adds note about permissions errors

2025-12-06 10:09:31 +00:00 · 2022-11-27 15:40:42 +01:00 · 2022-11-27 15:40:42 +01:00 · 4cefd2b7b2
commit 4cefd2b7b2
parent 94463b4944
4 changed files with 58 additions and 27 deletions
--- a/README.md
+++ b/README.md
@ -165,3 +165,21 @@ I find them very hard to read.
 In addition, the API offers a lot of flexibility.
 Any command can be executed on RouterOS via the API.
 Thus it is possible to collect complex metrics.
 ### I get a PermissionError when running docker-compose up
 When bind-mounting a directory from the host into a container, files and directories
 maintain the permissions they **have on the host**. These can not be changed by Docker.
 Typically, a bind-mounted directory has permissions like these: `rwxrwxr-x`.
 This means that the container can read from the bind-mounted directory. But it can not
 write or modify the mounted files.
 This mostly works fine. But the Prometheus exporter mktxp has a specialty:
 It may update it's configuration if some keys are missing from the configuration file.
 Imagine, that the key `ipv6_firewall` is missing from the **mktxp.conf**. In this case
 mktxp will add `ipv6_firewall=false` to the configuration file instead of failing.
 This is a helpful feature, but can cause the container to crash, if the user inside
 the container lacks write permissions.
 In order to resolve this issue, make sure that all keys that mktxp currently supports
 are listed in your **mktxp.conf** file.
--- a/docker-compose.yml
+++ b/docker-compose.yml
@ -48,7 +48,7 @@ services:
  mktxp:
    # https://github.com/M0r13n/mikrotik_monitoring
    # Note: You might need to build the image yourself if not on AMD64 or ARM-v7/V8
-    image: leonmorten/mktxp:latest
+    image: mktxp:latest
    volumes:
      # Since Version v0.37 mktxp runs as single user
      # Prior it was root
@ -66,7 +66,7 @@ services:
      - ./nginx/nginx-selfsigned.crt:/etc/nginx/ssl/nginx-selfsigned.crt
      - ./nginx/self-signed.conf:/etc/nginx/ssl/self-signed.conf
    ports:
-      - 80:80
+      - 80:80  # You may adjust to some unprivileged ports
      - 443:443
    networks:
      - default
--- a/mktxp/_mktxp.conf
+++ b/mktxp/_mktxp.conf
@ -19,5 +19,7 @@
    max_delay_on_failure = 900
    delay_inc_div = 5
-	bandwidth = True                # Turns metrics bandwidth metrics collection on / off    
+    bandwidth = True                # Turns metrics bandwidth metrics collection on / off    
-	bandwidth_test_interval = 420   # Interval for colllecting bandwidth metrics
+    bandwidth_test_interval = 420   # Interval for colllecting bandwidth metrics
    verbose_mode = False            # Set it on for troubleshooting
--- a/mktxp/mktxp.conf
+++ b/mktxp/mktxp.conf
@ -11,26 +11,37 @@
 ## GNU General Public License for more details.
-[Chateau]                               # Change to your Router
+[Sample-Router]
-    capsman_clients = True
+    enabled = False         # turns metrics collection for this RouterOS device on / off
-    firewall = True
+    
-    wireless_clients = True
+    hostname = localhost    # RouterOS IP address
-    use_ssl = False
+    port = 8728             # RouterOS IP Port
-    pool = True
+    
-    wireless = True
+    username = username     # RouterOS user, needs to have 'read' and 'api' permissions
-    monitor = True
+    password = password
-    capsman = True
+    
-    netwatch = True
+    use_ssl = False                 # enables connection via API-SSL servis
-    ssl_certificate_verify = False
+    no_ssl_certificate = False      # enables API_SSL connect without router SSL certificate
-    enabled = True
+    ssl_certificate_verify = False  # turns SSL certificate verification on / off   
-    use_comments_over_names = True
+
-    no_ssl_certificate = False
+    installed_packages = True       # Installed packages
-    dhcp_lease = True
+    dhcp = True                     # DHCP general metrics
-    dhcp = True
+    dhcp_lease = True               # DHCP lease metrics
-    route = True
+    connections = True              # IP connections metrics
-    interface = True
+    pool = True                     # Pool metrics
-    poe = False                         # Enable for PoE stats
+    interface = True                # Interfaces traffic metrics
-    hostname = 192.168.0.1              # Change to your IP
+    
-    username = prometheus               # Change to your Mikrotik user
+    firewall = True                 # IPv4 Firewall rules traffic metrics
-    password = Mascha33                 # Change to your Mikrotik password
+    ipv6_firewall = False           # IPv6 Firewall rules traffic metrics
-    port = 8728                         # Default Port for Mikrotik API
+    ipv6_neighbor = False           # Reachable IPv6 Neighbors
    monitor = True                  # Interface monitor metrics
    poe = True                      # POE metrics
    public_ip = True                # Public IP metrics
    route = True                    # Routes metrics
    wireless = True                 # WLAN general metrics
    wireless_clients = True         # WLAN clients metrics
    capsman = True                  # CAPsMAN general metrics
    capsman_clients = True          # CAPsMAN clients metrics    
    use_comments_over_names = True  # when available, forces using comments over the interfaces names