fankes/beszel
2
0
Fork 0
mirror of https://github.com/fankes/beszel.git synced 2025-10-19 01:39:34 +08:00
Code Issues Actions Packages Projects Releases Wiki Activity
55 Commits 1 Branch 0 Tags
f4e7b67b6db25c957ccff6d0989447bb377a4471
Go to file
Clone
Open with VS Code Open with VSCodium Open with Intellij IDEA
Download ZIP Download TAR.GZ Download BUNDLE
Henry Dollman f4e7b67b6d update readme / docker-compose
2024-07-20 17:53:02 -04:00
agent
update readme / docker-compose
2024-07-20 17:53:02 -04:00
hub
update readme / docker-compose
2024-07-20 17:53:02 -04:00
.gitattributes
force go classification
2024-07-20 17:52:51 -04:00
.gitignore
combine hub and agent repos
2024-07-20 17:10:34 -04:00
readme.md
update readme / docker-compose
2024-07-20 17:53:02 -04:00

readme.md

Beszel *WIP*

A lightweight server resource monitoring hub with historical data, docker stats, and alerts.

Introduction

Beszel has two components: the hub and the agent.

The hub is a web application, built on top of PocketBase, that provides a dashboard to view and manage your connected systems.

The agent runs on each system you want to monitor. It provides a minimal SSH server through which it communicates system information to the hub.

Installation

The hub and agent are distributed as single binary files, as well as docker images.

Docker

Hub: See the example docker-compose.yml file.

Agent: The hub provides compose content when adding a system to monitor, but you can also reference the example docker-compose.yml file.

The agent uses the host network mode, which automatically exposes the port. So change the port using an environment variable if you need to. It's set up this way so that can access stats for your host network interfaces.

If you don't want to use the host network, you may remove that line from the compose file and manually expose the port. This will prevent the network stats from populating.

Note

: The docker version of the agent cannot automatically detect the filesystem to use for disk I/O stats, so include the FILESYSTEM environment variable if you want that to work (instructions here).

Binary

Download and run the latest binaries from the releases page or use the commands below.

Hub:

curl -sL "https://github.com/henrygd/beszel/releases/latest/download/beszel_$(uname -s)_$(uname -m | sed 's/x86_64/amd64/' | sed 's/aarch64/arm64/').tar.gz" | tar -xz -O beszel | tee ./beszel >/dev/null && chmod +x beszel && ls beszel

Agent:

curl -sL "https://github.com/henrygd/beszel/releases/latest/download/beszel-agent_$(uname -s)_$(uname -m | sed 's/x86_64/amd64/' | sed 's/aarch64/arm64/').tar.gz" | tar -xz -O beszel-agent | tee ./beszel-agent >/dev/null && chmod +x beszel-agent && ls beszel-agent

Updating

Use beszel update and beszel-agent update to update to the latest version.

Environment Variables

Hub

Name Default Description
DISABLE_PASSWORD_AUTH false Disables password authentication

Agent

Name Default Description
FILESYSTEM unset Filesystem / partition to use for disk I/O stats
PORT 45876 Port to listen on

OAuth / OIDC setup

Beszel supports OpenID Connect and many OAuth2 authentication providers (see list below). To enable, do the following:

  1. Create an OAuth2 application using your provider of choice. The redirect / callback URL should be <your-beszel-url>/api/oauth2-redirect.
  2. When you have the client ID and secret, go to the "Auth providers" page and enable your provider.
Supported provider list
  • Apple
  • Bitbucket
  • Discord
  • Facebook
  • Gitea
  • Gitee
  • GitHub
  • GitLab
  • Google
  • Instagram
  • Kakao
  • LiveChat
  • mailcow
  • Microsoft
  • OpenID Connect
  • Patreon (v2)
  • Spotify
  • Strava
  • Twitch
  • Twitter
  • VK
  • Yandex

REST API

Because Beszel is built on PocketBase, you can use the PocketBase Web APIs and Client-side SDKs to read or update data from outside Beszel itself.

Security

The hub and agent communicate over SSH, so they don't need to be exposed to the internet. And the connection won't break if you put your own auth gateway, such as Authelia, in front of the hub.

When the hub is started for the first time, it generates an ED25519 key pair.

The agent's SSH server is configured to accept connections only using this key. It does not provide a pty or accept any input, so it is not possible to execute commands on the agent even if your private key is compromised.

FAQ / Troubleshooting

Agent is not connecting

Assuming the agent is running, the connection is probably being blocked by a firewall. You should add an inbound rule to allow TCP connections to the port. Check any active firewalls on the agent system, like iptables or ufw, and in your cloud provider account if applicable.

Connectivity can be tested by running telnet <agent-ip> <port> or nc -zv <agent-ip> <port> from a remote machine.

Finding the correct filesystem

The filesystem / partition to use for disk I/O stats is specified in the FILESYSTEM environment variable.

If it's not set, the agent will try to find the filesystem mounted on / and use that. This doesn't seem to work in a container, so it's recommended to set this value. One of the following methods should work (you usually want the option mounted on /):

  • Run df -h and choose an option under "Filesystem"
  • Run lsblk and choose an option under "NAME"
  • Run sudo fdisk -l and choose an option under "Device"

Month / week records are not populating reliably

Records for longer time periods are made by averaging stats from the shorter time periods. They require the agent to be running uninterrupted for long enough to get a full set of data.

If you pause / unpause the agent for longer than one minute, the data will be incomplete and the timing for the current interval will reset.

Description
Lightweight server monitoring hub with historical data, docker stats, and alerts.
Readme MIT 6 MiB
Languages
Go 86%
TypeScript 4.7%
PowerShell 4.2%
Shell 3.9%
CSS 0.5%
Other 0.6%