I’ve been using MeshCentral for a couple of weeks and I am very impressed, the agent is very small and it works well, although I initially set it up on a Ubuntu machine following their instructions. I thought it would be handy to configure on my NAS drive as this is running all the time.
I’ve configured this with Docker-Compose but I’m sure there are probably easier ways to accomplish the same thing.
Installing Docker
First thing we need to install Docker on the NAS which is relatively straight forward, we go to Package Center, search for Docker and click Install.
Creating the required files
I created the two files from the MeshCentral docker github page here, my files are below
.env file
NODE_ENV=production HOSTNAME=meshcentral.phm.pw USE_MONGODB=false # set to your reverse proxy IP if you want to put meshcentral behind a reverse proxy REVERSE_PROXY=true REVERSE_PROXY_TLS_PORT=443 IFRAME=false ALLOW_NEW_ACCOUNTS=false WEBRTC=true ALLOWPLUGINS=false LOCALSESSIONRECORDING=false MINIFY=true
docker-compose.yml
version: "3"
services:
meshcentral:
restart: always
container_name: meshcentral
hostname: meshcentral
# use the official meshcentral container
image: ghcr.io/ylianst/meshcentral:latest
ports:
# MeshCentral will moan and try everything not to use port 80, but you can also use it if you so desire, just change the config.json according to your needs
- 8086:443
env_file:
- .env
volumes:
# config.json and other important files live here. A must for data persistence
- ./meshcentral/data:/opt/meshcentral/meshcentral-data
# where file uploads for users live
- ./meshcentral/user_files:/opt/meshcentral/meshcentral-files
# location for the meshcentral-backups - this should be mounted to an external storage
- ./meshcentral/backup:/opt/meshcentral/meshcentral-backups
# location for site customization files
- ./meshcentral/web:/opt/meshcentral/meshcentral-web
I then uploaded these two files to the docker folder on the NAS using the File Station app, I also created the folder structure for MeshCentral in the docker folder to match their instructions as so
| - meshcentral/ # this folder contains the persistent data | - data/ # MeshCentral data-files | - user_files/ # where file uploads for users live | - web/ # location for site customization files | - backup/ # location for the meshcentral-backups | - .env # environment file with initial variables | - docker-compose.yml
Enabling SSH access
To be able to run docker-compose we need SSH access to the NAS, this is enabled in Control Panel / Terminal and enable SSH.
Connecting with SSH and starting MeshCentral.
As I’m using Windows 10 i went to the command prompt and ran the following
ssh [email protected] cd volume1/docker/ sudo docker-compose up -d sudo docker-compose logs meshcentral
Although docker-compose installed MeshCentral fine, I could see from the logs I was getting an error “meshcentral | ERROR: Unable to parse /opt/meshcentral/meshcentral-data/config.json.” I quickly looked at the config file in meshcentral/data/config.json and could see the sessionkey line had got messed up somehow. The easiest thing for me to do was just to edit the file to fix the error, the line appeared as
"sessionKey": "4aN%oGCwGQ]Q]B[qe[%`WkOwonou"_sessionKey": "MyReallySecretPassword1"U]",
Not really too sure what happened there, as I did this before and it worked first time, however, I changed the line as follows
"_sessionKey": "MyReallySecretPassword1",
The underscore at the start means it is not used, so will generate a random sessionkey each time it starts.
That was it, MeshCentral was now accessible from the NAS webpage by going to https://nasname:8086 but I still need to set up the reverse proxy on the NAS to allow connections on port 443 and with a proper SSL certificate. If you are happy to leave it on port 8086 you just need to change the line in the config.json file to say
"aliasPort": 8086,
So the agents you deploy will know the correct port to use.
Hopefully I will finish off the write up in a day or two.