For all who missed the memo in that longer thread - Scrutiny has been forked and this time this particular fork seems to have become the new “official” version. Features are added at a nice pace including (not exhaustive):
- ZFS Pool Monitoring
- Prometheus Metrics
- S.M.A.R.T Attribute Overrides
- Scheduled Reports (yay!)
- …
The repo is here.
And this is my custom app YAML as I run it on my TrueNAS. I have switched from Dockge to Dockhand for custom apps, which seems to be the best of Dockge and Portainer combined and then some.
services:
scrutiny:
cap_add:
- AUDIT_WRITE
- CHOWN
- DAC_OVERRIDE
- FOWNER
- FSETID
- KILL
- MKNOD
- NET_BIND_SERVICE
- NET_RAW
- SETFCAP
- SETGID
- SETPCAP
- SETUID
- SYS_CHROOT
cap_drop:
- ALL
deploy:
resources:
limits:
cpus: "2"
memory: 4096M
environment:
COLLECTOR_API_ENDPOINT: http://127.0.0.1:8080
NVIDIA_VISIBLE_DEVICES: void
SCRUTINY_WEB_DATABASE_LOCATION: /opt/scrutiny/config/scrutiny.db
SCRUTINY_WEB_INFLUXDB_HOST: 127.0.0.1
SCRUTINY_WEB_INFLUXDB_PORT: "8086"
SCRUTINY_WEB_LISTEN_HOST: 0.0.0.0
SCRUTINY_WEB_LISTEN_PORT: "8080"
TZ: Europe/Berlin
UMASK: "002"
UMASK_SET: "002"
COLLECTOR_ZFS_CRON_SCHEDULE: 0 0 * * *
COLLECTOR_ZFS_RUN_STARTUP: "true"
group_add:
- 568
healthcheck:
interval: 30s
retries: 5
start_interval: 2s
start_period: 15s
test:
- CMD
- curl
- --request
- GET
- --silent
- --output
- /dev/null
- --show-error
- --fail
- http://127.0.0.1:8080/api/health
timeout: 5s
image: ghcr.io/starosdev/scrutiny:latest-omnibus
platform: linux/amd64
ports:
- mode: ingress
protocol: tcp
published: 31054
target: 8080
- mode: ingress
protocol: tcp
published: 31055
target: 8086
privileged: true
restart: unless-stopped
security_opt:
- no-new-privileges=true
stdin_open: false
tty: false
user: 0:0
volumes:
- bind:
create_host_path: false
propagation: rprivate
read_only: true
source: /dev
target: /dev
type: bind
- bind:
create_host_path: false
propagation: rprivate
read_only: false
source: /mnt/nvme/apps/scrutiny/config
target: /opt/scrutiny/config
type: bind
- bind:
create_host_path: false
propagation: rprivate
read_only: false
source: /mnt/nvme/apps/scrutiny/influxdb
target: /opt/scrutiny/influxdb
type: bind
- bind:
create_host_path: false
propagation: rprivate
read_only: true
source: /run/udev
target: /run/udev
type: bind
You need to adjust the volume paths to your pool and dataset layout, and probably your timezone.
Enjoy,
Patrick