scripte/zmb-webui
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
52b9c02264c61fd4973a58f94fa190221ff784b7
zmb-webui/LXC_QUICKSTART.md
T
Claude Code 92bed208e0 ZMB Webui: Complete Project – Rebrand & Initial Clean Commit 
ARCHITECTURE
============
Backend: FastAPI + uvicorn (port 8000)
  - JWT authentication with PAM system users
  - ZFS CLI wrapper with caching (30-60s TTL)
  - WebSocket pool status broadcaster (30s interval)
  - Services: auth, zfs_runner, file_manager, shares, identities, system_info
  - Routers: pools, datasets, snapshots, shares, identities, navigator, system

Frontend: Next.js 15 + TypeScript (static export)
  - Incremental Static Regeneration (ISR) for weak hardware
  - Type-safe API client (lib/api.ts)
  - Dark mode + custom Tailwind theme
  - Pages: Dashboard, Login, Snapshots, Datasets, Shares, etc.

DEPLOYMENT
==========
Test Target: 192.168.1.179:8090 (Debian LXC)
Production: 10.66.120.3:9090 (Raspberry Pi 4GB ARM64)
Updater: Automated Gitea-based deployment (update-test.sh, update-pi.sh)

FEATURES COMPLETED
==================
Phase 3a: Dashboard Quick Stats (System, CPU, Memory, Storage)
  - Real-time stats with color-coded progress bars
  - Responsive grid layout (mobile: 1, tablet: 2, desktop: 4 columns)
  - ISR-optimized for fast loads on weak hardware

REBRANDING
==========
Renamed throughout:
  - Project: 'ZFS Manager' → 'ZMB Webui'
  - Services: 'zfs-manager' → 'zmb-webui'
  - Systemd units: zfs-manager-backend → zmb-webui-backend
  - Configuration files and documentation

Co-Authored-By: Patrick <patrick@perlbach24.de>
2026-04-22 00:43:05 +02:00

3.0 KiB
Raw Blame History

LXC Container Quick Start

ZMB Webui läuft in privilegiertem LXC Container mit vollständigem ZFS Management.

One-Liner Setup

# 1. Container erstellen (privilégiiert!)
lxc launch images:debian/bookworm zmb-webui \
    --config security.privileged=true \
    --config security.nesting=true

# 2. Port-Mapping
lxc config device add zmb-webui http proxy \
    listen=tcp:0.0.0.0:9090 \
    connect=tcp:127.0.0.1:8000

# 3. Shell in Container
lxc exec zmb-webui -- bash

# 4. Im Container:
apt update && apt install -y python3 python3-pip python3-venv git
git clone <repo> /opt/zmb-webui
cd /opt/zmb-webui/backend
bash check_system.sh
bash install.sh

# 5. Service starten
systemctl start zmb-webui-backend
systemctl status zmb-webui-backend

# 6. Test
curl http://localhost:8000/health

# 7. Login & Change Password
TOKEN=$(curl -s -X POST http://localhost:8000/api/auth/login \
  -H "Content-Type: application/json" \
  -d '{"username":"admin","password":"admin123"}' | jq -r .access_token)

python3 manage_users.py change-password admin

Verify ZFS im Container

# Alle diese Commands funktionieren im privilegierten Container:

lxc exec zmb-webui -- zpool list
# → Zeigt tank pool vom Host

lxc exec zmb-webui -- zfs list
# → Alle Datasets

lxc exec zmb-webui -- zpool status tank
# → VDEV-Status

lxc exec zmb-webui -- zfs list -t snapshot | head
# → Snapshots

# Backend kann ZFS direkt managen:
TOKEN=$(...)  # siehe oben
curl "http://localhost:9090/api/pools" \
  -H "Authorization: Bearer $TOKEN"

Container-Management

# Container Info
lxc info zmb-webui

# Resources begrenzen
lxc config set zmb-webui limits.memory 2GB
lxc config set zmb-webui limits.cpu 2

# Container neustarten
lxc restart zmb-webui

# Shell zugriff (jederzeit)
lxc exec zmb-webui -- bash

# Logs anschauen
lxc exec zmb-webui -- journalctl -u zmb-webui-backend -f

# Files transferieren
lxc file push ./local-file zmb-webui/root/
lxc file pull zmb-webui/root/remote-file ./

# Container Snapshot
lxc snapshot zmb-webui backup-2026-04-14

# Restore
lxc restore zmb-webui backup-2026-04-14

Networking

# Container IP
lxc exec zmb-webui -- ip addr

# Extern vom Host zugreifen:
curl http://localhost:9090/health

# Vom anderen Host (wenn freigegeben):
curl http://<host-ip>:9090/health

Performance im Container

Pool-Query:    20-50ms (vs 10-20ms bare metal)
Snapshots:     1-2s
File Upload:   100-500ms

⚠️ Overhead: ~50% (normal für virtualisierte Umgebung)

Security Notes

⚠️ Privilegierter Container:

  • Hat Root-ähnliche Zugriffe
  • Kann Host-Disks direkt zugreifen
  • ZFS Management im Container möglich
  • Use Case: All-in-one Server auf Proxmox/LXD

Mitigations:

  • Memory/CPU Limits setzen
  • Firewall auf Host
  • Regelmäßige Backups (lxc snapshot)

Cleanup

# Container stoppen & löschen
lxc stop zmb-webui
lxc delete zmb-webui

# All snapshots entfernen
lxc delete zmb-webui/backup-2026-04-14

Das war's! Backend läuft im Container und kann ZFS vollständig managen. 🚀

Reference in New Issue View Git Blame Copy Permalink