scripte/zmb-webui
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
5a71b559cabd3ea150d641f197de1f411f2b98b4
zmb-webui/LXC_QUICKSTART.md
T
Claude Code 6d74d874b6 ZMB Webui: Complete Project – Rebrand & Initial Clean Commit 
ARCHITECTURE
============
Backend: FastAPI + uvicorn (port 8000)
  - JWT authentication with PAM system users
  - ZFS CLI wrapper with caching (30-60s TTL)
  - WebSocket pool status broadcaster (30s interval)
  - Services: auth, zfs_runner, file_manager, shares, identities, system_info
  - Routers: pools, datasets, snapshots, shares, identities, navigator, system

Frontend: Next.js 15 + TypeScript (static export)
  - Incremental Static Regeneration (ISR) for weak hardware
  - Type-safe API client (lib/api.ts)
  - Dark mode + custom Tailwind theme
  - Pages: Dashboard, Login, Snapshots, Datasets, Shares, etc.

DEPLOYMENT
==========
Test Target: 192.168.1.179:8090 (Debian LXC)
Production: 10.66.120.3:9090 (Raspberry Pi 4GB ARM64)
Updater: Automated Gitea-based deployment (update-test.sh, update-pi.sh)

FEATURES COMPLETED
==================
Phase 3a: Dashboard Quick Stats (System, CPU, Memory, Storage)
  - Real-time stats with color-coded progress bars
  - Responsive grid layout (mobile: 1, tablet: 2, desktop: 4 columns)
  - ISR-optimized for fast loads on weak hardware

REBRANDING
==========
Renamed throughout:
  - Project: 'ZFS Manager' → 'ZMB Webui'
  - Services: 'zfs-manager' → 'zmb-webui'
  - Systemd units: zfs-manager-backend → zmb-webui-backend
  - Configuration files and documentation

Co-Authored-By: Patrick <patrick@perlbach24.de>
2026-04-22 00:43:05 +02:00

146 lines
3.0 KiB
Markdown
Raw Blame History

# LXC Container Quick Start
ZMB Webui läuft in **privilegiertem LXC Container** mit vollständigem ZFS Management.
## One-Liner Setup
```bash
# 1. Container erstellen (privilégiiert!)
lxc launch images:debian/bookworm zmb-webui \
--config security.privileged=true \
--config security.nesting=true
# 2. Port-Mapping
lxc config device add zmb-webui http proxy \
listen=tcp:0.0.0.0:9090 \
connect=tcp:127.0.0.1:8000
# 3. Shell in Container
lxc exec zmb-webui -- bash
# 4. Im Container:
apt update && apt install -y python3 python3-pip python3-venv git
git clone <repo> /opt/zmb-webui
cd /opt/zmb-webui/backend
bash check_system.sh
bash install.sh
# 5. Service starten
systemctl start zmb-webui-backend
systemctl status zmb-webui-backend
# 6. Test
curl http://localhost:8000/health
# 7. Login & Change Password
TOKEN=$(curl -s -X POST http://localhost:8000/api/auth/login \
-H "Content-Type: application/json" \
-d '{"username":"admin","password":"admin123"}' | jq -r .access_token)
python3 manage_users.py change-password admin
```
## Verify ZFS im Container
```bash
# Alle diese Commands funktionieren im privilegierten Container:
lxc exec zmb-webui -- zpool list
# → Zeigt tank pool vom Host
lxc exec zmb-webui -- zfs list
# → Alle Datasets
lxc exec zmb-webui -- zpool status tank
# → VDEV-Status
lxc exec zmb-webui -- zfs list -t snapshot | head
# → Snapshots
# Backend kann ZFS direkt managen:
TOKEN=$(...) # siehe oben
curl "http://localhost:9090/api/pools" \
-H "Authorization: Bearer $TOKEN"
```
## Container-Management
```bash
# Container Info
lxc info zmb-webui
# Resources begrenzen
lxc config set zmb-webui limits.memory 2GB
lxc config set zmb-webui limits.cpu 2
# Container neustarten
lxc restart zmb-webui
# Shell zugriff (jederzeit)
lxc exec zmb-webui -- bash
# Logs anschauen
lxc exec zmb-webui -- journalctl -u zmb-webui-backend -f
# Files transferieren
lxc file push ./local-file zmb-webui/root/
lxc file pull zmb-webui/root/remote-file ./
# Container Snapshot
lxc snapshot zmb-webui backup-2026-04-14
# Restore
lxc restore zmb-webui backup-2026-04-14
```
## Networking
```bash
# Container IP
lxc exec zmb-webui -- ip addr
# Extern vom Host zugreifen:
curl http://localhost:9090/health
# Vom anderen Host (wenn freigegeben):
curl http://<host-ip>:9090/health
```
## Performance im Container
```
Pool-Query: 20-50ms (vs 10-20ms bare metal)
Snapshots: 1-2s
File Upload: 100-500ms
⚠️ Overhead: ~50% (normal für virtualisierte Umgebung)
```
## Security Notes
⚠️ **Privilegierter Container:**
- Hat Root-ähnliche Zugriffe
- Kann Host-Disks direkt zugreifen
- ZFS Management im Container möglich
- **Use Case:** All-in-one Server auf Proxmox/LXD
**Mitigations:**
- Memory/CPU Limits setzen
- Firewall auf Host
- Regelmäßige Backups (`lxc snapshot`)
## Cleanup
```bash
# Container stoppen & löschen
lxc stop zmb-webui
lxc delete zmb-webui
# All snapshots entfernen
lxc delete zmb-webui/backup-2026-04-14
```
---
**Das war's!** Backend läuft im Container und kann ZFS vollständig managen. 🚀
Reference in New Issue View Git Blame Copy Permalink