available/default
Locate the line "index index.html index.htm index.nginx-debian.html;" and add index.php
index index.php index.html index.htm index.nginx-debian.html;
In the "server" section after listen [::] :80 default_Server; add
include /etc/nginx/zoneminder.conf;
Create a Zoneminder conf file
sudo vim /etc/nginx/zoneminder.conf
Enter the following into the zoneminder.conf file (This file was improved by databoy2k)
location /cgi-bin {
auth_basic off;
alias /usr/lib/zoneminder/cgi-bin;
include fastcgi_params;
fastcgi_param SCRIPT_FILENAME $request_filename;
fastcgi_param HTTP_PROXY "";
fastcgi_pass unix:/var/run/fcgiwrap.socket;
}
location /zm/cache {
auth_basic off;
alias /var/cache/zoneminder/cache;
}
location ~ /zm/api/(css|img|ico) {
auth_basic off;
rewrite ^/zm/api(.+)$ /api/app/webroot/$1 break;
try_files $uri $uri/ =404;
}
location /zm {
auth_basic off;
alias /usr/share/zoneminder/www;
try_files $uri $uri/ /index.php?$args =404;
location /zm/api {
auth_basic off;
rewrite ^/zm/api(.+)$ /zm/api/app/webroot/index.php?p=$1 last;
}
location ~ \.php$ {
auth_basic off;
include fastcgi_params;
fastcgi_param SCRIPT_FILENAME $request_filename;
fastcgi_param HTTP_PROXY "";
fastcgi_index index.php;
fastcgi_pass unix:/var/run/php/php7.3-fpm.sock;
}
}
sudo systemctl restart nginx.service If it does not exist create
sudo vim /etc/default/fcgiwrap
and insert (with the number of children -c equal to the number of cameras) Note that you may need to have this value larger than the number if cameras. In my case I run "camera walls" from a custom web page that accesses the Zoneminder monitors. I have needed to increase the -c to include the number of cameras in the camera wall web pages.
DAEMON_OPTS=-c 17
sudo systemctl restart fcgiwrap
How to setup cameras
http://onlinetechadvice.blogspot.com/2014/04/hikvision-ds-2cd2032-i-working-in.html?m=1#comment-form
- Create a new monitor and choose source as ffmpeg
- Click on source tab, add rtsp://username:password@192.168.1.120:554/cam/realmonitor?channel=1&subtype=0?tcp to the source(change your IP as neccessary on your network, and your username and password.
- Colours is 24 bit, Width is 1920, Height is 1080(I choose 1080P mode instead of 3MP), Click save and it should now work.
https://forums.zoneminder.com/viewtopic.php?t=25766
It turns out, this is better:
rtsp://username:password@192.168.1.120:554//Streaming/Channels/1
Enable ssl
http://www.overworkeditguy.com/2017/07/basic-security-with-zoneminder.html
First, activate the HTTPS / ssl handler for Apache (Ubuntu includes it in the default "LAMP" install, it just needs to be activated):
sudo a2enmod ssl sudo service apache2 restart
Next, we'll create the place to store the certificates, as well as the self signed certificate itself:
sudo mkdir /etc/apache2/ssl sudo openssl req -x509 -nodes -days 3065 -newkey rsa:2048 -keyout /etc/apache2/ssl/zm.key -out /etc/apache2/ssl/zm.crt
Fill in the form with the obvious information For "Common Name", put in the IP address of the server or the fully qualified domain name if you have one (ie: zoneminder.mydomain.com) Now that we have the required certificate, we can configure Apache to talk HTTPS:
Edit /etc/apache2/sites-available/default-ssl.conf with your favorite editor (nano, vim, etc)
Change SSLCertificateFile to: /etc/apache2/ssl/zm.crt Change SSLCertificateKeyFile to: /etc/apache2/ssl/zm.key
Lastly, put the new HTTPS / ssl configuration in place and restart Apache:
sudo a2ensite default-ssl.conf sudo service apache2 restart
Now open a browser and try to go to the server using HTTPS. For example, https://192.168.0.100/zm . You will get a security warning about an invalid certificate. This is because it's a self signed certificate as opposed to one signed by a trusted 3rd party. You can accept this warning and continue.
Error checking
Maria DB does not start
Currupt Table
Cannot read first page of './zm/Logs.ibd' I/O error
This did NOT fix my issue:
sudo chown mysql:mysql /var/lib/mysql/zm/Logs.frm sudo chown mysql:mysql /var/lib/mysql/zm/Logs.idb
So I tried this:
https://iserversupport.com/recover-crashed-innodb-tables-on-mysql-database-server/
sudo cp -rf /var/lib/mysql /var/lib/mysql_backup_data sudo vim /etc/mysql/mariadb.conf.d/50-server.cnf
innodb_force_recovery = 1
Backup DB
sudo mysqldump -uroot -p zm > zm_backup.sql
Restore DB
mysql -uroot -p
drop database zm; create database zm; GRANT ALL PRIVILEGES ON zm.* TO 'zmuser'@'localhost' WITH GRANT OPTION; FLUSH PRIVILEGES ; exit;
Reset root password
sudo systemctl stop mariadb sudo mysqld_safe --skip-grant-tables &
Reconnect to the MariaDB server with the MariaDB root account:
mysql -u root
Use the following commands to reset root’s password. Replace password with a strong password:
use mysql; update user SET PASSWORD=PASSWORD("password") WHERE USER='root'; flush privileges; exit
Then kill all open mariadb or mysql running processes:
sudo ps -ef | grep mysql
Then restart MariaDB:
sudo systemctl start mariadb